www.melhoresdestinos.com.br Open in urlscan Pro
170.82.174.15 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.melhoresdestinos.com.br/
Effective URL:
https://www.melhoresdestinos.com.br/
Submission: On January 09 via manual (January 9th 2024, 12:05:01 am UTC) from IN — Scanned from DE

Summary HTTP 233 Redirects Links 20 Behaviour Indicators

Summary

This website contacted 47 IPs in 8 countries across 42 domains to perform 233 HTTP transactions. The main IP is 170.82.174.15, located in São Paulo, Brazil and belongs to 3L CLOUD INTERNET SERVICES LTDA - EPP, BR. The main domain is www.melhoresdestinos.com.br. The Cisco Umbrella rank of the primary domain is 579516.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on September 22nd 2023. Valid for: a year.

This is the only time www.melhoresdestinos.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	170.82.173.15 170.82.173.15	266444 (3L CLOUD ...) (3L CLOUD INTERNET SERVICES LTDA - EPP)
43	170.82.174.15 170.82.174.15	266444 (3L CLOUD ...) (3L CLOUD INTERNET SERVICES LTDA - EPP)
7	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6811:626c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700::68... 2606:4700::6813:9408	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0c::9c	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:830::2001	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:806::2004	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:801::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:806::200a	15169 (GOOGLE) (GOOGLE)
15	2a00:1450:400... 2a00:1450:4001:81c::2001	15169 (GOOGLE) (GOOGLE)
32	2606:4700:20:... 2606:4700:20::681a:ad1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
1 2	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (AMOBEE) (AMOBEE)
2 17	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE)
2 2	35.204.158.49 35.204.158.49	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	34.96.105.8 34.96.105.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 2	85.114.159.93 85.114.159.93	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
3	198.47.127.19 198.47.127.19	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
1	2600:9000:224... 2600:9000:224a:ce00:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
3 3	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
3	2600:1901:0:7... 2600:1901:0:76b9::	15169 (GOOGLE) (GOOGLE)
6	2606:4700:20:... 2606:4700:20::ac43:4a81	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
2	18.245.60.72 18.245.60.72	16509 (AMAZON-02) (AMAZON-02)
20	2400:52e0:1e0... 2400:52e0:1e00::1081:1	200325 (BUNNYCDN) (BUNNYCDN)
1	199.232.192.134 199.232.192.134	54113 (FASTLY) (FASTLY)
2	2001:4860:480... 2001:4860:4802:36::15	15169 (GOOGLE) (GOOGLE)
1	91.121.248.44 91.121.248.44	16276 (OVH) (OVH)
2 4	23.199.221.167 23.199.221.167	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	142.250.184.198 142.250.184.198	15169 (GOOGLE) (GOOGLE)
1	87.118.116.9 87.118.116.9	31103 (KEYWEB-AS) (KEYWEB-AS)
1 1	35.190.0.66 35.190.0.66	15169 (GOOGLE) (GOOGLE)
2 2	2a05:d018:d29... 2a05:d018:d29:3605:e2f5:bbf4:bb4e:a1d2	16509 (AMAZON-02) (AMAZON-02)
6 6	46.228.174.117 46.228.174.117	56396 (AMOBEE) (AMOBEE)
1	35.157.107.95 35.157.107.95	16509 (AMAZON-02) (AMAZON-02)
2 2	3.76.149.124 3.76.149.124	16509 (AMAZON-02) (AMAZON-02)
1	178.250.1.9 178.250.1.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 2	51.89.9.252 51.89.9.252	16276 (OVH) (OVH)
1	18.66.248.83 18.66.248.83	16509 (AMAZON-02) (AMAZON-02)
1	18.66.248.28 18.66.248.28	16509 (AMAZON-02) (AMAZON-02)
1	18.66.248.37 18.66.248.37	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:20:... 2606:4700:20::681a:61b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.253.106.93 34.253.106.93	16509 (AMAZON-02) (AMAZON-02)
10	170.82.174.10 170.82.174.10	266444 (3L CLOUD ...) (3L CLOUD INTERNET SERVICES LTDA - EPP)
2	13.40.252.97 13.40.252.97	16509 (AMAZON-02) (AMAZON-02)
1	192.0.77.48 192.0.77.48	2635 (AUTOMATTIC) (AUTOMATTIC)
1	2606:4700::68... 2606:4700::6813:afbe	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	108.157.4.70 108.157.4.70	16509 (AMAZON-02) (AMAZON-02)
1	18.154.63.65 18.154.63.65	16509 (AMAZON-02) (AMAZON-02)
2	3.9.60.26 3.9.60.26	16509 (AMAZON-02) (AMAZON-02)
233	47

1 170.82.173.15 (São Paulo, Brazil) 1 redirects

ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR)

www.melhoresdestinos.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

43 170.82.174.15 (São Paulo, Brazil)

ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR)

www.melhoresdestinos.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:626c (United States)

ASN13335 (CLOUDFLARENET, US)

static.getclicky.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
in.getclicky.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6813:9408 (United States)

ASN13335 (CLOUDFLARENET, US)

script.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

5bfac1e78d50b6cac8dac9b8d2dd593c.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:806::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:801::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:81c::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 2606:4700:20::681a:ad1 (United States)

ASN13335 (CLOUDFLARENET, US)

as.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:678:cb4:bbbb::11 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 172.217.18.2 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.204.158.49 (Groningen, Netherlands) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.158.204.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com

tr.blismedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 85.114.159.93 (Loerrach, Germany) 2 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 198.47.127.19 (United States)

ASN3257 (GTT-BACKBONE GTT, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:224a:ce00:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 76.223.111.18 (United States) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:1901:0:76b9:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

prod-rtb.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:20::ac43:4a81 (United States)

ASN13335 (CLOUDFLARENET, US)

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.245.60.72 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-60-72.fra60.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2400:52e0:1e00::1081:1 (Germany)

ASN200325 (BUNNYCDN, SI)

a.omappapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.192.134 (United States)

ASN54113 (FASTLY, US)

melhoresdestinos.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:36::15 (United States)

ASN15169 (GOOGLE, US)

passagensaereas.melhoresdestinos.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.121.248.44 (France)

ASN16276 (OVH, FR)
PTR: ip44.ip-91-121-248.eu

pv.medialead.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.199.221.167 (Düsseldorf, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-199-221-167.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.184.198 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 87.118.116.9 (Germany)

ASN31103 (KEYWEB-AS, DE)
PTR: km36617.keymachine.de

banner.congstar.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.0.66 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com

ads.travelaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:d018:d29:3605:e2f5:bbf4:bb4e:a1d2 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 46.228.174.117 (United Kingdom) 6 redirects

ASN56396 (AMOBEE, GB)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.157.107.95 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-107-95.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.76.149.124 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-76-149-124.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.89.9.252 (London, United Kingdom) 1 redirects

ASN16276 (OVH, FR)
PTR: ip252.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.248.83 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-248-83.dus51.r.cloudfront.net

api.omappapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.248.28 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-248-28.dus51.r.cloudfront.net

pagestates-tracking.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.248.37 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-248-37.dus51.r.cloudfront.net

assets-tracking.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:61b (United States)

ASN13335 (CLOUDFLARENET, US)

static-de.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.253.106.93 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-253-106-93.eu-west-1.compute.amazonaws.com

tracking.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 170.82.174.10 (São Paulo, Brazil)

ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR)

imgmd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.40.252.97 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-40-252-97.eu-west-2.compute.amazonaws.com

track.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.77.48 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: s.w.org

s.w.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6813:afbe (United States)

ASN13335 (CLOUDFLARENET, US)

www.conrad.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.157.4.70 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-70.dus51.r.cloudfront.net

analytics.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.154.63.65 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-154-63-65.dus51.r.cloudfront.net

cdn.track.production.webgains.team	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.9.60.26 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-9-60-26.eu-west-2.compute.amazonaws.com

api.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
46	melhoresdestinos.com.br 1 redirects www.melhoresdestinos.com.br — Cisco Umbrella Rank: 579516 passagensaereas.melhoresdestinos.com.br	2 MB
38	ad4m.at as.ad4m.at — Cisco Umbrella Rank: 25279 ad4m.at — Cisco Umbrella Rank: 11048 assets.ad4m.at — Cisco Umbrella Rank: 37488	342 KB
28	doubleclick.net 4 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 269 googleads.g.doubleclick.net — Cisco Umbrella Rank: 68 stats.g.doubleclick.net — Cisco Umbrella Rank: 184 cm.g.doubleclick.net — Cisco Umbrella Rank: 338 ad.doubleclick.net — Cisco Umbrella Rank: 199	217 KB
26	googlesyndication.com 5bfac1e78d50b6cac8dac9b8d2dd593c.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 185 pagead2.googlesyndication.com — Cisco Umbrella Rank: 140	133 KB
21	omappapi.com a.omappapi.com — Cisco Umbrella Rank: 8442 api.omappapi.com — Cisco Umbrella Rank: 8671 z.omappapi.com Failed	96 KB
10	imgmd.net imgmd.net	130 KB
7	google.com region1.analytics.google.com — Cisco Umbrella Rank: 2014 www.google.com — Cisco Umbrella Rank: 6	1 KB
7	crazyegg.com script.crazyegg.com — Cisco Umbrella Rank: 4133 pagestates-tracking.crazyegg.com — Cisco Umbrella Rank: 11455 assets-tracking.crazyegg.com — Cisco Umbrella Rank: 11848 tracking.crazyegg.com — Cisco Umbrella Rank: 8652	37 KB
5	gstatic.com fonts.gstatic.com	223 KB
5	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 323	104 KB
4	1rx.io 4 redirects sync.1rx.io — Cisco Umbrella Rank: 857	3 KB
4	awin1.com 2 redirects www.awin1.com — Cisco Umbrella Rank: 15485	3 KB
4	ad4mat.net prod-rtb.ad4mat.net — Cisco Umbrella Rank: 129366 static-de.ad4mat.net — Cisco Umbrella Rank: 186994	1 KB
3	webgains.io analytics.webgains.io — Cisco Umbrella Rank: 35667 api.webgains.io — Cisco Umbrella Rank: 70957	19 KB
3	3lift.com 3 redirects eb2.3lift.com — Cisco Umbrella Rank: 731	1 KB
3	pubmatic.com image6.pubmatic.com — Cisco Umbrella Rank: 1215	248 B
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 271	195 KB
2	webgains.com track.webgains.com — Cisco Umbrella Rank: 60073	2 KB
2	onetag-sys.com 1 redirects onetag-sys.com — Cisco Umbrella Rank: 1105	587 B
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 1620	2 KB
2	unrulymedia.com 2 redirects sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 2399	1 KB
2	yahoo.com 2 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 819	1 KB
2	scorecardresearch.com sb.scorecardresearch.com — Cisco Umbrella Rank: 274	3 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 101	455 B
2	adition.com 2 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 2052	1 KB
2	simpli.fi 2 redirects um.simpli.fi — Cisco Umbrella Rank: 1428	1 KB
2	turn.com 1 redirects ad.turn.com — Cisco Umbrella Rank: 1449 r.turn.com — Cisco Umbrella Rank: 6381	869 B
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 115	3 KB
2	google.de www.google.de — Cisco Umbrella Rank: 4002	562 B
2	getclicky.com static.getclicky.com — Cisco Umbrella Rank: 16972 in.getclicky.com — Cisco Umbrella Rank: 13598	6 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 114	171 KB
1	webgains.team cdn.track.production.webgains.team — Cisco Umbrella Rank: 77762	15 KB
1	conrad.de www.conrad.de — Cisco Umbrella Rank: 83866	494 B
1	w.org s.w.org — Cisco Umbrella Rank: 4875	679 B
1	criteo.com dis.criteo.com — Cisco Umbrella Rank: 943	363 B
1	bidswitch.net x.bidswitch.net — Cisco Umbrella Rank: 590	146 B
1	travelaudience.com 1 redirects ads.travelaudience.com — Cisco Umbrella Rank: 8834	551 B
1	congstar.de banner.congstar.de — Cisco Umbrella Rank: 74078	549 B
1	medialead.de pv.medialead.de — Cisco Umbrella Rank: 39084	327 B
1	disqus.com melhoresdestinos.disqus.com	2 KB
1	smaato.net s.ad.smaato.net — Cisco Umbrella Rank: 1035	237 B
1	blismedia.com tr.blismedia.com — Cisco Umbrella Rank: 2809	174 B
233	42

	Domain	Requested by
44	www.melhoresdestinos.com.br	1 redirects www.melhoresdestinos.com.br
20	a.omappapi.com	www.melhoresdestinos.com.br a.omappapi.com
17	cm.g.doubleclick.net	2 redirects 5bfac1e78d50b6cac8dac9b8d2dd593c.safeframe.googlesyndication.com www.melhoresdestinos.com.br
15	tpc.googlesyndication.com	www.melhoresdestinos.com.br 5bfac1e78d50b6cac8dac9b8d2dd593c.safeframe.googlesyndication.com securepubads.g.doubleclick.net tpc.googlesyndication.com
14	assets.ad4m.at	as.ad4m.at
12	ad4m.at	as.ad4m.at ad4m.at
12	as.ad4m.at	5bfac1e78d50b6cac8dac9b8d2dd593c.safeframe.googlesyndication.com as.ad4m.at ad4m.at www.melhoresdestinos.com.br
10	imgmd.net	www.melhoresdestinos.com.br
7	pagead2.googlesyndication.com	5bfac1e78d50b6cac8dac9b8d2dd593c.safeframe.googlesyndication.com www.melhoresdestinos.com.br securepubads.g.doubleclick.net tpc.googlesyndication.com
7	securepubads.g.doubleclick.net	www.melhoresdestinos.com.br securepubads.g.doubleclick.net 5bfac1e78d50b6cac8dac9b8d2dd593c.safeframe.googlesyndication.com
6	www.google.com	www.melhoresdestinos.com.br 5bfac1e78d50b6cac8dac9b8d2dd593c.safeframe.googlesyndication.com tpc.googlesyndication.com
5	fonts.gstatic.com	fonts.googleapis.com
5	cdn.ampproject.org	securepubads.g.doubleclick.net
4	sync.1rx.io	4 redirects
4	www.awin1.com	2 redirects as.ad4m.at
4	5bfac1e78d50b6cac8dac9b8d2dd593c.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
4	script.crazyegg.com	www.melhoresdestinos.com.br script.crazyegg.com
3	prod-rtb.ad4mat.net	www.melhoresdestinos.com.br 5bfac1e78d50b6cac8dac9b8d2dd593c.safeframe.googlesyndication.com
3	eb2.3lift.com	3 redirects
3	image6.pubmatic.com	5bfac1e78d50b6cac8dac9b8d2dd593c.safeframe.googlesyndication.com
3	www.googletagservices.com	5bfac1e78d50b6cac8dac9b8d2dd593c.safeframe.googlesyndication.com www.melhoresdestinos.com.br
2	api.webgains.io	analytics.webgains.io
2	track.webgains.com	as.ad4m.at
2	onetag-sys.com	1 redirects 5bfac1e78d50b6cac8dac9b8d2dd593c.safeframe.googlesyndication.com
2	pm.w55c.net	2 redirects
2	sync.targeting.unrulymedia.com	2 redirects
2	pr-bh.ybp.yahoo.com	2 redirects
2	ad.doubleclick.net	2 redirects
2	passagensaereas.melhoresdestinos.com.br	www.melhoresdestinos.com.br
2	sb.scorecardresearch.com	www.melhoresdestinos.com.br
2	www.google-analytics.com	www.melhoresdestinos.com.br
2	dsp.adfarm1.adition.com	2 redirects
2	um.simpli.fi	2 redirects
2	fonts.googleapis.com	securepubads.g.doubleclick.net a.omappapi.com
2	www.google.de	www.melhoresdestinos.com.br
2	www.googletagmanager.com	www.melhoresdestinos.com.br www.googletagmanager.com
1	cdn.track.production.webgains.team	as.ad4m.at
1	analytics.webgains.io	track.webgains.com
1	www.conrad.de	as.ad4m.at
1	s.w.org	www.melhoresdestinos.com.br
1	tracking.crazyegg.com	script.crazyegg.com
1	static-de.ad4mat.net	as.ad4m.at
1	in.getclicky.com	static.getclicky.com
1	assets-tracking.crazyegg.com	script.crazyegg.com
1	pagestates-tracking.crazyegg.com	script.crazyegg.com
1	api.omappapi.com	a.omappapi.com
1	dis.criteo.com	5bfac1e78d50b6cac8dac9b8d2dd593c.safeframe.googlesyndication.com
1	x.bidswitch.net	5bfac1e78d50b6cac8dac9b8d2dd593c.safeframe.googlesyndication.com
1	ads.travelaudience.com	1 redirects
1	banner.congstar.de	as.ad4m.at
1	pv.medialead.de	as.ad4m.at
1	melhoresdestinos.disqus.com	www.melhoresdestinos.com.br
1	s.ad.smaato.net	5bfac1e78d50b6cac8dac9b8d2dd593c.safeframe.googlesyndication.com
1	tr.blismedia.com	5bfac1e78d50b6cac8dac9b8d2dd593c.safeframe.googlesyndication.com
1	r.turn.com	www.melhoresdestinos.com.br
1	ad.turn.com	1 redirects
1	stats.g.doubleclick.net	www.googletagmanager.com
1	region1.analytics.google.com	www.googletagmanager.com
1	googleads.g.doubleclick.net	www.googletagmanager.com
1	static.getclicky.com	www.melhoresdestinos.com.br
0	z.omappapi.com Failed	a.omappapi.com
233	61

This site contains links to these domains. Also see Links.

Domain
guia.melhoresdestinos.com.br
melhoresdestinos.app
www.melhorescartoes.com.br
www.civitatis.com
instagram.com
www.youtube.com
t.me
www.tiktok.com
facebook.com
twitter.com
www.metropoles.com

Subject Issuer	Validity	Valid
*.melhoresdestinos.com.br Sectigo RSA Domain Validation Secure Server CA	`2023-09-22` - `2024-09-22`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.getclicky.com E1	`2023-12-03` - `2024-03-02`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-03-09` - `2024-03-08`	a year	crt.sh
www.google.de GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
tr.blismedia.com GTS CA 1D4	`2023-12-02` - `2024-03-01`	3 months	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2023-04-20` - `2024-05-20`	a year	crt.sh
s.ad.smaato.net Amazon RSA 2048 M03	`2023-09-04` - `2024-10-02`	a year	crt.sh
prod-rtb.ad4mat.net GTS CA 1D4	`2023-11-21` - `2024-02-19`	3 months	crt.sh
*.scorecardresearch.com Sectigo RSA Organization Validation Secure Server CA	`2023-12-11` - `2024-12-10`	a year	crt.sh
a.omappapi.com R3	`2024-01-01` - `2024-03-31`	3 months	crt.sh
*.disqus.com Sectigo RSA Domain Validation Secure Server CA	`2023-04-13` - `2024-04-20`	a year	crt.sh
passagensaereas.melhoresdestinos.com.br GTS CA 1D4	`2023-12-08` - `2024-03-07`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
pv.medialead.de R3	`2023-12-04` - `2024-03-03`	3 months	crt.sh
www.awin1.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-10` - `2024-03-09`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-01` - `2024-03-01`	3 months	crt.sh
api.opmnstr.com Amazon RSA 2048 M03	`2023-12-11` - `2025-01-07`	a year	crt.sh
crazyegg.com Amazon RSA 2048 M02	`2023-05-28` - `2024-06-26`	a year	crt.sh
ad4mat.net GTS CA 1P5	`2023-11-18` - `2024-02-16`	3 months	crt.sh
imgmd.net R3	`2023-11-27` - `2024-02-25`	3 months	crt.sh
*.webgains.com Amazon RSA 2048 M01	`2023-05-15` - `2024-06-13`	a year	crt.sh
*.w.org Sectigo ECC Domain Validation Secure Server CA	`2023-12-18` - `2025-01-17`	a year	crt.sh
*.webgains.io Amazon RSA 2048 M01	`2023-07-24` - `2024-08-22`	a year	crt.sh
cdn.track.production.webgains.team Amazon RSA 2048 M03	`2023-08-30` - `2024-09-27`	a year	crt.sh

This page contains 22 frames:

Primary Page: https://www.melhoresdestinos.com.br/
Frame ID: D0DF80DC07E2B711F63A431ECC16F5E1
Requests: 114 HTTP requests in this frame

Frame: https://5bfac1e78d50b6cac8dac9b8d2dd593c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: A97A013556FA5490A02F5D8075C02A4B
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs
Frame ID: CB3E744249C83408164B1F26F4ECE4F7
Requests: 15 HTTP requests in this frame

Frame: https://5bfac1e78d50b6cac8dac9b8d2dd593c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: C868AB566B17E0D463BE08228E7D4E55
Requests: 8 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1hee4hm0w4t7d512a0s4hzrf5cq62zcenfrrq8wq25wcv94rpm1pk5vmh59m78g9myc2tmnr90fpzvntjqpamnt4wjk2nq04q5gsxktj061zpmmppcz7bq0scfhbsqae5cpde9ax9hvqrmccspmrzggmjkkz9qb07aw9k6gv896kw4qgh2vxka1mfsnedpvxbdsth9bttfkettrfgc0d45c3hqxvk77nm7ghr8ncfder4pcqk0vrgnazqgy8hxa0fwmxgz8gmnhnw2x2fwgd9znt10ev84ed5yeaad7asqwm57j5ar2pddgjf95tzpa32cba50v5655d45g5trg72tjftydj5agf64843h5vdmw2z84jsnpe1wxvtree19vwph97f5wtn0pswc08my54ahk57fpe8m5n1exqqacq5jzpfkj8mnh6vk5q7pjtvksn99ngdkfey4&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCajKRpo2cZb2MFqj01PIP3IeCyAeQ4YGEXLaoworwAsCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi02MTIwODA1OTE3NjU1MTAwyAEJqQKHoCQ3TGKyPuACAKgDAcgDAqoEwgJP0PZFdyzoi1ev7Bcv6nImIChwq8aCl_TLKSV23xK4yiKqi8UuiyA75zyU7r9slQTVPtyvYMVBv1_-1cvbOMbjV6OwSTXFeeHh8xKhbEns0crUjEdfUtrQu8selYWXN9Y14H1b3e9kferepHdUCRumLiE52dCvq63ehChHRdgQC8OtHA9oRXsd9LTULeQx3cHFvszKKVyidxjINifygx9_-iVAiopK-iofgWXtUesk_otIZb7Ds0i_w0WZvFMPfNEBk6oWz0_ej_v3QjZ6gh-gd0Z6JZfyylFD6DB6UX5jENVnxKzbwGeYtvPMuifrnaCTkMskcASYRyCZaQQGGj5X2y0Tc5sRV8E0isFDQZYTo_DYMqcFwthjrCBH1WQuRCtd_spw1jNR1eg863_HTU7pXZosxuYRUB-nbvTWkpECmqem4AQBgAa1_JHwlYSy7-IBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WLGvnYOBz4MD-gsCCAGADAHiDRMI3Oedg4HPgwMVKDpVCB3cgwB50BUBgBcB%26num%3D1%26sig%3DAOD64_3COeXIcSXmgR8V1yFe-VG0Uje8_g%26client%3Dca-pub-6120805917655100%26adurl%3D
Frame ID: 5D168972539385F7D192481B0CBA6442
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: D3B712B1611404B64A5361A18B4780AA
Requests: 9 HTTP requests in this frame

Frame: https://ad4m.at/cookie-frame.html
Frame ID: 96B582A8F3C1F91A564C6F8C3F1EB688
Requests: 1 HTTP requests in this frame

Frame: https://5bfac1e78d50b6cac8dac9b8d2dd593c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: F345FB44D819E7577EBB9F0713CA1301
Requests: 1 HTTP requests in this frame

Frame: https://5bfac1e78d50b6cac8dac9b8d2dd593c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 84AE7594DBFA9290A28A1D9D4AE8365D
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=34719%2C117569%2C22451&b=KXRURfZfk7dT5HMHktPteG4S7SAT88qcp25b%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2CG1rtBfpf8m7SKHeHGtPt31dHZSYTJJkCQV5M&f=kkDa5f3fBKMa4HwHetmCw5WuZSjTmmAa91Ye%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CVb8twfmfQxbhVHbHAtXC8j4cBSzTggWuDJ7x&c=300&d=250&e=&g=3e2445f27605b758fa02d6fb44e6a8d9%2F11117739943320941839&i=26474%2C29981%2C25174&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1704758695216&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j7rz37kenrq7ky69x04kfrp79kngzzdk3v480gnngwe1426vtvh4yx9raew81fh003sz09zbwcwj6zbsfyvxxvszzrxh9hbzckp6s3argg3gvnq0ev19zpkcpkz1x2qc7pgbezngxad8eygqa6vxccf63xbyhtvemqh3y12ehrcywe61m19nf7b4a04xmw8sb2nye7my8172b0tf7fn107ha2wrj0sc6a3hb461gyc6fnxd9aacb76tkn0sn91jxdz8428gskkhvtmmpagdmmw3%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCajKRpo2cZb2MFqj01PIP3IeCyAeQ4YGEXLaoworwAsCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi02MTIwODA1OTE3NjU1MTAwyAEJqQKHoCQ3TGKyPuACAKgDAcgDAqoEwgJP0PZFdyzoi1ev7Bcv6nImIChwq8aCl_TLKSV23xK4yiKqi8UuiyA75zyU7r9slQTVPtyvYMVBv1_-1cvbOMbjV6OwSTXFeeHh8xKhbEns0crUjEdfUtrQu8selYWXN9Y14H1b3e9kferepHdUCRumLiE52dCvq63ehChHRdgQC8OtHA9oRXsd9LTULeQx3cHFvszKKVyidxjINifygx9_-iVAiopK-iofgWXtUesk_otIZb7Ds0i_w0WZvFMPfNEBk6oWz0_ej_v3QjZ6gh-gd0Z6JZfyylFD6DB6UX5jENVnxKzbwGeYtvPMuifrnaCTkMskcASYRyCZaQQGGj5X2y0Tc5sRV8E0isFDQZYTo_DYMqcFwthjrCBH1WQuRCtd_spw1jNR1eg863_HTU7pXZosxuYRUB-nbvTWkpECmqem4AQBgAa1_JHwlYSy7-IBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WLGvnYOBz4MD-gsCCAGADAHiDRMI3Oedg4HPgwMVKDpVCB3cgwB50BUBgBcB%2526num%253D1%2526sig%253DAOD64_3COeXIcSXmgR8V1yFe-VG0Uje8_g%2526client%253Dca-pub-6120805917655100%2526adurl%253D&y=1&s=&z=0
Frame ID: 35952B5468E73A42CFA71654106B1450
Requests: 11 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1h4mcgmt1jme0qbxszhasejfjs3txyh7n9552wy86ysmz61yp56dmkf2me83v2axgvw5ab8wp7bd3fndk79615ett8d1vmrrwrvzgjgxy8k7hb0m6g6xhcmyv1pesw6b5t9adywrv6605jg1cnamss6a6s1cz0h4758hbw9j9wtwwxhaxr9zmy6kdyx5p3x45130qtm9ahcjaagxsp76d5z13nyfc0c5va8an4s3jk4axvvrhade7wdjz4vabvra9wjsh7h979qk1by3bgsy6ppsex8a43c1qgjmh069j94kw4z4y1adv5n98rx1m82mj4s7shhak0wamzghcbrp0x2a924smd4k2ma3jvmrx6whx7242w0ayqc1t2qcqpy0d35km80nhyv2j8wpn4qtqj7bwpyre14wx57a755t4vrj0trsx96f4bc4zcmhdycnpggesm7f&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCyWjypo2cZbyMFqj01PIP3IeCyAeQ4YGEXLaoworwAsCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi02MTIwODA1OTE3NjU1MTAwyAEJqQKHoCQ3TGKyPuACAKgDAcgDAqoEwQJP0DO2FEWyVTMkjpPTxxOp0BrqvcosurZiN1JsFAA0JOtxAlbG7Ept6tsQydxRhH-Sdc6Xu5vd_vj-XEcr-wroylCTe3LwXD1NDECygw2P_EtIXbgeDXbQ90bedK29vf9v3DDbsdQ6EIydeXkoAx47DmwxIcEUWHH8_AOtk50Pybs93Ha32ilHw7fRswvVcvukxNxsGnvFWChZthho6SRsB-ab3mZYgLL18fWlHCtjsq_mU39ec-Ryqv-H3GQEjnP31WBJdXoKwMmOv-NibH8kefOKyWZzGKiw_sjXbTnNm0wEztKA_-kmjUYnvRQAlXlptqAr2TCk8t9_4sm8spkpzPhOTBaK8G3bT2YljEw8pLH6SuA80EXv2NZ2kbivD2fhOZDmrGSYnqDMnqH3jTIrMIoSyX6WMh8KFrDAEyW3jI3gBAGABrnqssHX0466vgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYsa-dg4HPgwP6CwIIAYAMAeINEwjb552Dgc-DAxUoOlUIHdyDAHnQFQGAFwE%26num%3D1%26sig%3DAOD64_3K4XSIv_PnvURJgKjQ-rhqoh_Nnw%26client%3Dca-pub-6120805917655100%26adurl%3D
Frame ID: 297B3D15B555207DF9C4AE9E89095685
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20240104/r20110914/client/window_focus_fy2021.js
Frame ID: 8A17295D3250C2092BA646E177317E62
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 5FE3D5A83ED258F3744199E0D0CC9E19
Requests: 9 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1hzj67jjy60wdxe6x67422ngjs726rg8m6gnwa0g5t442tmvgn9nz8556hznc0s2k8bvyg8ncc3bh7nt9ykcbze9023qtvtxj9e060q5gdhkv8aa3198em8cbxnsgv4j0n31p582daa2tytteh490gd96ezgmfbmes4xa0t7qkrhrkfwrc9t6p80z19dkcxp8d60h9kdssk0ngg3zw8hztmh7k0zcvhaz768bd17e1jexvx3sdv54q18g6ec87fzd9cdd182tb642s59868633bm8wqaj1cksa969gfgg3jm20qhhf7bweja4497v3vvc3egjmvmxtvfmcsdmdf3fj2swz64tkz88pnhexr4n44bfr4s4b0e60kvwcp0jhqbdw86ey6jp29b0atbyyh8q107wm2apm7p0b0cgqebmeher6tsvzgjsb7yfkan1n7yqkw9qxve&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCKlsXpo2cZb6MFqj01PIP3IeCyAeQ4YGEXLaoworwAsCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi02MTIwODA1OTE3NjU1MTAwyAEJqQKHoCQ3TGKyPuACAKgDAcgDAqoEwgJP0JrNHWABItPN-wmKp0sjgVs4Y2iFXwya43DSK2NwRFJj70TllDapgqsRTQfUM0Oc6m4AeKCC783S-GHblV_71SwqYjlQ00ATw6wmwqMAS0TSgcy0pD98-cn80OBe22mcuMcJSRO5y3RZ6IhDobLsoBs5-_cdlZMfLJLzymzWdRbI5oR0DUh3AIaSI1n4kiTn8sRj05DBeqt_4T9xGmWVZJsLUewZhletNrcQ8W2cGhPDlLtpdlGld6NRgKQZfxghlxNyriqZqW4lRhAPOWsj8-I3PNqj4xMbVDlvxa4aGMmT5D_4AXTSUI6gUQqjdP_ULGUpr0ynsVzZaxCauY6RVqK8nKJYkC6USJmAUL1EOBv0KK17EaAbTJhRC2CczTY-dAWTUVJQL43_hGd4bmBJY_4HGByXx24lYdzMSuACtF2q4AQBgAaalv6x-5b39cgBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WLGvnYOBz4MD-gsCCAGADAHiDRMI3eedg4HPgwMVKDpVCB3cgwB50BUBgBcB%26num%3D1%26sig%3DAOD64_2FGGt69vZhY-aSs-IfNwungNBNSQ%26client%3Dca-pub-6120805917655100%26adurl%3D
Frame ID: F358451920FE3FF2867181802EEE21D4
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20240104/r20110914/client/window_focus_fy2021.js
Frame ID: 65D2D89523397099B28E86F828A1381A
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: D05B0E3045981898AC0FE28110A85F71
Requests: 9 HTTP requests in this frame

Frame: https://ad4m.at/cookie-frame.html
Frame ID: 332EB0DB94531B516E0FBCAF6B8A6093
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/cookie-frame.html
Frame ID: 2765CB7BC057C723E43F86F96C88EEED
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=43766%2C19769%2C197862&b=791CqfzfGk6urHXHgtAtWJBH4S1TQQ2f2kBW%2Cjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2C3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3&f=EDbhDfEfRDqFzHAHjt6C3BqfKSVTYYgSBgdP%2CxmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W&c=728&d=90&e=&g=c5fa743b39a02594cbcc60731a801ec0%2F8878562932021235608&i=24891%2C21630%2C71725&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1704758695597&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kt46gd71yv7k4t1g4sxj9t8dv7gwtvyefckaynd2051dkevz8bq76jty6j2gb963tj8gtgpvp4e4yeymvsn0adg9zjgs32df1vs3ke6h03twbvtphyc9e7wg8xa9cb0hbvnt98adwvttb2b4azj0wb0968qfh66g98ct1qpcvm0sjm7rada544hegpvye66s0hydvmnnmfxfwz2q8t5p4n1y6cnv5r6m8ys59243mwjywy9arksdd0e0fsd7r3h36t0hjav8mtbrgksmzg77vjx%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCyWjypo2cZbyMFqj01PIP3IeCyAeQ4YGEXLaoworwAsCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi02MTIwODA1OTE3NjU1MTAwyAEJqQKHoCQ3TGKyPuACAKgDAcgDAqoEwQJP0DO2FEWyVTMkjpPTxxOp0BrqvcosurZiN1JsFAA0JOtxAlbG7Ept6tsQydxRhH-Sdc6Xu5vd_vj-XEcr-wroylCTe3LwXD1NDECygw2P_EtIXbgeDXbQ90bedK29vf9v3DDbsdQ6EIydeXkoAx47DmwxIcEUWHH8_AOtk50Pybs93Ha32ilHw7fRswvVcvukxNxsGnvFWChZthho6SRsB-ab3mZYgLL18fWlHCtjsq_mU39ec-Ryqv-H3GQEjnP31WBJdXoKwMmOv-NibH8kefOKyWZzGKiw_sjXbTnNm0wEztKA_-kmjUYnvRQAlXlptqAr2TCk8t9_4sm8spkpzPhOTBaK8G3bT2YljEw8pLH6SuA80EXv2NZ2kbivD2fhOZDmrGSYnqDMnqH3jTIrMIoSyX6WMh8KFrDAEyW3jI3gBAGABrnqssHX0466vgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYsa-dg4HPgwP6CwIIAYAMAeINEwjb552Dgc-DAxUoOlUIHdyDAHnQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3K4XSIv_PnvURJgKjQ-rhqoh_Nnw%2526client%253Dca-pub-6120805917655100%2526adurl%253D&y=1&s=&z=0
Frame ID: A0014D2E9F3D233CCD6A34A68C6088EC
Requests: 14 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=537178&b=dk8aEfkf47VzcEHjHwtEtbXQfeS4T55PfgVPW&f=KXRURfZfK8m6S5HMHktzCB2Gh7SAT88qcp25b&c=300&d=50&e=&g=2e75643854e1e629df1242c45af7d972%2F18026590647324241718&i=21596&j=16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1704758695708&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1knb2z6rx3b5fpp5133929qty82ywnfz7sbj2em3nyh5qfnzhk1yyjzjjp4hks5exrb96c4ymzstysnfphrzb54q97znwch4n5rn300ffxb6zk7mxygrrb0bgtke7mrkhcp31nf2knfx1mwkq8q7jwmzda9savdx1evd7ag94w8cay585pz3dxp4vtgjqypjg7nbbjg6gnkntbxhftwxh6p4npns7q7j4pt92t0qrseww8c75t3czy43p8mda9r90jtc5qx10ej2mj4stf0c1zx2%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCKlsXpo2cZb6MFqj01PIP3IeCyAeQ4YGEXLaoworwAsCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi02MTIwODA1OTE3NjU1MTAwyAEJqQKHoCQ3TGKyPuACAKgDAcgDAqoEwgJP0JrNHWABItPN-wmKp0sjgVs4Y2iFXwya43DSK2NwRFJj70TllDapgqsRTQfUM0Oc6m4AeKCC783S-GHblV_71SwqYjlQ00ATw6wmwqMAS0TSgcy0pD98-cn80OBe22mcuMcJSRO5y3RZ6IhDobLsoBs5-_cdlZMfLJLzymzWdRbI5oR0DUh3AIaSI1n4kiTn8sRj05DBeqt_4T9xGmWVZJsLUewZhletNrcQ8W2cGhPDlLtpdlGld6NRgKQZfxghlxNyriqZqW4lRhAPOWsj8-I3PNqj4xMbVDlvxa4aGMmT5D_4AXTSUI6gUQqjdP_ULGUpr0ynsVzZaxCauY6RVqK8nKJYkC6USJmAUL1EOBv0KK17EaAbTJhRC2CczTY-dAWTUVJQL43_hGd4bmBJY_4HGByXx24lYdzMSuACtF2q4AQBgAaalv6x-5b39cgBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WLGvnYOBz4MD-gsCCAGADAHiDRMI3eedg4HPgwMVKDpVCB3cgwB50BUBgBcB%2526num%253D1%2526sig%253DAOD64_2FGGt69vZhY-aSs-IfNwungNBNSQ%2526client%253Dca-pub-6120805917655100%2526adurl%253D&y=1&s=&z=0
Frame ID: 19D075E580196B1B45352D6754526295
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 2696C2B0A374BB756C12239F441D35D8
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 9E3EA441CF08B922E2C8D5206E6E3DDF
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Melhores Destinos - Passagens aéreas baratas

Page URL History Show full URLs

http://www.melhoresdestinos.com.br/ HTTP 301
https://www.melhoresdestinos.com.br/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Clicky (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.getclicky\.com

Crazy Egg (Analytics) Expand

Overall confidence: 100%
Detected patterns

script\.crazyegg\.com/pages/scripts/\d+/\d+\.js

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Webgains (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

analytics\.webgains\.io

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

Page Statistics

233
Requests

91 %
HTTPS

45 %
IPv6

42
Domains

61
Subdomains

47
IPs

8
Countries

4012 kB
Transfer

6843 kB
Size

37
Cookies

20 Outgoing links

These are links going to different origins than the main page.

URL: https://guia.melhoresdestinos.com.br/destinos
Title: Guias

Search URL Search Domain Scan URL

URL: https://melhoresdestinos.app/menublog
Title: Baixar o app

Search URL Search Domain Scan URL

URL: https://melhoresdestinos.app/post

Search URL Search Domain Scan URL

URL: https://www.melhorescartoes.com.br/cartoes-caixa-anuidade-gratis-vitalicia-jan24.html
Title: Aniversário Caixa terá oferta de cartões com anuidade grátis para sempre – confira as regras e programe-se! Daniel Gadelha há 3 dias

Search URL Search Domain Scan URL

URL: https://www.melhorescartoes.com.br/latam-pass-resgate-amsul-jan24.html
Title: Latam Pass tem voos para Argentina, Chile e Peru a partir de 10 mil pontos Daniel Gadelha há 3 dias

Search URL Search Domain Scan URL

URL: https://www.melhorescartoes.com.br/latam-pass-resgate-miami-jan24.html
Title: Muito barato! Latam Pass tem voos para Miami a partir de 28 mil pontos! Daniel Gadelha há 3 dias

Search URL Search Domain Scan URL

URL: https://www.melhorescartoes.com.br/novos-beneficios-clube-livelo-jan24.html
Title: Novos benefícios do Clube Livelo começam a valer hoje – confira o que muda Orseni Pequeno há 3 dias

Search URL Search Domain Scan URL

URL: https://www.civitatis.com/pt?aid=11641&cmp=blocos-homemd
Title: Ingressos e passeios

Search URL Search Domain Scan URL

URL: https://guia.melhoresdestinos.com.br/
Title: guias de destino

Search URL Search Domain Scan URL

URL: https://instagram.com/melhoresdestinos

Search URL Search Domain Scan URL

URL: https://instagram.com/melhoresdestinos_guia

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/melhoresdestinos

Search URL Search Domain Scan URL

URL: https://t.me/melhoresdestinos

Search URL Search Domain Scan URL

URL: https://www.tiktok.com/@melhoresdestinos?lang=pt_BR

Search URL Search Domain Scan URL

URL: https://facebook.com/melhoresdestinos

Search URL Search Domain Scan URL

URL: https://twitter.com/passagensaereas

Search URL Search Domain Scan URL

URL: https://guia.melhoresdestinos.com.br/arraial-do-cabo-190-c.html
Title: Arraial do Cabo

Search URL Search Domain Scan URL

URL: https://guia.melhoresdestinos.com.br/gramado-canela-7-c.html
Title: Gramado

Search URL Search Domain Scan URL

URL: https://guia.melhoresdestinos.com.br/porto-de-galinhas-113-c.html
Title: Porto de Galinhas

Search URL Search Domain Scan URL

URL: https://www.metropoles.com/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.melhoresdestinos.com.br/ HTTP 301
https://www.melhoresdestinos.com.br/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 59

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEP5fc1cO8smJ8txW3nr9mC4&google_cver=1&google_push=AXcoOmQ_tJ5v9maj_CJ8a3lZtTIpbPaFn72UH5N3bAyupa9vLmhvCQdIsysRQABCOPtOfaRUDC-8NIGq2tnskX_73w6811beeu_nTA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=ODU0Mjk0MDQzNzgwODg0Nzg0MQ==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEP5fc1cO8smJ8txW3nr9mC4&google_cver=1

Request Chain 60

https://um.simpli.fi/gp_match?google_gid=CAESEJO-VRnDyHo8zSu6Kbo2ZGg&google_cver=1&google_push=AXcoOmR2KXGMj6XMX-oCL6X5CFgvpWgbocggZMjiwn7Nvtnjn1RTIs4cik6KzqH9PSy9WXfhY5UovTet3i2yco7EMr0tpky2RLDcng HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=F9D91BD4AC174CAB98BE824B1E6736E2&google_push=AXcoOmR2KXGMj6XMX-oCL6X5CFgvpWgbocggZMjiwn7Nvtnjn1RTIs4cik6KzqH9PSy9WXfhY5UovTet3i2yco7EMr0tpky2RLDcng

Request Chain 62

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEGerr3RoK0Zs8bfe-Jl88JU&google_cver=1&google_push=AXcoOmSEA8Tkf2bA-ZPdM2tdSzhbcfq3LW3yz7lYir5EYKfptAHFZJTS2Oa5Q8HZahKGFkapUkzWCoOVOXAv8JsnVeYrU9FTZIb2Sg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMyMTg4Mjg0MjU5ODM0MDc2NA%3D%3D&google_push=AXcoOmSEA8Tkf2bA-ZPdM2tdSzhbcfq3LW3yz7lYir5EYKfptAHFZJTS2Oa5Q8HZahKGFkapUkzWCoOVOXAv8JsnVeYrU9FTZIb2Sg

Request Chain 65

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEM9njP6IbWCzscfi9rtWWdY&google_cver=1&google_push=AXcoOmTOwFTtFz6QOeIhIHAEpyESeLCAn1aUrSSjcMW7efHnk65j3-A3SbuLypy7AeU_9iFzoalsMu3L2s7AbKWE4yPkXMIye2_BiQ HTTP 302
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AXcoOmTOwFTtFz6QOeIhIHAEpyESeLCAn1aUrSSjcMW7efHnk65j3-A3SbuLypy7AeU_9iFzoalsMu3L2s7AbKWE4yPkXMIye2_BiQ&google_gid=CAESEM9njP6IbWCzscfi9rtWWdY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzA1MjM4OTkzMjU2NDA4MjA2NDI2MQ%3D%3D&google_push=AXcoOmTOwFTtFz6QOeIhIHAEpyESeLCAn1aUrSSjcMW7efHnk65j3-A3SbuLypy7AeU_9iFzoalsMu3L2s7AbKWE4yPkXMIye2_BiQ

Request Chain 129

https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%2F%2Fwww.awin1.com%2Fcawshow.php%3Fv=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneidG1rtBfpf8m7SKHeHGtPt31dHZSYTJJkCQV5Moneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_pre=CPie34OBz4MDFWrzEQgdgAYFOA;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%2F%2Fwww.awin1.com%2Fcawshow.php%3Fv=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneidG1rtBfpf8m7SKHeHGtPt31dHZSYTJJkCQV5Moneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneidG1rtBfpf8m7SKHeHGtPt31dHZSYTJJkCQV5Moneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1704758695_b83ed0d0-ae82-11ee-86b5-22356fe9f584

Request Chain 130

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEGerr3RoK0Zs8bfe-Jl88JU&google_cver=1&google_push=AXcoOmTB8K98jtxplxojXbCmG2QI4Rl3vUecTpJCvgtzQToXMO7KDXaQnBAQUeJH_apEuEmshM-VdNmeaAzq5fIlCZc2mv6Baz0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMyMTg4Mjg0MjYwNjA3Mzk5OA%3D%3D&google_push=AXcoOmTB8K98jtxplxojXbCmG2QI4Rl3vUecTpJCvgtzQToXMO7KDXaQnBAQUeJH_apEuEmshM-VdNmeaAzq5fIlCZc2mv6Baz0

Request Chain 131

https://ads.travelaudience.com/google_pixel?google_gid=CAESEDsixLL0PsrWilZiSpceeD4&google_cver=1&google_push=AXcoOmSFWMRmlubN2WDSUYRBGZaOOv2D6sdYvnWjcV2ldPdvyn9pEqzLfZQLOpmDmQXwC0wo6eg_9RoIcEHrglOp51XG4AtHsrc HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=ws-tiNz2TwgpmmyPlwVGoA&google_push=AXcoOmSFWMRmlubN2WDSUYRBGZaOOv2D6sdYvnWjcV2ldPdvyn9pEqzLfZQLOpmDmQXwC0wo6eg_9RoIcEHrglOp51XG4AtHsrc

Request Chain 132

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEFmRDgmAVTHvMIfIt2OLj6M&google_cver=1&google_push=AXcoOmTayVH1GR8Qm6ldG5JeSekVxgrYG_4IBS-y9P1i_7VuLstbg6QbUIJWGPHWtwbqe_xr9SCu4nuIOtzeJoUaCtiwGNNKSIA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTayVH1GR8Qm6ldG5JeSekVxgrYG_4IBS-y9P1i_7VuLstbg6QbUIJWGPHWtwbqe_xr9SCu4nuIOtzeJoUaCtiwGNNKSIA&google_hm=eS1uMzNVUVFORTJwSHg1b19mQWRuWlZyVTRlSW16cXBZTH5B

Request Chain 134

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEK_uq1a44UMB-y9Y1m1dIrI&google_cver=1&google_push=AXcoOmQFPJFtJvekDK8XomKQuHhkF0vk-ldFoXGu3AhoPiJcnn28VtisQMa1q2mRnD-GXds5qSyXTbjJyabljDdzE1_N4kPtGg HTTP 302
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AXcoOmQFPJFtJvekDK8XomKQuHhkF0vk-ldFoXGu3AhoPiJcnn28VtisQMa1q2mRnD-GXds5qSyXTbjJyabljDdzE1_N4kPtGg&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1704758695434 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-75528251-5580-4c5c-ad72-008d2bfc7d89-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAXcoOmQFPJFtJvekDK8XomKQuHhkF0vk-ldFoXGu3AhoPiJcnn28VtisQMa1q2mRnD-GXds5qSyXTbjJyabljDdzE1_N4kPtGg%26google_hm%3DA3VSglFVgExcrXIAjSv8fYk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmQFPJFtJvekDK8XomKQuHhkF0vk-ldFoXGu3AhoPiJcnn28VtisQMa1q2mRnD-GXds5qSyXTbjJyabljDdzE1_N4kPtGg&google_hm=A3VSglFVgExcrXIAjSv8fYk

Request Chain 135

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEM9njP6IbWCzscfi9rtWWdY&google_cver=1&google_push=AXcoOmTib0fZ7eLDjJefOIY5FzHVicmg57coUhKTqC64nITK2FZx84yyr5v0XvpgttCJ4Ws62OIZJZOmMfzC6jElIXrF5crh7A HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzA1MjM4OTkzMjU2NDA4MjA2NDI2MQ%3D%3D&google_push=AXcoOmTib0fZ7eLDjJefOIY5FzHVicmg57coUhKTqC64nITK2FZx84yyr5v0XvpgttCJ4Ws62OIZJZOmMfzC6jElIXrF5crh7A

Request Chain 138

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEMbjZbmNPSx9K7rAW1C3HIs&google_cver=1&google_push=AXcoOmSABG0JunnzuK5nrzjQwzbmnfGi-fmhR7PHqD3nJ2LZ2qy-2yvNUGan_ZbaSr9csUuimArANOZrer72W_sgbV6MeSku2fjP HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEMbjZbmNPSx9K7rAW1C3HIs&google_cver=1&google_push=AXcoOmSABG0JunnzuK5nrzjQwzbmnfGi-fmhR7PHqD3nJ2LZ2qy-2yvNUGan_ZbaSr9csUuimArANOZrer72W_sgbV6MeSku2fjP HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=bUR1dHZQbTkxUm1aQlo1&google_gid=CAESEMbjZbmNPSx9K7rAW1C3HIs&google_cver=1&google_push=AXcoOmSABG0JunnzuK5nrzjQwzbmnfGi-fmhR7PHqD3nJ2LZ2qy-2yvNUGan_ZbaSr9csUuimArANOZrer72W_sgbV6MeSku2fjP

Request Chain 139

https://um.simpli.fi/gp_match?google_gid=CAESEJO-VRnDyHo8zSu6Kbo2ZGg&google_cver=1&google_push=AXcoOmQ01knE5tUwUYNTOYOZZlYz7pklFtPbYwBl82DSzW9RPJU_4yc9zt4WK5mXxF03OV8PirIVzJwJDcCs5IMeV5tAhyzD0lc- HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=F9D91BD4AC174CAB98BE824B1E6736E2&google_push=AXcoOmQ01knE5tUwUYNTOYOZZlYz7pklFtPbYwBl82DSzW9RPJU_4yc9zt4WK5mXxF03OV8PirIVzJwJDcCs5IMeV5tAhyzD0lc-

Request Chain 140

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEFmRDgmAVTHvMIfIt2OLj6M&google_cver=1&google_push=AXcoOmQbgHUEyb0APLHdjSOqmH0F5et2MwIHXBpPhRS3mEGcfOlxaeV0vGYwYyx16r__j0i77nzegS4CCQe5NsNqCcq4nLI7DqKB HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQbgHUEyb0APLHdjSOqmH0F5et2MwIHXBpPhRS3mEGcfOlxaeV0vGYwYyx16r__j0i77nzegS4CCQe5NsNqCcq4nLI7DqKB&google_hm=eS01dl85MDZ0RTJwRTNqOHZUNEdSOVJQY1Z6QUM0SUVfTH5B

Request Chain 143

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEK_uq1a44UMB-y9Y1m1dIrI&google_cver=1&google_push=AXcoOmTr-97nzJeB25kmMua4oCbHl_o83m-pbOcXLeEEmc0HuHT6VFufVNYG4FLtVXldURbzjOntrbZ_i56meZAkBucX_IW5Rrwz HTTP 302
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AXcoOmTr-97nzJeB25kmMua4oCbHl_o83m-pbOcXLeEEmc0HuHT6VFufVNYG4FLtVXldURbzjOntrbZ_i56meZAkBucX_IW5Rrwz&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1704758695433 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-75528251-5580-4c5c-ad72-008d2bfc7d89-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAXcoOmTr-97nzJeB25kmMua4oCbHl_o83m-pbOcXLeEEmc0HuHT6VFufVNYG4FLtVXldURbzjOntrbZ_i56meZAkBucX_IW5Rrwz%26google_hm%3DA3VSglFVgExcrXIAjSv8fYk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmTr-97nzJeB25kmMua4oCbHl_o83m-pbOcXLeEEmc0HuHT6VFufVNYG4FLtVXldURbzjOntrbZ_i56meZAkBucX_IW5Rrwz&google_hm=A3VSglFVgExcrXIAjSv8fYk

Request Chain 144

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEIqaX29S-ppe8X2gTCpyzZ4&google_cver=1&google_push=AXcoOmT0lo4owDRfHxs3GTWi6Yg2RVOi69L6HV9cko1NgTgQMmTj7QggVGxBWKPtfTqh7YjgRPnkuL77bK9adw1igBIAjPbar8yhHA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmT0lo4owDRfHxs3GTWi6Yg2RVOi69L6HV9cko1NgTgQMmTj7QggVGxBWKPtfTqh7YjgRPnkuL77bK9adw1igBIAjPbar8yhHA HTTP 302
https://onetag-sys.com/match/?int_id=19&google_error=5

Request Chain 214

https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneiddk8aEfkf47VzcEHjHwtEtbXQfeS4T55PfgVPWoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.conrad.de/ztpv.php?awc=11354_412871_1704758695_b86c9790-ae82-11ee-8694-226555b1c0ac&insert=AW&&gdpr=0&gdpr_consent=

233 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.melhoresdestinos.com.br/
Redirect Chain

http://www.melhoresdestinos.com.br/
https://www.melhoresdestinos.com.br/

122 KB
26 KB

794ms
333ms

Document
text/html

170.82.174.15
EPP

General

Check archive.org

Show headers Download Go to

Full URL: https://www.melhoresdestinos.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),
Reverse DNS
Software: gocache /
Resource Hash: 2a6a517e5a00a172a46f4949d3176e148657c2205da99e98533cb60f4cb62e63

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Tue, 09 Jan 2024 00:04:53 GMT
link: <https://www.melhoresdestinos.com.br/wp-json/>; rel="https://api.w.org/"
server: gocache
via: 1.1 google
x-gocache-cachestatus: HIT

Redirect headers

Connection: keep-alive
Content-Length: 166
Content-Type: text/html
Date: Tue, 09 Jan 2024 00:04:53 GMT
Keep-Alive: timeout=15
Location: https://www.melhoresdestinos.com.br/
Server: gocache

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 97 KB
29 KB 121ms
72ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.melhoresdestinos.com.br
URL: https://www.melhoresdestinos.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fac3b9e36ffcc9793a5f6bccf70784d4b7b2e0bcf81da427e448e758b67e81c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.melhoresdestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 00:04:54 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29338
x-xss-protection: 0
server: cafe
etag: 549 / 19731 / m202401020101 / config-hash: 6914489111508300537
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 09 Jan 2024 00:04:54 GMT

GET
H2 200 logo-melhores-destinos-min.svg
www.melhoresdestinos.com.br/wp-content/themes/md2023/img/ 20 KB
8 KB 396ms
395ms Image
image/svg+xml 170.82.174.15
EPP

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.melhoresdestinos.com.br/wp-content/themes/md2023/img/logo-melhores-destinos-min.svg
Requested by: Host: www.melhoresdestinos.com.br
URL: https://www.melhoresdestinos.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),
Reverse DNS
Software: gocache /
Resource Hash: 705ee29a691cf7c27076f9f7d2115a820f537ef83bb852a7894134b2c73e4af4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.melhoresdestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: public
date: Tue, 09 Jan 2024 00:04:54 GMT
via: 1.1 google
content-encoding: gzip
last-modified: Tue, 07 Nov 2023 03:29:01 GMT
server: gocache
etag: W/"6549aefd-514f"
x-gocache-cachestatus: HIT
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=15552000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 07 Jul 2024 00:04:54 GMT

GET
H2 200 passagens-aereas-dubai-capa2019-02.jpg
www.melhoresdestinos.com.br/wp-content/uploads/2019/02/ 280 KB
281 KB 395ms
394ms Image
image/jpeg 170.82.174.15
EPP

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.melhoresdestinos.com.br/wp-content/uploads/2019/02/passagens-aereas-dubai-capa2019-02.jpg
Requested by: Host: www.melhoresdestinos.com.br
URL: https://www.melhoresdestinos.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),
Reverse DNS
Software: gocache /
Resource Hash: ca01acd2bad92eaa08558471b364d797c40be660e98b54e7b47cefb7558c4b47

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.melhoresdestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 00:04:54 GMT
x-gocache-image: unmodified
age: 0
x-gocache-cachestatus: HIT
x-guploader-uploadid: ABPtcPoY73flUHyq3ppuqiWTtS0GZz6qlaxf7mlhXyuKhW6D1O8uwKPKZqCqn50IJ0e4rc8J3m1IQmm4qFrSFiMt0o_PhQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-meta-object-id: 151357
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 286848
x-goog-meta-height: 860
x-goog-meta-file-hash: 55e623b66a5d4ddd8be0b8061fa9edec
last-modified: Mon, 29 Jul 2019 18:42:34 GMT
server: gocache
etag: "9a3b5c0684ce886ffb98f4d4ec4c9a5f"
x-goog-generation: 1564425754994832
content-type: image/jpeg
x-goog-hash: crc32c=bPB6+g==, md5=mjtcBoTOiG/7mPTU7EyaXw==
x-goog-meta-width: 1640
cache-control: max-age=15552000
x-goog-meta-source-id: f7e26e5d4f01f2c0517ab49e7ac874f7
x-goog-stored-content-length: 286848
accept-ranges: bytes
expires: Sun, 07 Jul 2024 00:04:54 GMT

GET
H2 200 pagando-com-nomad-capa-02.jpg
www.melhoresdestinos.com.br/wp-content/uploads/2023/11/ 242 KB
243 KB 201ms
200ms Image
image/jpeg 170.82.174.15
EPP

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.melhoresdestinos.com.br/wp-content/uploads/2023/11/pagando-com-nomad-capa-02.jpg
Requested by: Host: www.melhoresdestinos.com.br
URL: https://www.melhoresdestinos.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),
Reverse DNS
Software: gocache /
Resource Hash: 35d0e4d7124d5f988da2c19707b2c5bf73b40f1aec7802a9b532c39a2d23f787

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.melhoresdestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 00:04:54 GMT
x-gocache-image: unmodified
x-gocache-cachestatus: HIT
x-guploader-uploadid: ABPtcPrleVDr5A3ANlJHTFLGdhsQ3Cvmg6w49bshSkmzkNhRpKNFrCfRhgIGT3Mm8_QRVO2dQenYJvcLYXxEKmWBMfRT1g
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-meta-object-id: 428916
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 248120
x-goog-meta-height: 861
x-goog-meta-file-hash: d41d8cd98f00b204e9800998ecf8427e
last-modified: Mon, 13 Nov 2023 12:49:04 GMT
server: gocache
etag: "7197f90f1d13b512a41e9d7ddecb5b0e"
x-goog-generation: 1699879744170884
content-type: image/jpeg
x-goog-hash: crc32c=opa91A==, md5=cZf5Dx0TtRKkHp193stbDg==
x-goog-meta-width: 1640
cache-control: max-age=15552000
x-goog-meta-source-id: 0778df5b97a9c57237539cedbcdb2ae9
x-goog-stored-content-length: 248120
accept-ranges: bytes
x-goog-meta-size: __full
expires: Sun, 07 Jul 2024 00:04:54 GMT

GET
H2 200 passagens-europa-classe-executiva-latam-capa2021-2.jpg
www.melhoresdestinos.com.br/wp-content/uploads/2021/11/ 175 KB
176 KB 376ms
376ms Image
image/jpeg 170.82.174.15
EPP

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.melhoresdestinos.com.br/wp-content/uploads/2021/11/passagens-europa-classe-executiva-latam-capa2021-2.jpg
Requested by: Host: www.melhoresdestinos.com.br
URL: https://www.melhoresdestinos.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),
Reverse DNS
Software: gocache /
Resource Hash: 29bb0bbe4b14408e5e75fe0ca47af57beab8f3baabde7b74646bdd216edfe3a7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.melhoresdestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 00:04:54 GMT
x-gocache-image: unmodified
x-gocache-cachestatus: HIT
x-guploader-uploadid: ABPtcPoyxrSHZiayhhkEQZ0ZcXIiuLOGrw5lzIx_KuS3UTs4lN5gu3CACopH0ooOQdhmgUE3B51r4Tf29pi5C61JvpDEpI0CbFSt
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-meta-object-id: 309336
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 179295
x-goog-meta-height: 860
x-goog-meta-file-hash: d41d8cd98f00b204e9800998ecf8427e
last-modified: Mon, 06 Dec 2021 11:19:18 GMT
server: gocache
etag: "4ba2d9fc3aaee16d560d13e67e2bc9ce"
x-goog-generation: 1638789558230926
content-type: image/jpeg
x-goog-hash: crc32c=od4Rhg==, md5=S6LZ/Dqu4W1WDRPmfivJzg==
x-goog-meta-width: 1640
cache-control: max-age=15552000
x-goog-meta-source-id: cb0b1cee3a83b86a900bbb614e67f65d
x-goog-stored-content-length: 179295
accept-ranges: bytes
x-goog-meta-size: __full
expires: Sun, 07 Jul 2024 00:04:54 GMT

GET
H2 200 passagens-aereas-miami-nova-york-capa2019-01.jpg
www.melhoresdestinos.com.br/wp-content/uploads/2019/02/ 349 KB
350 KB 378ms
377ms Image
image/jpeg 170.82.174.15
EPP

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.melhoresdestinos.com.br/wp-content/uploads/2019/02/passagens-aereas-miami-nova-york-capa2019-01.jpg
Requested by: Host: www.melhoresdestinos.com.br
URL: https://www.melhoresdestinos.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),
Reverse DNS
Software: gocache /
Resource Hash: f51cadaea6718afce1c56d01c71dcc28fe2dc2c88600a6fe280f1a2a6015a899

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.melhoresdestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 00:04:54 GMT
x-gocache-image: unmodified
age: 0
x-gocache-cachestatus: HIT
x-guploader-uploadid: ABPtcPqyimzvwZX-srI4Y2VJnvGrW67sWjIZSPGA3fLAjU1n7LSbYAyDtioL8SqwkyY24gUB0TZm_cwhHbfQDU2VeNIVCg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-meta-object-id: 151652
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 357131
x-goog-meta-height: 860
x-goog-meta-file-hash: 321d9cd20707bfd8784a6bbc080db623
last-modified: Mon, 29 Jul 2019 18:41:01 GMT
server: gocache
etag: "61443a39ae94d277411ff58c939c8467"
x-goog-generation: 1564425661055272
content-type: image/jpeg
x-goog-hash: crc32c=TQS1Lg==, md5=YUQ6Oa6U0ndBH/WMk5yEZw==
x-goog-meta-width: 1640
cache-control: max-age=15552000
x-goog-meta-source-id: e0525bd7703d532e348863e05d531443
x-goog-stored-content-length: 357131
accept-ranges: bytes
expires: Sun, 07 Jul 2024 00:04:54 GMT

GET
H2 200 buenos-aires-argentina-capa4.jpg
www.melhoresdestinos.com.br/wp-content/uploads/2021/10/ 276 KB
277 KB 377ms
376ms Image
image/jpeg 170.82.174.15
EPP

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.melhoresdestinos.com.br/wp-content/uploads/2021/10/buenos-aires-argentina-capa4.jpg
Requested by: Host: www.melhoresdestinos.com.br
URL: https://www.melhoresdestinos.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),
Reverse DNS
Software: gocache /
Resource Hash: 66f9d950743622451df5970b7aaa9e9307c036c5616581250558b8c600956b4b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.melhoresdestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 00:04:54 GMT
x-gocache-image: unmodified
x-gocache-cachestatus: HIT
x-guploader-uploadid: ABPtcPop5t1VL99Vlr04J937kkxcNC7t7_h-kaexhN84_Qqf15b0Ntdbs1oeFtHL6Qhv7fO0hSJsLggdJglk5QneX7XCVffANcuG
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-meta-object-id: 303827
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 282285
x-goog-meta-height: 860
x-goog-meta-file-hash: d41d8cd98f00b204e9800998ecf8427e
last-modified: Thu, 21 Oct 2021 15:43:27 GMT
server: gocache
etag: "df5f2a488c4fe7321ed008ce85b5092a"
x-goog-generation: 1634831007355177
content-type: image/jpeg
x-goog-hash: crc32c=505dGw==, md5=318qSIxP5zIe0AjOhbUJKg==
x-goog-meta-width: 1640
cache-control: max-age=15552000
x-goog-meta-source-id: 55bbc2065d66399cedb49bef7b17b201
x-goog-stored-content-length: 282285
accept-ranges: bytes
x-goog-meta-size: __full
expires: Sun, 07 Jul 2024 00:04:54 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 224 KB
80 KB 94ms
43ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MTH9XN

Requested by

Host: www.melhoresdestinos.com.br
URL: https://www.melhoresdestinos.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

041b18b7599ef1518a03208fc411d23fb51ae9fb07e88dc07a77def6417f44b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.melhoresdestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 00:04:54 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 81687
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 09 Jan 2024 00:04:54 GMT

GET
BLOB 200
OK 64d5ed36-37e2-4185-92be-758b415f1017
https://www.melhoresdestinos.com.br/ 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.melhoresdestinos.com.br/64d5ed36-37e2-4185-92be-758b415f1017
Requested by: Host: www.melhoresdestinos.com.br
URL: https://www.melhoresdestinos.com.br/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Length: 1245
Content-Type: text/javascript

GET
H2 200 atacama-santiago-chile-capa-377x198.jpg
www.melhoresdestinos.com.br/wp-content/uploads/2022/10/ 21 KB
22 KB 354ms
353ms Image
image/jpeg 170.82.174.15
EPP

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.melhoresdestinos.com.br/wp-content/uploads/2022/10/atacama-santiago-chile-capa-377x198.jpg
Requested by: Host: www.melhoresdestinos.com.br
URL: https://www.melhoresdestinos.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),
Reverse DNS
Software: gocache /
Resource Hash: 9ee6d0fbf3e9c4e3fcf901eb693b20a19ce0f26cac736921a15e8423b91bda82

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.melhoresdestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 00:04:54 GMT
x-gocache-image: unmodified
age: 0
x-gocache-cachestatus: HIT
x-guploader-uploadid: ABPtcPrWzAMt8c02018ENV334RLARTbIQ_CgWQXhFprWSSt_Hzweh9zChUoGJiqo4-C8_E3KIao
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21761
x-goog-meta-height: 198
x-goog-meta-file-hash: d41d8cd98f00b204e9800998ecf8427e
last-modified: Tue, 11 Oct 2022 15:18:23 GMT
x-goog-meta-child-of: 355348
server: gocache
etag: "e157ccd94753768b6fe77246da4e9488"
x-goog-generation: 1665501503552642
content-type: image/jpeg
x-goog-hash: crc32c=AuHr7Q==, md5=4VfM2UdTdotv53JG2k6UiA==
x-goog-meta-width: 377
cache-control: max-age=15552000
x-goog-stored-content-length: 21761
accept-ranges: bytes
x-goog-meta-size: thumb_home
expires: Sun, 07 Jul 2024 00:04:54 GMT

GET
H2 200 cataratas-do-iguacu-amanhecer-capa-377x198.jpg
www.melhoresdestinos.com.br/wp-content/uploads/2023/07/ 13 KB
14 KB 478ms
477ms Image
image/jpeg 170.82.174.15
EPP

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.melhoresdestinos.com.br/wp-content/uploads/2023/07/cataratas-do-iguacu-amanhecer-capa-377x198.jpg
Requested by: Host: www.melhoresdestinos.com.br
URL: https://www.melhoresdestinos.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),
Reverse DNS
Software: gocache /
Resource Hash: 222c06840cfe4613f269ce596f50ab918f5ec2f14d8d39e5e857e955722dbd01

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.melhoresdestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 00:04:54 GMT
x-gocache-image: unmodified
age: 2690
x-gocache-cachestatus: HIT
x-guploader-uploadid: ABPtcPotXi7tiabAWu_1MjaxCOOjkVXr-q8xkaz6wlMABSvMLRMJkPHgZ_RwdMZ4W1FHtkbY_Ax4JpCHraQO1xFZETRtjjgOkZo2
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13622
x-goog-meta-height: 198
x-goog-meta-file-hash: d41d8cd98f00b204e9800998ecf8427e
last-modified: Mon, 17 Jul 2023 20:31:22 GMT
x-goog-meta-child-of: 406656
server: gocache
etag: "a993d6b11659038e2f24137e49e192d0"
x-goog-generation: 1689625881926951
content-type: image/jpeg
x-goog-hash: crc32c=WsBUmg==, md5=qZPWsRZZA44vJBN+SeGS0A==
x-goog-meta-width: 377
cache-control: max-age=15552000
x-goog-stored-content-length: 13622
accept-ranges: bytes
x-goog-meta-size: thumb_home
expires: Sun, 07 Jul 2024 00:04:54 GMT

GET
H2 200 saint-tropez-praia-hotel-arraial-ajuda-capa-01-377x198.jpg
www.melhoresdestinos.com.br/wp-content/uploads/2021/09/ 19 KB
19 KB 479ms
478ms Image
image/jpeg 170.82.174.15
EPP

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.melhoresdestinos.com.br/wp-content/uploads/2021/09/saint-tropez-praia-hotel-arraial-ajuda-capa-01-377x198.jpg
Requested by: Host: www.melhoresdestinos.com.br
URL: https://www.melhoresdestinos.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),
Reverse DNS
Software: gocache /
Resource Hash: 652149336fb77614fab10c0d82de895a08f12f286f9e27913f4e5bf63b2c04d6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.melhoresdestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 00:04:54 GMT
x-gocache-image: unmodified
x-gocache-cachestatus: HIT
x-guploader-uploadid: ABPtcPqsImx8OHZBRYyfTNfOFmMZTKCOvdmWgx5fpx6y-apm9gWVNuowRwBJ4WCaaMpuaByOdSmtw06wHCM9r0KUYNFZ-gRnkGUn
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19055
x-goog-meta-height: 198
x-goog-meta-file-hash: d41d8cd98f00b204e9800998ecf8427e
last-modified: Thu, 09 Sep 2021 14:26:05 GMT
x-goog-meta-child-of: 298536
server: gocache
etag: "962d6fad2502e631e8c6386902e216ee"
x-goog-generation: 1631197565662243
content-type: image/jpeg
x-goog-hash: crc32c=KRRCfw==, md5=li1vrSUC5jHoxjhpAuIW7g==
x-goog-meta-width: 377
cache-control: max-age=15552000
x-goog-stored-content-length: 19055
accept-ranges: bytes
x-goog-meta-size: thumb_home
expires: Sun, 07 Jul 2024 00:04:54 GMT

GET
H2 200 Blue-Tree-Thermas-lins-capa-1-377x198.jpeg
www.melhoresdestinos.com.br/wp-content/uploads/2023/12/ 22 KB
23 KB 479ms
478ms Image
image/jpeg 170.82.174.15
EPP

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.melhoresdestinos.com.br/wp-content/uploads/2023/12/Blue-Tree-Thermas-lins-capa-1-377x198.jpeg
Requested by: Host: www.melhoresdestinos.com.br
URL: https://www.melhoresdestinos.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),
Reverse DNS
Software: gocache /
Resource Hash: 6181ecb856d3ae3ec3172cce0780474ff47156fc6e82367f569662facf351e22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.melhoresdestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 00:04:54 GMT
x-gocache-image: unmodified
age: 5
x-gocache-cachestatus: HIT
x-guploader-uploadid: ABPtcPrnpu2pVeRAs3HjY-sCZgCVtLYYaMCkE7fGXrZsmFtLOiKN4FbBQa9BOUf8aSTunalL6Vll-QC0Pp41OX9pJ4pMuTV4pbw1
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22404
x-goog-meta-height: 198
x-goog-meta-file-hash: d41d8cd98f00b204e9800998ecf8427e
last-modified: Sat, 09 Dec 2023 11:30:33 GMT
x-goog-meta-child-of: 434859
server: gocache
etag: "455017ee74114255cac0623834f50aa9"
x-goog-generation: 1702121433852356
content-type: image/jpeg
x-goog-hash: crc32c=qlf2TQ==, md5=RVAX7nQRQlXKwGI4NPUKqQ==
x-goog-meta-width: 377
cache-control: max-age=15552000
x-goog-stored-content-length: 22404
accept-ranges: bytes
x-goog-meta-size: thumb_home
expires: Sun, 07 Jul 2024 00:04:54 GMT

GET
H2 200 lima-peru-capa-377x198.jpeg
www.melhoresdestinos.com.br/wp-content/uploads/2023/08/ 21 KB
21 KB 479ms
479ms Image
image/jpeg 170.82.174.15
EPP

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.melhoresdestinos.com.br/wp-content/uploads/2023/08/lima-peru-capa-377x198.jpeg
Requested by: Host: www.melhoresdestinos.com.br
URL: https://www.melhoresdestinos.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),
Reverse DNS
Software: gocache /
Resource Hash: e841451c101f47b681c1dd0469a82c4bef323a5c771ef5723d7889e11c1c77cd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.melhoresdestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 00:04:54 GMT
x-gocache-image: unmodified
age: 128
x-gocache-cachestatus: HIT
x-guploader-uploadid: ADPycdt1ZTG_YlG0HZg_xEaBR7yaaCypfsH5EsJHqX6Q5S1RC6_bHFdlHKXMLYGogb2aX7z-_2csToqu6z-62EQY-fPrp2LrdP3P
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21008
x-goog-meta-height: 198
x-goog-meta-file-hash: d41d8cd98f00b204e9800998ecf8427e
last-modified: Fri, 18 Aug 2023 12:25:03 GMT
x-goog-meta-child-of: 412122
server: gocache
etag: "1875d21323fcc8d37c364a100fe82ce2"
x-goog-generation: 1692361503029601
content-type: image/jpeg
x-goog-hash: crc32c=aXHU0Q==, md5=GHXSEyP8yNN8NkoQD+gs4g==
x-goog-meta-width: 377
cache-control: max-age=15552000
x-goog-stored-content-length: 21008
accept-ranges: bytes
x-goog-meta-size: thumb_home
expires: Sun, 07 Jul 2024 00:04:54 GMT

GET
H2 200 passagens-aereas-paris-franc%CC%A7a-capa-377x198.jpg
www.melhoresdestinos.com.br/wp-content/uploads/2023/05/ 13 KB
13 KB 596ms
595ms Image
image/jpeg 170.82.174.15
EPP

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.melhoresdestinos.com.br/wp-content/uploads/2023/05/passagens-aereas-paris-franc%CC%A7a-capa-377x198.jpg
Requested by: Host: www.melhoresdestinos.com.br
URL: https://www.melhoresdestinos.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),
Reverse DNS
Software: gocache /
Resource Hash: 111b8c7024b5083e1a74f8664d2bbc73719c5ff90e5facb30551a18148c4fbbe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.melhoresdestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 00:04:54 GMT
x-gocache-image: unmodified
age: 1
x-gocache-cachestatus: HIT
x-guploader-uploadid: ABPtcPpDJyxOJlGFHQ40Kh5kk7cvwbODX56KJQ3gfJgcQyI7CYt4zBHpV3uwPkra2Gv23K_U1ig5qSVnHPF943xOO3QAuA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12945
x-goog-meta-height: 198
x-goog-meta-file-hash: d41d8cd98f00b204e9800998ecf8427e
last-modified: Mon, 08 May 2023 12:33:02 GMT
x-goog-meta-child-of: 391708
server: gocache
etag: "baa15be5e07f5468c5435010f08f6b9f"
x-goog-generation: 1683549182502711
content-type: image/jpeg
x-goog-hash: crc32c=TVLm0w==, md5=uqFb5eB/VGjFQ1AQ8I9rnw==
x-goog-meta-width: 377
cache-control: max-age=15552000
x-goog-stored-content-length: 12945
accept-ranges: bytes
x-goog-meta-size: thumb_home
expires: Sun, 07 Jul 2024 00:04:54 GMT

GET
H2 200 aviao-pouso-decolagem-capa2019-01-377x198.jpg
www.melhoresdestinos.com.br/wp-content/uploads/2019/07/ 12 KB
13 KB 479ms
479ms Image
image/jpeg 170.82.174.15
EPP

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.melhoresdestinos.com.br/wp-content/uploads/2019/07/aviao-pouso-decolagem-capa2019-01-377x198.jpg
Requested by: Host: www.melhoresdestinos.com.br
URL: https://www.melhoresdestinos.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),
Reverse DNS
Software: gocache /
Resource Hash: b167caf7fe75f3e181f2887c0153c517bef84d11c96bdb29d7ce5550dcaa9a6c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.melhoresdestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 00:04:54 GMT
x-gocache-image: unmodified
x-gocache-cachestatus: HIT
x-guploader-uploadid: ABPtcPoAJOSwa1RXnNzKIiy7IAIkd35Bzl7uTewCQOddo4yEMlcIs8KnMmT6r0hPXgDQCpfDPiH_-CJ3E8JIVkTP3XHnh2SQ7a0v
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-meta-object-id: 166771
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12339
x-goog-meta-height: 198
x-goog-meta-file-hash: f0687c1d1d0f5c98aa70d5bb949806b7
last-modified: Tue, 23 Jul 2019 16:04:26 GMT
x-goog-meta-child-of: 166771
server: gocache
etag: "00c7fbf5d03acbda0039df61228ed560"
x-goog-generation: 1563897866085276
content-type: image/jpeg
x-goog-hash: crc32c=PFt4Qw==, md5=AMf79dA6y9oAOd9hIo7VYA==
x-goog-meta-width: 377
cache-control: max-age=15552000
x-goog-meta-source-id: 7be4cabe39a31c26ea30cb786890155c
x-goog-stored-content-length: 12339
accept-ranges: bytes
expires: Sun, 07 Jul 2024 00:04:54 GMT

GET
H2 200 passagens-aereas-havana-capa2019-02-377x198.jpg
www.melhoresdestinos.com.br/wp-content/uploads/2019/02/ 23 KB
24 KB 479ms
479ms Image
image/jpeg 170.82.174.15
EPP

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.melhoresdestinos.com.br/wp-content/uploads/2019/02/passagens-aereas-havana-capa2019-02-377x198.jpg
Requested by: Host: www.melhoresdestinos.com.br
URL: https://www.melhoresdestinos.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),
Reverse DNS
Software: gocache /
Resource Hash: f1cfd6824c92dead5736035fedeb93fe0a7d0d414dfa5e4ba20a4b84b498919c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.melhoresdestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 00:04:54 GMT
x-gocache-image: unmodified
age: 58
x-gocache-cachestatus: HIT
x-guploader-uploadid: ABPtcPotDIKUJZgjCErOO61n7leAU3Uke-bClrBJ7myl1gzr-lIyRVPUQ0Uga8m2NcM_PTTg8Dul0DRz2luEpkGBP4IOwg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-meta-object-id: 151373
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23622
x-goog-meta-height: 198
x-goog-meta-file-hash: 6da433a2e40e26f0899a1c4173415f21
last-modified: Wed, 24 Jul 2019 00:37:50 GMT
x-goog-meta-child-of: 151373
server: gocache
etag: "ae1e0a8da74a9ed73b0fa74712ae47b5"
x-goog-generation: 1563928670418799
content-type: image/jpeg
x-goog-hash: crc32c=Ooh65A==, md5=rh4KjadKntc7D6dHEq5HtQ==
x-goog-meta-width: 377
cache-control: max-age=15552000
x-goog-meta-source-id: 7dd9f469408f0285a7e501a4646d7e19
x-goog-stored-content-length: 23622
accept-ranges: bytes
expires: Sun, 07 Jul 2024 00:04:54 GMT

GET
H2 200 viaje-com-desconto.css
www.melhoresdestinos.com.br/wp-content/themes/md2023/css23/ 6 KB
2 KB 571ms
571ms Stylesheet
text/css 170.82.174.15
EPP

General

Check archive.org

Show headers Download Go to

Full URL: https://www.melhoresdestinos.com.br/wp-content/themes/md2023/css23/viaje-com-desconto.css?ver=2023-011a
Requested by: Host: www.melhoresdestinos.com.br
URL: https://www.melhoresdestinos.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),
Reverse DNS
Software: gocache /
Resource Hash: f7504f7d591839633084ef2b9d3307b712c057ac3f5ed26d6947c9cda3e7b400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.melhoresdestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: public
date: Tue, 09 Jan 2024 00:04:54 GMT
via: 1.1 google
content-encoding: gzip
last-modified: Tue, 21 Nov 2023 20:39:27 GMT
server: gocache
etag: W/"655d157f-1802"
x-gocache-cachestatus: HIT
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=15552000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 07 Jul 2024 00:04:54 GMT

GET
H2 200 listagem-viaje-com-desconto.js Show response
www.melhoresdestinos.com.br/wp-content/themes/md2023/js23/ 12 KB
3 KB 571ms
571ms Script
application/javascript 170.82.174.15
EPP

General

Check archive.org

Show headers Download Go to

Full URL: https://www.melhoresdestinos.com.br/wp-content/themes/md2023/js23/listagem-viaje-com-desconto.js?ver=2023-011a
Requested by: Host: www.melhoresdestinos.com.br
URL: https://www.melhoresdestinos.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),
Reverse DNS
Software: gocache /
Resource Hash: 585d4cbba6fbfd975e2e8bb35ca15af345b9e68bfb6ad54d0dd3b0eb58a04b84

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.melhoresdestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: public
date: Tue, 09 Jan 2024 00:04:54 GMT
via: 1.1 google
content-encoding: gzip
last-modified: Mon, 20 Nov 2023 12:31:33 GMT
server: gocache
etag: W/"655b51a5-3087"
x-gocache-cachestatus: HIT
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=15552000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 07 Jul 2024 00:04:54 GMT

GET
H2 200 logo-melhores-destinos-min.svg
www.melhoresdestinos.com.br/wp-content/themes/md2023/img/ 20 KB
8 KB 572ms
571ms Image
image/svg+xml 170.82.174.15
EPP

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.melhoresdestinos.com.br/wp-content/themes/md2023/img/logo-melhores-destinos-min.svg
Requested by: Host: www.melhoresdestinos.com.br
URL: https://www.melhoresdestinos.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),
Reverse DNS
Software: gocache /
Resource Hash: 705ee29a691cf7c27076f9f7d2115a820f537ef83bb852a7894134b2c73e4af4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.melhoresdestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: public
date: Tue, 09 Jan 2024 00:04:54 GMT
via: 1.1 google
content-encoding: gzip
last-modified: Tue, 07 Nov 2023 03:29:01 GMT
server: gocache
etag: W/"6549aefd-514f"
x-gocache-cachestatus: HIT
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=15552000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 07 Jul 2024 00:04:54 GMT

GET
H2 200 base.js Show response
www.melhoresdestinos.com.br/wp-content/themes/md2023/js23/ 27 KB
10 KB 455ms
455ms Script
application/javascript 170.82.174.15
EPP

General

Check archive.org

Show headers Download Go to

Full URL: https://www.melhoresdestinos.com.br/wp-content/themes/md2023/js23/base.js?ver=2023-011a
Requested by: Host: www.melhoresdestinos.com.br
URL: https://www.melhoresdestinos.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),
Reverse DNS
Software: gocache /
Resource Hash: 1402250a32876b715644be2ff7bb1562bf73c0fdc0c8a53754fe4fbfc425762a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.melhoresdestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: public
date: Tue, 09 Jan 2024 00:04:54 GMT
via: 1.1 google
content-encoding: gzip
last-modified: Thu, 16 Nov 2023 17:53:38 GMT
server: gocache
etag: W/"65565722-6ce1"
x-gocache-cachestatus: HIT
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=15552000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 07 Jul 2024 00:04:54 GMT

GET
H2 200 41003.js Show response
static.getclicky.com/ 15 KB
6 KB 110ms
42ms Script
text/javascript 2606:4700::6811:626c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.getclicky.com/41003.js
Requested by: Host: www.melhoresdestinos.com.br
URL: https://www.melhoresdestinos.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:626c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 71a3c2fff169fa7423b679691f2b103dd20446b1384852e1c8b2481c1d15fcfb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.melhoresdestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-proxy-cache: MISS
date: Tue, 09 Jan 2024 00:04:54 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 05 Jan 2024 21:48:56 GMT
server: cloudflare
age: 266647
vary: Accept-Encoding, Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=604800
cf-ray: 84286cee0f08362f-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 16 Jan 2024 00:04:54 GMT

GET
H2 200 hotel-fazenda-vale-das-aguas-capa-01-377x198.jpg
www.melhoresdestinos.com.br/wp-content/uploads/2021/04/ 22 KB
23 KB 568ms
568ms Image
image/jpeg 170.82.174.15
EPP

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.melhoresdestinos.com.br/wp-content/uploads/2021/04/hotel-fazenda-vale-das-aguas-capa-01-377x198.jpg
Requested by: Host: www.melhoresdestinos.com.br
URL: https://www.melhoresdestinos.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),
Reverse DNS
Software: gocache /
Resource Hash: d4b266e5a0731ac28468e3c505c0cd251c3b799a5954f212edc7ecb8075cdea0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.melhoresdestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 00:04:54 GMT
x-gocache-image: unmodified
age: 0
x-gocache-cachestatus: HIT
x-guploader-uploadid: ABPtcPoTnn0SKLrEaAkJfbcnQ-EB-Hc6ZJscdHOJ3ExEMF0NAXFT7b73mTh4cEQaoWxHg9-gHegpKANd2ZiFEo1GlHgLYQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22476
x-goog-meta-height: 198
x-goog-meta-file-hash: d41d8cd98f00b204e9800998ecf8427e
last-modified: Tue, 13 Apr 2021 16:48:53 GMT
x-goog-meta-child-of: 275954
server: gocache
etag: "11961cbe1bf825d33d9e51b224f27acb"
x-goog-generation: 1618332533324981
content-type: image/jpeg
x-goog-hash: crc32c=JCgRBA==, md5=EZYcvhv4JdM9nlGyJPJ6yw==
x-goog-meta-width: 377
cache-control: max-age=15552000
x-goog-stored-content-length: 22476
accept-ranges: bytes
x-goog-meta-size: thumb_home
expires: Sun, 07 Jul 2024 00:04:54 GMT

GET
H2 200 3630.js Show response
script.crazyegg.com/pages/scripts/0070/ 6 KB
3 KB 110ms
46ms Script
text/javascript 2606:4700::6813:9408
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/scripts/0070/3630.js
Requested by: Host: www.melhoresdestinos.com.br
URL: https://www.melhoresdestinos.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8dd79b81222f1ab95a34a5e4ab4dd0c0bd6364038ca0c0ed2b90547f4c1d032f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.melhoresdestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 00:04:54 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 23776
cf-polished: origSize=6342
ce-version: 11.5.164
cf-bgj: minify
last-modified: Mon, 08 Jan 2024 17:28:38 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
timing-allow-origin: *
cf-ray: 84286cee3cdb35ea-FRA

GET
H2 200 home.js Show response
www.melhoresdestinos.com.br/wp-content/themes/md2023/js23/ 4 KB
1 KB 545ms
544ms Script
application/javascript 170.82.174.15
EPP

General

Check archive.org

Show headers Download Go to

Full URL: https://www.melhoresdestinos.com.br/wp-content/themes/md2023/js23/home.js?ver=2023-011a
Requested by: Host: www.melhoresdestinos.com.br
URL: https://www.melhoresdestinos.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),
Reverse DNS
Software: gocache /
Resource Hash: b255fdb1b9a2000d3f3757257e7c068a5abdd995738d0c68b5a377ffbfe5ed67

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.melhoresdestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: public
date: Tue, 09 Jan 2024 00:04:54 GMT
via: 1.1 google
content-encoding: gzip
last-modified: Tue, 07 Nov 2023 03:29:01 GMT
server: gocache
etag: W/"6549aefd-e91"
x-gocache-cachestatus: HIT
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=15552000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 07 Jul 2024 00:04:54 GMT

GET
H2 200 motor-passagensaereas.js Show response
www.melhoresdestinos.com.br/wp-content/themes/md2023/js23/ 22 KB
7 KB 542ms
542ms Script
application/javascript 170.82.174.15
EPP

General

Check archive.org

Show headers Download Go to

Full URL: https://www.melhoresdestinos.com.br/wp-content/themes/md2023/js23/motor-passagensaereas.js?ver=2023-011a
Requested by: Host: www.melhoresdestinos.com.br
URL: https://www.melhoresdestinos.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),
Reverse DNS
Software: gocache /
Resource Hash: 0604df2f4dcbfce787d161cdec2104507c723ebcc97e9767d2fd373e716a02f0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.melhoresdestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: public
date: Tue, 09 Jan 2024 00:04:54 GMT
via: 1.1 google
content-encoding: gzip
last-modified: Tue, 07 Nov 2023 17:46:53 GMT
server: gocache
etag: W/"654a780d-5628"
x-gocache-cachestatus: HIT
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=15552000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 07 Jul 2024 00:04:54 GMT

GET
H2 200 comment_count.js Show response
www.melhoresdestinos.com.br/wp-content/plugins/disqus-comment-system/public/js/ 889 B
747 B 544ms
544ms Script
application/javascript 170.82.174.15
EPP

General

Check archive.org

Show headers Download Go to

Full URL: https://www.melhoresdestinos.com.br/wp-content/plugins/disqus-comment-system/public/js/comment_count.js?ver=3.0.23
Requested by: Host: www.melhoresdestinos.com.br
URL: https://www.melhoresdestinos.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),
Reverse DNS
Software: gocache /
Resource Hash: cea0a05c5af6e21a409875328ed2e3dba79131b7c41f8ea07d0e0e02c7b7b59e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.melhoresdestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: public
date: Tue, 09 Jan 2024 00:04:54 GMT
via: 1.1 google
content-encoding: gzip
last-modified: Mon, 22 May 2023 19:36:38 GMT
server: gocache
etag: W/"646bc446-379"
x-gocache-cachestatus: HIT
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=15552000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 07 Jul 2024 00:04:54 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/ 436 KB
137 KB 34ms
34ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8538fa1e11fa1334100b86b0c251b8ffa0b51f5db3e732c23963053686a93dc7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.melhoresdestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 20:34:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12611
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 140253
x-xss-protection: 0
server: cafe
etag: 11435206252018266965
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Tue, 07 Jan 2025 20:34:43 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 271 KB
90 KB 66ms
65ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-D82YD414R1&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MTH9XN

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c9d7ae7860e67c0a1153a48d8e59afc2b7b867f268ad5e7f0ef1573698e3e700

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.melhoresdestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 00:04:54 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 92431
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 09 Jan 2024 00:04:54 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1056034126/ 3 KB
2 KB 154ms
66ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1056034126/?random=1704758694135&cv=11&fst=1704758694135&bg=ffffff&guid=ON&async=1&gtm=45He4130v6970246&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.melhoresdestinos.com.br%2F&hn=www.googleadservices.com&frm=0&tiba=Melhores%20Destinos%20-%20Passagens%20a%C3%A9reas%20baratas&auid=1643858780.1704758694&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MTH9XN

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5bfaa69a85765333493cbb461e93053e387089835ab111e00a82447fc5961eb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.melhoresdestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Jan 2024 00:04:54 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1265
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
262 B 45ms
16ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-D82YD414R1&gtm=45je4130v9102637177z86970246&_p=1704758693955&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1913333112.1704758694&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1704758694&sct=1&seg=0&dl=https%3A%2F%2Fwww.melhoresdestinos.com.br%2F&dt=Melhores%20Destinos%20-%20Passagens%20a%C3%A9reas%20baratas&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=2401
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-D82YD414R1&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.melhoresdestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Jan 2024 00:04:54 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.melhoresdestinos.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
262 B 71ms
20ms Ping
text/plain 2a00:1450:400c:c0c::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-D82YD414R1&cid=1913333112.1704758694&gtm=45je4130v9102637177z86970246&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-D82YD414R1&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0c::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.melhoresdestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Jan 2024 00:04:54 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.melhoresdestinos.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 49ms
21ms Image
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-D82YD414R1&cid=1913333112.1704758694&gtm=45je4130v9102637177z86970246&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=1355132924

Requested by

Host: www.melhoresdestinos.com.br
URL: https://www.melhoresdestinos.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.melhoresdestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Jan 2024 00:04:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 216 KB
44 KB 445ms
445ms Fetch
text/plain 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3553409751408144&correlator=2551662012046268&eid=31080300%2C44807747%2C44777900&output=ldjh&gdfp_req=1&vrg=202401020101&ptt=17&impl=fifs&iu_parts=1014364%2Cmd-super-banner-topo-home%2C300x250-home-q0-celular%2C300x250-home-q1-celular&enc_prev_ius=%2F0%2F1%2C%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3&prev_iu_szs=970x250%7C1170x180%7C1170x250%7C1170x250%2C970x250%7C1170x180%7C1170x250%7C1170x250%2C300x250%2C300x250&ifi=1&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1704758694314&lmt=1704758694&adxs=315%2C-9%2C-12245933%2C-9&adys=1198%2C-9%2C-12245933%2C-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C-1%7C-1%7C-1&ucis=1%7C2%7C3%7C4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.melhoresdestinos.com.br%2F&vis=1&psz=1600x2607%7C0x-1%7C300x250%7C0x-1&msz=1600x180%7C0x-1%7C0x0%7C0x-1&fws=4%2C2%2C132%2C2&ohw=1600%2C0%2C1600%2C0&ga_vid=1913333112.1704758694&ga_sid=1704758694&ga_hid=987080069&ga_fc=true&dlt=1704758693934&idt=360&adks=864271270%2C1702509812%2C1071264542%2C1973360883&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0a5bff4a8a01dfc05f33cb289e65dc7e09d86ccccd605bf9ec9fed6295417cc1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.melhoresdestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 00:04:54 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 45489
x-xss-protection: 0
google-lineitem-id: -1,-1,-1,-1
pragma: no-cache
server: cafe
google-creative-id: -1,-1,-1,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.melhoresdestinos.com.br
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
5bfac1e78d50b6cac8dac9b8d2dd593c.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame A97A 6 KB
3 KB 91ms
25ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5bfac1e78d50b6cac8dac9b8d2dd593c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.melhoresdestinos.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 09 Jan 2024 00:04:54 GMT
expires: Wed, 08 Jan 2025 00:04:54 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 /
www.google.com/pagead/1p-user-list/1056034126/ 42 B
455 B 48ms
21ms Image
image/gif 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1056034126/?random=1704758694135&cv=11&fst=1704758400000&bg=ffffff&guid=ON&async=1&gtm=45He4130v6970246&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.melhoresdestinos.com.br%2F&frm=0&tiba=Melhores%20Destinos%20-%20Passagens%20a%C3%A9reas%20baratas&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_9PpgR_tPJGEPY-oq7t5l36KoMKlgsQ&random=1182138163&rmt_tld=0&ipr=y

Requested by

Host: www.melhoresdestinos.com.br
URL: https://www.melhoresdestinos.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.melhoresdestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Jan 2024 00:04:54 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/1056034126/ 42 B
154 B 19ms
19ms Image
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1056034126/?random=1704758694135&cv=11&fst=1704758400000&bg=ffffff&guid=ON&async=1&gtm=45He4130v6970246&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.melhoresdestinos.com.br%2F&frm=0&tiba=Melhores%20Destinos%20-%20Passagens%20a%C3%A9reas%20baratas&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_9PpgR_tPJGEPY-oq7t5l36KoMKlgsQ&random=1182138163&rmt_tld=1&ipr=y

Requested by

Host: www.melhoresdestinos.com.br
URL: https://www.melhoresdestinos.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.melhoresdestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Jan 2024 00:04:54 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012310301456000/ Frame CB3E 196 KB
56 KB 156ms
34ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c6077711ce3174050ccebe6559eb5f0e251942c2cad21900d1c3ef316065565b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.melhoresdestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 03 Jan 2024 11:48:30 GMT
age: 476184
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56081
x-xss-protection: 0
server: sffe
etag: "6a17d296884b026a"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 02 Jan 2025 11:48:30 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame CB3E 15 KB
5 KB 225ms
103ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b53b6ad23b258ce11eed97786741510819a369348afcf1260856fe3041fc33de

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.melhoresdestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 03 Jan 2024 11:48:30 GMT
age: 476184
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5225
x-xss-protection: 0
server: sffe
etag: "0b7142e00666043e"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 02 Jan 2025 11:48:30 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame CB3E 95 KB
28 KB 236ms
113ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3907cc5ed9d4a0cdb316d069614220b55fccd5624ac173592a7a4c2c3aae0636

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.melhoresdestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 03 Jan 2024 11:48:30 GMT
age: 476184
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29077
x-xss-protection: 0
server: sffe
etag: "7b1f1965b6cd6fda"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 02 Jan 2025 11:48:30 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame CB3E 5 KB
2 KB 227ms
105ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

516f5e4c2dc5c69f3e1707e76695f866f8e62468aca15c1a9ddb165eb684f6f0

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.melhoresdestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 03 Jan 2024 11:48:31 GMT
age: 476183
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1911
x-xss-protection: 0
server: sffe
etag: "5b0a82507b260c6e"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 02 Jan 2025 11:48:31 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame CB3E 40 KB
13 KB 228ms
106ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18ebc36644e10f87e20812c15e329c1b25848c62cd6cdfe74427cdf8995bc3a9

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.melhoresdestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 05 Jan 2024 11:22:55 GMT
age: 304919
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12952
x-xss-protection: 0
server: sffe
etag: "9817e561a46c70fa"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 04 Jan 2025 11:22:55 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame CB3E 14 KB
2 KB 129ms
46ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.melhoresdestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 09 Jan 2024 00:04:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 08 Jan 2024 22:46:02 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 09 Jan 2024 00:04:54 GMT

GET
H2 200 pt.png
tpc.googlesyndication.com/pagead/images/abg/ Frame CB3E 3 KB
3 KB 131ms
48ms Image
image/png 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/pt.png

Requested by

Host: www.melhoresdestinos.com.br
URL: https://www.melhoresdestinos.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

744b436600cd35e7898be8843c04c1115c45bf08143d085ac149e8c4f8151e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.melhoresdestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 04:34:11 GMT
x-content-type-options: nosniff
server: cafe
age: 70243
etag: 7735524722462771930
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2886
x-xss-protection: 0
expires: Tue, 09 Jan 2024 04:34:11 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame CB3E 344 B
448 B 149ms
66ms Image
image/png 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: www.melhoresdestinos.com.br
URL: https://www.melhoresdestinos.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.melhoresdestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 21:48:36 GMT
x-content-type-options: nosniff
server: cafe
age: 8178
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 344
x-xss-protection: 0
expires: Tue, 09 Jan 2024 21:48:36 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame CB3E 0
0 48ms
47ms Image
text/html 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTKhFlORoZsDuEvfQoZJBtIIHjHDPj1fVAtxgamqKNkrFJM_pBj_g64GXDU_st3pw5fPU8LybH_MWsEgH3FH6HRjWaR8Q
Requested by: Host: www.melhoresdestinos.com.br
URL: https://www.melhoresdestinos.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.melhoresdestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/10936574020077733544/ Frame CB3E 30 KB
30 KB 149ms
67ms Image
image/jpeg 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/10936574020077733544/14763004658117789537?w=600&h=314&tw=1&q=75

Requested by

Host: www.melhoresdestinos.com.br
URL: https://www.melhoresdestinos.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d4e0293faeffa17a2ad6181b7a05e45a36f4c1d0a004d34cf4d5e289a8197cd5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.melhoresdestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Mon, 06 Jan 2025 23:00:23 GMT
date: Sun, 07 Jan 2024 23:00:23 GMT
x-content-type-options: nosniff
age: 90271
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30440
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 16:39:46 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
DATA 200
OK truncated
/ Frame CB3E 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame CB3E 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame CB3E 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: de17ed538010ea04288a5edcd919e706bd4b72f1c43fdff0721c73ba97773f3f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 container.html Show response
5bfac1e78d50b6cac8dac9b8d2dd593c.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame C868 6 KB
3 KB 39ms
39ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5bfac1e78d50b6cac8dac9b8d2dd593c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.melhoresdestinos.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 09 Jan 2024 00:04:54 GMT
expires: Wed, 08 Jan 2025 00:04:54 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dr Show response
as.ad4m.at/ad/ Frame 5D16 2 KB
3 KB 125ms
52ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1hee4hm0w4t7d512a0s4hzrf5cq62zcenfrrq8wq25wcv94rpm1pk5vmh59m78g9myc2tmnr90fpzvntjqpamnt4wjk2nq04q5gsxktj061zpmmppcz7bq0scfhbsqae5cpde9ax9hvqrmccspmrzggmjkkz9qb07aw9k6gv896kw4qgh2vxka1mfsnedpvxbdsth9bttfkettrfgc0d45c3hqxvk77nm7ghr8ncfder4pcqk0vrgnazqgy8hxa0fwmxgz8gmnhnw2x2fwgd9znt10ev84ed5yeaad7asqwm57j5ar2pddgjf95tzpa32cba50v5655d45g5trg72tjftydj5agf64843h5vdmw2z84jsnpe1wxvtree19vwph97f5wtn0pswc08my54ahk57fpe8m5n1exqqacq5jzpfkj8mnh6vk5q7pjtvksn99ngdkfey4&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCajKRpo2cZb2MFqj01PIP3IeCyAeQ4YGEXLaoworwAsCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi02MTIwODA1OTE3NjU1MTAwyAEJqQKHoCQ3TGKyPuACAKgDAcgDAqoEwgJP0PZFdyzoi1ev7Bcv6nImIChwq8aCl_TLKSV23xK4yiKqi8UuiyA75zyU7r9slQTVPtyvYMVBv1_-1cvbOMbjV6OwSTXFeeHh8xKhbEns0crUjEdfUtrQu8selYWXN9Y14H1b3e9kferepHdUCRumLiE52dCvq63ehChHRdgQC8OtHA9oRXsd9LTULeQx3cHFvszKKVyidxjINifygx9_-iVAiopK-iofgWXtUesk_otIZb7Ds0i_w0WZvFMPfNEBk6oWz0_ej_v3QjZ6gh-gd0Z6JZfyylFD6DB6UX5jENVnxKzbwGeYtvPMuifrnaCTkMskcASYRyCZaQQGGj5X2y0Tc5sRV8E0isFDQZYTo_DYMqcFwthjrCBH1WQuRCtd_spw1jNR1eg863_HTU7pXZosxuYRUB-nbvTWkpECmqem4AQBgAa1_JHwlYSy7-IBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WLGvnYOBz4MD-gsCCAGADAHiDRMI3Oedg4HPgwMVKDpVCB3cgwB50BUBgBcB%26num%3D1%26sig%3DAOD64_3COeXIcSXmgR8V1yFe-VG0Uje8_g%26client%3Dca-pub-6120805917655100%26adurl%3D

Requested by

Host: 5bfac1e78d50b6cac8dac9b8d2dd593c.safeframe.googlesyndication.com
URL: https://5bfac1e78d50b6cac8dac9b8d2dd593c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

39114c025a3e271277ce33529d0d1329690c44e2247460809109dbb1492bb0b6

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src ;connect-src https:;default-src 'self';font-src ;form-action 'none';frame-src ;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src 'unsafe-inline'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://5bfac1e78d50b6cac8dac9b8d2dd593c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 84286cf35b911d8a-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Tue, 09 Jan 2024 00:04:54 GMT
expires: 0
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy: accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240104/r20110914/client/ Frame C868 3 KB
1 KB 63ms
47ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240104/r20110914/client/window_focus_fy2021.js

Requested by

Host: 5bfac1e78d50b6cac8dac9b8d2dd593c.safeframe.googlesyndication.com
URL: https://5bfac1e78d50b6cac8dac9b8d2dd593c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5bfac1e78d50b6cac8dac9b8d2dd593c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 20:46:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11909
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 22 Jan 2024 20:46:25 GMT

GET
H2 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame D3B7 1 KB
1001 B 114ms
39ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 5bfac1e78d50b6cac8dac9b8d2dd593c.safeframe.googlesyndication.com
URL: https://5bfac1e78d50b6cac8dac9b8d2dd593c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5bfac1e78d50b6cac8dac9b8d2dd593c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 53484
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 08 Jan 2024 09:13:30 GMT
etag: 48472445140208031
expires: Tue, 09 Jan 2024 09:13:30 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240104/r20110914/client/ Frame C868 20 KB
9 KB 50ms
36ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240104/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 5bfac1e78d50b6cac8dac9b8d2dd593c.safeframe.googlesyndication.com
URL: https://5bfac1e78d50b6cac8dac9b8d2dd593c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2f764c969a82705ba7838239087f5ff9b33e978b6bae2657e299b6b14c30ad7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5bfac1e78d50b6cac8dac9b8d2dd593c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 20:46:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11909
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8523
x-xss-protection: 0
server: cafe
etag: 16500369019378894752
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 22 Jan 2024 20:46:25 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame C868 0
0 43ms
42ms Image
text/html 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRtyXiivCc31Xi8OZ4fjU-xTVW0AIA-8_FNayZN89nKaPtiqo3nkS3E3RiBaLj9-9gXJrobSl9Euw03F3lVIygCe_bVPg
Requested by: Host: 5bfac1e78d50b6cac8dac9b8d2dd593c.safeframe.googlesyndication.com
URL: https://5bfac1e78d50b6cac8dac9b8d2dd593c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5bfac1e78d50b6cac8dac9b8d2dd593c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame C868 24 KB
7 KB 57ms
43ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 5bfac1e78d50b6cac8dac9b8d2dd593c.safeframe.googlesyndication.com
URL: https://5bfac1e78d50b6cac8dac9b8d2dd593c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5bfac1e78d50b6cac8dac9b8d2dd593c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 10:17:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 308830
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 04 Jan 2025 10:17:44 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame C868 205 KB
65 KB 126ms
50ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 5bfac1e78d50b6cac8dac9b8d2dd593c.safeframe.googlesyndication.com
URL: https://5bfac1e78d50b6cac8dac9b8d2dd593c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

daab8a66fad84e54d32b62c10a996179c4d17efc15fc7aa77a5927dbb6cd10a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5bfac1e78d50b6cac8dac9b8d2dd593c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 00:04:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66227
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1704717871404979"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 09 Jan 2024 00:04:54 GMT

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame CB3E 33 KB
34 KB 110ms
36ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.melhoresdestinos.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 04:01:15 GMT
x-content-type-options: nosniff
age: 590620
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 01 Jan 2025 04:01:15 GMT

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame D3B7
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEP5fc1cO8smJ8txW3nr9mC4&google_cver=1&google_push=AXcoOmQ_tJ5v9maj_CJ8a3lZtTIpbPaFn72UH5N3bAyupa9vLmhvCQdIsysRQABCOPtOfaRUDC-8NIGq2tnskX_73w6811beeu_nTA
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=ODU0Mjk0MDQzNzgwODg0Nzg0MQ==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEP5fc1cO8smJ8txW3nr9mC4&google_cver=1

43 B
398 B

24ms
23ms

Image
image/gif

2001:678:cb4:bbbb::11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEP5fc1cO8smJ8txW3nr9mC4&google_cver=1
Requested by: Host: www.melhoresdestinos.com.br
URL: https://www.melhoresdestinos.com.br/
Protocol: H2
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 09 Jan 2024 00:04:54 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Tue, 09 Jan 2024 00:04:55 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEP5fc1cO8smJ8txW3nr9mC4&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame D3B7
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEJO-VRnDyHo8zSu6Kbo2ZGg&google_cver=1&google_push=AXcoOmR2KXGMj6XMX-oCL6X5CFgvpWgbocggZMjiwn7Nvtnjn1RTIs4cik6KzqH9PSy9WXfhY5UovTet3i2yco7EMr0tpky2RLDcng
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=F9D91BD4AC174CAB98BE824B1E6736E2&google_push=AXcoOmR2KXGMj6XMX-oCL6X5CFgvpWgbocggZMjiwn7Nvtnjn1RTIs4cik6KzqH9PSy9WXfhY5UovTet3i2yco7...

170 B
232 B

74ms
24ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=F9D91BD4AC174CAB98BE824B1E6736E2&google_push=AXcoOmR2KXGMj6XMX-oCL6X5CFgvpWgbocggZMjiwn7Nvtnjn1RTIs4cik6KzqH9PSy9WXfhY5UovTet3i2yco7EMr0tpky2RLDcng

Requested by

Host: 5bfac1e78d50b6cac8dac9b8d2dd593c.safeframe.googlesyndication.com
URL: https://5bfac1e78d50b6cac8dac9b8d2dd593c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Jan 2024 00:04:55 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 09 Jan 2024 00:04:55 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=F9D91BD4AC174CAB98BE824B1E6736E2&google_push=AXcoOmR2KXGMj6XMX-oCL6X5CFgvpWgbocggZMjiwn7Nvtnjn1RTIs4cik6KzqH9PSy9WXfhY5UovTet3i2yco7EMr0tpky2RLDcng
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Mon, 08 Jan 2024 00:04:55 GMT

GET
H2 204 AdxPixel
tr.blismedia.com/v1/api/sync/ Frame D3B7 0
174 B 129ms
42ms Image
text/plain 34.96.105.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEAoHszBbWJk-Sj-kcpAAC6w&google_cver=1&google_push=AXcoOmTNjRsamBW_3X4LjjMsOQW016_s2HR6i0rU9lNNgOFpYeAgOOk0Rs8lkETqNCPbMVyPdD6YCvr9x9-oxF2X_SV5v31inisgrA
Requested by: Host: 5bfac1e78d50b6cac8dac9b8d2dd593c.safeframe.googlesyndication.com
URL: https://5bfac1e78d50b6cac8dac9b8d2dd593c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.105.96.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 00:04:55 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D3B7
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEGerr3RoK0Zs8bfe-Jl88JU&google_cver=1&google_push=AXcoOmSEA8Tkf2bA-ZPdM2tdSzhbcfq3LW3yz7lYir5EYKfptAHFZJTS2Oa5Q8HZahKGFkapUkzWCoOVOXAv8J...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMyMTg4Mjg0MjU5ODM0MDc2NA%3D%3D&google_push=AXcoOmSEA8Tkf2bA-ZPdM2tdSzhbcfq3LW3yz7lYir5EYKfptAHFZJTS2Oa5Q8HZahKGFkapUkzWCoOVOXAv8JsnVe...

170 B
188 B

35ms
34ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMyMTg4Mjg0MjU5ODM0MDc2NA%3D%3D&google_push=AXcoOmSEA8Tkf2bA-ZPdM2tdSzhbcfq3LW3yz7lYir5EYKfptAHFZJTS2Oa5Q8HZahKGFkapUkzWCoOVOXAv8JsnVeYrU9FTZIb2Sg

Requested by

Host: www.melhoresdestinos.com.br
URL: https://www.melhoresdestinos.com.br/

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Jan 2024 00:04:55 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMyMTg4Mjg0MjU5ODM0MDc2NA%3D%3D&google_push=AXcoOmSEA8Tkf2bA-ZPdM2tdSzhbcfq3LW3yz7lYir5EYKfptAHFZJTS2Oa5Q8HZahKGFkapUkzWCoOVOXAv8JsnVeYrU9FTZIb2Sg
Date: Tue, 09 Jan 2024 00:04:55 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H2 200 UCookieSetPug
image6.pubmatic.com/AdServer/ Frame D3B7 0
166 B 126ms
40ms Image
text/html 198.47.127.19
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESELY8q-cmFL1pb3ZUQstnlYI&google_cver=1&google_push=AXcoOmQT9KRQZVyBMUe3diP9azR5eZmi6TvgdgbzGrJZP5s4GYBuExYf8bUmWTIwuUFcGJqLd3zJJb-gE98rYGMT7UVUZSh6PsmUHQ
Requested by: Host: 5bfac1e78d50b6cac8dac9b8d2dd593c.safeframe.googlesyndication.com
URL: https://5bfac1e78d50b6cac8dac9b8d2dd593c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date: Tue, 09 Jan 2024 00:04:52 GMT
content-length: 0
content-type: text/html; charset=UTF-8

GET
H2 204 -
s.ad.smaato.net/c/n/// Frame D3B7 0
237 B 140ms
54ms Image
text/plain 2600:9000:224a:ce00:1b:5138:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEF6oHnQOYzetjGWKRMZOCbo&google_cver=1&google_push=AXcoOmQ9Zp5yTPatfsft4Wb8EYbBpQr0msZI9TnSF3gNFF27ANdEwu7FOwzvYMkHiD_otNvBdMCNwSsxB54JDkS1erOGpmXgtCEn-A
Requested by: Host: 5bfac1e78d50b6cac8dac9b8d2dd593c.safeframe.googlesyndication.com
URL: https://5bfac1e78d50b6cac8dac9b8d2dd593c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:ce00:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 00:04:55 GMT
cache-control: no-cache, must-revalidate
via: 1.1 5297df6326448099cefed6e96fd7b00a.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: t9edSe2FwnNnRZPzfi6BnuPeOWOo0eUB9j9Euru0VM5YHeDKZ_tDZw==
x-cache: Miss from cloudfront

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame D3B7
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEM9njP6IbWCzscfi9rtWWdY&google_cver=1&google_push=AXcoOmTOwFTtFz6QOeIhIHAEpyESeLCAn1aUrSSjcMW7efHnk65j3-A3SbuLypy7AeU_9iFzoalsMu3L2s7AbKWE4yPkXMIye2...
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AXcoOmTOwFTtFz6QOeIhIHAEpyESeLCAn1aUrSSjcMW7efHnk65j3-A3SbuLypy7AeU_9iFzoalsMu3L2s7AbKWE4yPkXMIye2_...
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzA1MjM4OTkzMjU2NDA4MjA2NDI2MQ%3D%3D&google_push=AXcoOmTOwFTtFz6QOeIhIHAEpyESeLCAn1aUrSSjcMW7efHnk65j3-A3...

170 B
329 B

50ms
23ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzA1MjM4OTkzMjU2NDA4MjA2NDI2MQ%3D%3D&google_push=AXcoOmTOwFTtFz6QOeIhIHAEpyESeLCAn1aUrSSjcMW7efHnk65j3-A3SbuLypy7AeU_9iFzoalsMu3L2s7AbKWE4yPkXMIye2_BiQ

Requested by

Host: 5bfac1e78d50b6cac8dac9b8d2dd593c.safeframe.googlesyndication.com
URL: https://5bfac1e78d50b6cac8dac9b8d2dd593c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Jan 2024 00:04:55 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzA1MjM4OTkzMjU2NDA4MjA2NDI2MQ%3D%3D&google_push=AXcoOmTOwFTtFz6QOeIhIHAEpyESeLCAn1aUrSSjcMW7efHnk65j3-A3SbuLypy7AeU_9iFzoalsMu3L2s7AbKWE4yPkXMIye2_BiQ
date: Tue, 09 Jan 2024 00:04:55 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame D3B7 0
139 B 204ms
19ms Image
text/html 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KQU-EFwcACjFnhk5RAFkx4RKkP7bRhJhzuDTEZNeKrebbk-IgQMYaHVX2gt0dIqXRuYNYV

Requested by

Host: 5bfac1e78d50b6cac8dac9b8d2dd593c.safeframe.googlesyndication.com
URL: https://5bfac1e78d50b6cac8dac9b8d2dd593c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 00:04:55 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 default.css
as.ad4m.at/ad/style/0.1.50/one-ad/ Frame 5D16 115 KB
13 KB 49ms
48ms Stylesheet
text/css 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1hee4hm0w4t7d512a0s4hzrf5cq62zcenfrrq8wq25wcv94rpm1pk5vmh59m78g9myc2tmnr90fpzvntjqpamnt4wjk2nq04q5gsxktj061zpmmppcz7bq0scfhbsqae5cpde9ax9hvqrmccspmrzggmjkkz9qb07aw9k6gv896kw4qgh2vxka1mfsnedpvxbdsth9bttfkettrfgc0d45c3hqxvk77nm7ghr8ncfder4pcqk0vrgnazqgy8hxa0fwmxgz8gmnhnw2x2fwgd9znt10ev84ed5yeaad7asqwm57j5ar2pddgjf95tzpa32cba50v5655d45g5trg72tjftydj5agf64843h5vdmw2z84jsnpe1wxvtree19vwph97f5wtn0pswc08my54ahk57fpe8m5n1exqqacq5jzpfkj8mnh6vk5q7pjtvksn99ngdkfey4&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCajKRpo2cZb2MFqj01PIP3IeCyAeQ4YGEXLaoworwAsCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi02MTIwODA1OTE3NjU1MTAwyAEJqQKHoCQ3TGKyPuACAKgDAcgDAqoEwgJP0PZFdyzoi1ev7Bcv6nImIChwq8aCl_TLKSV23xK4yiKqi8UuiyA75zyU7r9slQTVPtyvYMVBv1_-1cvbOMbjV6OwSTXFeeHh8xKhbEns0crUjEdfUtrQu8selYWXN9Y14H1b3e9kferepHdUCRumLiE52dCvq63ehChHRdgQC8OtHA9oRXsd9LTULeQx3cHFvszKKVyidxjINifygx9_-iVAiopK-iofgWXtUesk_otIZb7Ds0i_w0WZvFMPfNEBk6oWz0_ej_v3QjZ6gh-gd0Z6JZfyylFD6DB6UX5jENVnxKzbwGeYtvPMuifrnaCTkMskcASYRyCZaQQGGj5X2y0Tc5sRV8E0isFDQZYTo_DYMqcFwthjrCBH1WQuRCtd_spw1jNR1eg863_HTU7pXZosxuYRUB-nbvTWkpECmqem4AQBgAa1_JHwlYSy7-IBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WLGvnYOBz4MD-gsCCAGADAHiDRMI3Oedg4HPgwMVKDpVCB3cgwB50BUBgBcB%26num%3D1%26sig%3DAOD64_3COeXIcSXmgR8V1yFe-VG0Uje8_g%26client%3Dca-pub-6120805917655100%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1hee4hm0w4t7d512a0s4hzrf5cq62zcenfrrq8wq25wcv94rpm1pk5vmh59m78g9myc2tmnr90fpzvntjqpamnt4wjk2nq04q5gsxktj061zpmmppcz7bq0scfhbsqae5cpde9ax9hvqrmccspmrzggmjkkz9qb07aw9k6gv896kw4qgh2vxka1mfsnedpvxbdsth9bttfkettrfgc0d45c3hqxvk77nm7ghr8ncfder4pcqk0vrgnazqgy8hxa0fwmxgz8gmnhnw2x2fwgd9znt10ev84ed5yeaad7asqwm57j5ar2pddgjf95tzpa32cba50v5655d45g5trg72tjftydj5agf64843h5vdmw2z84jsnpe1wxvtree19vwph97f5wtn0pswc08my54ahk57fpe8m5n1exqqacq5jzpfkj8mnh6vk5q7pjtvksn99ngdkfey4&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCajKRpo2cZb2MFqj01PIP3IeCyAeQ4YGEXLaoworwAsCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi02MTIwODA1OTE3NjU1MTAwyAEJqQKHoCQ3TGKyPuACAKgDAcgDAqoEwgJP0PZFdyzoi1ev7Bcv6nImIChwq8aCl_TLKSV23xK4yiKqi8UuiyA75zyU7r9slQTVPtyvYMVBv1_-1cvbOMbjV6OwSTXFeeHh8xKhbEns0crUjEdfUtrQu8selYWXN9Y14H1b3e9kferepHdUCRumLiE52dCvq63ehChHRdgQC8OtHA9oRXsd9LTULeQx3cHFvszKKVyidxjINifygx9_-iVAiopK-iofgWXtUesk_otIZb7Ds0i_w0WZvFMPfNEBk6oWz0_ej_v3QjZ6gh-gd0Z6JZfyylFD6DB6UX5jENVnxKzbwGeYtvPMuifrnaCTkMskcASYRyCZaQQGGj5X2y0Tc5sRV8E0isFDQZYTo_DYMqcFwthjrCBH1WQuRCtd_spw1jNR1eg863_HTU7pXZosxuYRUB-nbvTWkpECmqem4AQBgAa1_JHwlYSy7-IBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WLGvnYOBz4MD-gsCCAGADAHiDRMI3Oedg4HPgwMVKDpVCB3cgwB50BUBgBcB%26num%3D1%26sig%3DAOD64_3COeXIcSXmgR8V1yFe-VG0Uje8_g%26client%3Dca-pub-6120805917655100%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 00:04:55 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 149018
cf-polished: origSize=118430
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 02 Nov 2023 10:26:17 GMT
server: cloudflare
etag: W/"486507ccce9ac587d11c0ef3f32a109a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3dFNZ1IUHvfX02wQFIyykGAC7loIqzHHAC178Mc%2FZ8z3QFGiSxosZkIoghCnFSm1gwSUVBtK5mAGRJBX4PTBYiEXeBpWKz9Yu91bHU8j5sQfsbtHI7aqmLdo3zzmW2cjtsfk7DWpXUk%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=86400
cf-ray: 84286cf3bbc91d8a-FRA
expires: Wed, 10 Jan 2024 00:04:55 GMT

GET
H2 200 r62eglto.js Show response
ad4m.at/ Frame 5D16 24 KB
10 KB 47ms
46ms Script
application/javascript 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1hee4hm0w4t7d512a0s4hzrf5cq62zcenfrrq8wq25wcv94rpm1pk5vmh59m78g9myc2tmnr90fpzvntjqpamnt4wjk2nq04q5gsxktj061zpmmppcz7bq0scfhbsqae5cpde9ax9hvqrmccspmrzggmjkkz9qb07aw9k6gv896kw4qgh2vxka1mfsnedpvxbdsth9bttfkettrfgc0d45c3hqxvk77nm7ghr8ncfder4pcqk0vrgnazqgy8hxa0fwmxgz8gmnhnw2x2fwgd9znt10ev84ed5yeaad7asqwm57j5ar2pddgjf95tzpa32cba50v5655d45g5trg72tjftydj5agf64843h5vdmw2z84jsnpe1wxvtree19vwph97f5wtn0pswc08my54ahk57fpe8m5n1exqqacq5jzpfkj8mnh6vk5q7pjtvksn99ngdkfey4&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCajKRpo2cZb2MFqj01PIP3IeCyAeQ4YGEXLaoworwAsCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi02MTIwODA1OTE3NjU1MTAwyAEJqQKHoCQ3TGKyPuACAKgDAcgDAqoEwgJP0PZFdyzoi1ev7Bcv6nImIChwq8aCl_TLKSV23xK4yiKqi8UuiyA75zyU7r9slQTVPtyvYMVBv1_-1cvbOMbjV6OwSTXFeeHh8xKhbEns0crUjEdfUtrQu8selYWXN9Y14H1b3e9kferepHdUCRumLiE52dCvq63ehChHRdgQC8OtHA9oRXsd9LTULeQx3cHFvszKKVyidxjINifygx9_-iVAiopK-iofgWXtUesk_otIZb7Ds0i_w0WZvFMPfNEBk6oWz0_ej_v3QjZ6gh-gd0Z6JZfyylFD6DB6UX5jENVnxKzbwGeYtvPMuifrnaCTkMskcASYRyCZaQQGGj5X2y0Tc5sRV8E0isFDQZYTo_DYMqcFwthjrCBH1WQuRCtd_spw1jNR1eg863_HTU7pXZosxuYRUB-nbvTWkpECmqem4AQBgAa1_JHwlYSy7-IBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WLGvnYOBz4MD-gsCCAGADAHiDRMI3Oedg4HPgwMVKDpVCB3cgwB50BUBgBcB%26num%3D1%26sig%3DAOD64_3COeXIcSXmgR8V1yFe-VG0Uje8_g%26client%3Dca-pub-6120805917655100%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e688c863b85a28f75e5c1c7f21092f1f419649e10496f9f1fc36826112bbd348

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 00:04:55 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 29 Nov 2023 09:14:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 485403
etag: W/"aa3e81d21ff1f0e18f4862e53a794952"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2Gs7u82nWQVLob9WN8T5C1jP43hHmXlvPDyV%2Fnpw3il8U1yIF0gQ%2BzfPUxSQkVneMlYHUJfWfR2B5FGvpAmaJbKnLX7iCoBa7WxGu44kmfH91g8Unhwjlg53b8axRF7SqpgbEpM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 84286cf3bbca1d8a-FRA
alt-svc: h3=":443"; ma=86400
expires: Wed, 27 Dec 2023 09:17:16 GMT

GET
H3 200 cookie-frame.html Show response
ad4m.at/ Frame 96B5 2 KB
2 KB 44ms
43ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/cookie-frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0db16c25165bfd35ea9114187f3e97d7084a33135cb56fe276f6cdd2ab675647

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 850883
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=86400, stale-if-error=86400
cf-cache-status: HIT
cf-ray: 84286cf46c8e9b1f-FRA
content-encoding: br
content-language: en
content-type: text/html
date: Tue, 09 Jan 2024 00:04:55 GMT
expires: Wed, 29 Nov 2023 11:19:10 GMT
last-modified: Tue, 28 Nov 2023 11:49:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jp9ERY7IHGlqWKO%2BGAhpdm6s5p1qkMpkUQMh46FA8NCQsRv2hO5D328AuJvPaf0k%2Fqf32JIE8BQBgdeYApaisgtqjjzUu1pgbQ5jeVs6Ylp3VZtVjH38WqsiY3LLa12KLlURhTs%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame CB3E 0
0 70ms
69ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Ckbclpo2cZbuMFqj01PIP3IeCyAeV5a-XbpXH9NmGEsKTzNruQRABIM7JjxpglYKAgLAHoAG__-moAsgBCakCh6AkN0xisj7gAgCoAwHIAwqqBNwCT9CTaXvRCKWAgGOSExKdzeaNLJn5b3VEVXRNBmRYgC4DQrZqQ8nayenP3QcQ4AXkqGeMEuRtGHfPZmfoWlJre003rKNc3MrAWRzWeZqoQiq9OnwmkBZXkYt2FMPT3l7FQxcNyUSMZNf1NmilT0er180SSFSnbbd0EBFgUQX9u3-0e2Hi7gLmF0Uphcf8ePruWenZGpRZqfQ44shkB9SEeScozahn3KgL2dx_iZ3plxgcvFKcuXZxENQ9_TXbXSX85MHgiEE6QN9MLbxmN6WYvAgfXMG5ajRpRWswoIFA2LofT-vNPeWtlgTrrXDbGG2F6sgMRrJ3raEVwXeUCxwIlq6SykKeOLO3LdSDY1DSrMcZU_10p6iBBlW6oBKS46xsFYkELlvBI8cCZ0aSzrHDfB2F5CxfGvgkWxl1KW1L6l-Ok06oF-_6oravdqxqlxw5Kf7mjstv09cQ6OhFwASCzZbztATgBAGIBfCY5-snoAYugAepgJbXAagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcA8gcFEJuNrAHSCB8IgOGAEBABGB0yAqoCOgKAQEi9_cE6WLGvnYOBz4MDmgkyaHR0cHM6Ly93d3cuZWlucmljaHR1bmdlbi1icnVja3dpbGRlci5kZS9Ba3Rpb25lbi-ACgPICwGiDAwqCgoIrLqxAru7sQLiDRMI2uedg4HPgwMVKDpVCB3cgwB52BMDiBQD0BUBgBcBshceChwIABIUcHViLTE0ODA4NDQ5NTU5NTk0MDMYrK8G&sigh=ZQBoxvQIOos&uach_m=%5B%5D&ase=2&nis=5&cid=CAQSPAAvHhf__Zan-qG0Itetjw60u_LkSDNVsIJjPz2LQ0WXWRQelx_aSe2e40iutcB5QjWFlG1vdb-adhgLbBgB&template_id=5000&cbvp=2
Requested by: Host: www.melhoresdestinos.com.br
URL: https://www.melhoresdestinos.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.melhoresdestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame C868 0
0 65ms
64ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Ciy3mpo2cZb2MFqj01PIP3IeCyAeQ4YGEXLaoworwAsCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi02MTIwODA1OTE3NjU1MTAwyAEJqQKHoCQ3TGKyPuACAKgDAcgDAqoEvwJP0PZFdyzoi1ev7Bcv6nImIChwq8aCl_TLKSV23xK4yiKqi8UuiyA75zyU7r9slQTVPtyvYMVBv1_-1cvbOMbjV6OwSTXFeeHh8xKhbEns0crUjEdfUtrQu8selYWXN9Y14H1b3e9kferepHdUCRumLiE52dCvq63ehChHRdgQC8OtHA9oRXsd9LTULeQx3cHFvszKKVyidxjINifygx9_-iVAiopK-iofgWXtUesk_otIZb7Ds0i_w0WZvFMPfNEBk6oWz0_ej_v3QjZ6gh-gd0Z6JZfyylFD6DB6UX5jENVnxKzbwGeYtvPMuifrnaCTkMskcASYRyCZaQQGGj5X2y0Tc5sRV8E0isFDQZYTo_DYMqcFwthjrGJF9Pb5vawdNk04QOkYRxoF_3VqR2DxgBruj3TpxAGLdiEKDdHK4AQBgAa1_JHwlYSy7-IBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WLGvnYOBz4MDgAoD-gsCCAGADAHiDRMI3Oedg4HPgwMVKDpVCB3cgwB50BUBgBcBshccChoSFHB1Yi02MTIwODA1OTE3NjU1MTAwGKyvBg&sigh=N4AkUQqs-9c&uach_m=%5BUACH%5D&cid=CAQSPAAvHhf__Zan-qG0Itetjw60u_LkSDNVsIJjPz2LQ0WXWRQelx_aSe2e40iutcB5QjWFlG1vdb-adhgLbBgB&cbvp=2&vis=1
Requested by: Host: www.melhoresdestinos.com.br
URL: https://www.melhoresdestinos.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5bfac1e78d50b6cac8dac9b8d2dd593c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame C868 0
103 B 50ms
22ms Image
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1hyyhy3wm2d7tnx2fby6q043mw5h00kxszqescmaggrd83fg0mv6va2aft9gecx8aj49c822az0gyqa76tf43cbpma3stk0nzy9ejsttys790swe3nzgkm4qxxz671y2g6807smvr9nq83dmb1s719pjs3aqe4zb5dwy1gjc8n2rcgmpwfm92yktmnb0k42arez9gf98vpq4fj2k7nqz6zv88wscqdmvw2jmjadjm7yxb9qnhdpqdcfewmnjeyyb9xaj2ch12cmcwrqwx17cnqbga02gqv9wqykdmhxpne55nwjqgqr1v4225x2bbhcdhawk2wqga7988sy5x8v3cx192vxb7yt29m1xbdz66mdstk7b27pvsjqykx8y0wm5a0n00hw5n7gr6a8&b=ZZyNpgAFhj0IVTooAACD3EOeHCdIg65XxjymBw&cbvp=2
Requested by: Host: www.melhoresdestinos.com.br
URL: https://www.melhoresdestinos.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5bfac1e78d50b6cac8dac9b8d2dd593c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 09 Jan 2024 00:04:55 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 47ms
31ms Preflight
text/plain 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 84286cf4cd598ff5-FRA
content-length: 24
content-type: text/plain
date: Tue, 09 Jan 2024 00:04:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aieFcjecPFxNqADHYtb%2Fs%2BjudXoqIY%2FHsWxdUhlAw15bEXlBezqWW0Sw58gAsSIHzcd1QMu9sDTgobe%2F4vYZKrUH4lELc%2FHxDqfhRqMo09bpWYcvGM9nbRa57StoBndcRvYrp2E%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-7gmt

POST
H3 200 rs Show response
ad4m.at/ Frame 5D16 2 KB
2 KB 49ms
49ms XHR
text/plain 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e043996a9801fe2e7d0887608fd2f7cc439fa907e44010f6b01769bc392bef81

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 09 Jan 2024 00:04:55 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tSB%2BDpIguoseNI0dpU43cetNjdGQblUj3O9PpXnCDBr0auZofttDbRW9j2fPLfXHccRVmdr%2F1Ap1qEKmsnq3x%2Fc2WUlpjjpdykPHZhHkWvKmTawiTYJ6wJPS%2FZRVfIdVoXgth5Q%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
cf-ray: 84286cf50d708ff5-FRA
x-backend-server: aa-reachservice-group-europe-west1-7gmt
alt-svc: h3=":443"; ma=86400

GET
H3 200 container.html Show response
5bfac1e78d50b6cac8dac9b8d2dd593c.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame F345 6 KB
3 KB 26ms
26ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5bfac1e78d50b6cac8dac9b8d2dd593c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.melhoresdestinos.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 09 Jan 2024 00:04:54 GMT
expires: Wed, 08 Jan 2025 00:04:54 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
5bfac1e78d50b6cac8dac9b8d2dd593c.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 84AE 6 KB
3 KB 25ms
25ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5bfac1e78d50b6cac8dac9b8d2dd593c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.melhoresdestinos.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 09 Jan 2024 00:04:54 GMT
expires: Wed, 08 Jan 2025 00:04:54 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame 3595 10 KB
5 KB 46ms
46ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=34719%2C117569%2C22451&b=KXRURfZfk7dT5HMHktPteG4S7SAT88qcp25b%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2CG1rtBfpf8m7SKHeHGtPt31dHZSYTJJkCQV5M&f=kkDa5f3fBKMa4HwHetmCw5WuZSjTmmAa91Ye%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CVb8twfmfQxbhVHbHAtXC8j4cBSzTggWuDJ7x&c=300&d=250&e=&g=3e2445f27605b758fa02d6fb44e6a8d9%2F11117739943320941839&i=26474%2C29981%2C25174&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1704758695216&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j7rz37kenrq7ky69x04kfrp79kngzzdk3v480gnngwe1426vtvh4yx9raew81fh003sz09zbwcwj6zbsfyvxxvszzrxh9hbzckp6s3argg3gvnq0ev19zpkcpkz1x2qc7pgbezngxad8eygqa6vxccf63xbyhtvemqh3y12ehrcywe61m19nf7b4a04xmw8sb2nye7my8172b0tf7fn107ha2wrj0sc6a3hb461gyc6fnxd9aacb76tkn0sn91jxdz8428gskkhvtmmpagdmmw3%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCajKRpo2cZb2MFqj01PIP3IeCyAeQ4YGEXLaoworwAsCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi02MTIwODA1OTE3NjU1MTAwyAEJqQKHoCQ3TGKyPuACAKgDAcgDAqoEwgJP0PZFdyzoi1ev7Bcv6nImIChwq8aCl_TLKSV23xK4yiKqi8UuiyA75zyU7r9slQTVPtyvYMVBv1_-1cvbOMbjV6OwSTXFeeHh8xKhbEns0crUjEdfUtrQu8selYWXN9Y14H1b3e9kferepHdUCRumLiE52dCvq63ehChHRdgQC8OtHA9oRXsd9LTULeQx3cHFvszKKVyidxjINifygx9_-iVAiopK-iofgWXtUesk_otIZb7Ds0i_w0WZvFMPfNEBk6oWz0_ej_v3QjZ6gh-gd0Z6JZfyylFD6DB6UX5jENVnxKzbwGeYtvPMuifrnaCTkMskcASYRyCZaQQGGj5X2y0Tc5sRV8E0isFDQZYTo_DYMqcFwthjrCBH1WQuRCtd_spw1jNR1eg863_HTU7pXZosxuYRUB-nbvTWkpECmqem4AQBgAa1_JHwlYSy7-IBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WLGvnYOBz4MD-gsCCAGADAHiDRMI3Oedg4HPgwMVKDpVCB3cgwB50BUBgBcB%2526num%253D1%2526sig%253DAOD64_3COeXIcSXmgR8V1yFe-VG0Uje8_g%2526client%253Dca-pub-6120805917655100%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0241f000f7b3a725165ba6e53d133cd14708b3697f7d6d54b697b310a2288efd

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src ;connect-src https:;default-src 'self';font-src ;form-action 'none';frame-src ;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src 'unsafe-inline'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1hee4hm0w4t7d512a0s4hzrf5cq62zcenfrrq8wq25wcv94rpm1pk5vmh59m78g9myc2tmnr90fpzvntjqpamnt4wjk2nq04q5gsxktj061zpmmppcz7bq0scfhbsqae5cpde9ax9hvqrmccspmrzggmjkkz9qb07aw9k6gv896kw4qgh2vxka1mfsnedpvxbdsth9bttfkettrfgc0d45c3hqxvk77nm7ghr8ncfder4pcqk0vrgnazqgy8hxa0fwmxgz8gmnhnw2x2fwgd9znt10ev84ed5yeaad7asqwm57j5ar2pddgjf95tzpa32cba50v5655d45g5trg72tjftydj5agf64843h5vdmw2z84jsnpe1wxvtree19vwph97f5wtn0pswc08my54ahk57fpe8m5n1exqqacq5jzpfkj8mnh6vk5q7pjtvksn99ngdkfey4&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCajKRpo2cZb2MFqj01PIP3IeCyAeQ4YGEXLaoworwAsCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi02MTIwODA1OTE3NjU1MTAwyAEJqQKHoCQ3TGKyPuACAKgDAcgDAqoEwgJP0PZFdyzoi1ev7Bcv6nImIChwq8aCl_TLKSV23xK4yiKqi8UuiyA75zyU7r9slQTVPtyvYMVBv1_-1cvbOMbjV6OwSTXFeeHh8xKhbEns0crUjEdfUtrQu8selYWXN9Y14H1b3e9kferepHdUCRumLiE52dCvq63ehChHRdgQC8OtHA9oRXsd9LTULeQx3cHFvszKKVyidxjINifygx9_-iVAiopK-iofgWXtUesk_otIZb7Ds0i_w0WZvFMPfNEBk6oWz0_ej_v3QjZ6gh-gd0Z6JZfyylFD6DB6UX5jENVnxKzbwGeYtvPMuifrnaCTkMskcASYRyCZaQQGGj5X2y0Tc5sRV8E0isFDQZYTo_DYMqcFwthjrCBH1WQuRCtd_spw1jNR1eg863_HTU7pXZosxuYRUB-nbvTWkpECmqem4AQBgAa1_JHwlYSy7-IBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WLGvnYOBz4MD-gsCCAGADAHiDRMI3Oedg4HPgwMVKDpVCB3cgwB50BUBgBcB%26num%3D1%26sig%3DAOD64_3COeXIcSXmgR8V1yFe-VG0Uje8_g%26client%3Dca-pub-6120805917655100%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 84286cf56ccf9b1f-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Tue, 09 Jan 2024 00:04:55 GMT
expires: 0
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy: accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H2 200 symbol-defs.svg
www.melhoresdestinos.com.br/wp-content/themes/md2023/img/ 18 KB
7 KB 227ms
224ms Other
image/svg+xml 170.82.174.15
EPP

General

Check archive.org

Show headers Download Go to

Full URL: https://www.melhoresdestinos.com.br/wp-content/themes/md2023/img/symbol-defs.svg
Requested by: Host: www.melhoresdestinos.com.br
URL: https://www.melhoresdestinos.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),
Reverse DNS
Software: gocache /
Resource Hash: bd41bcb64339dafed9f5d2864f6195cb2939f54f3bc55e511d9aa3b4b6072ed5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.melhoresdestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: public
date: Tue, 09 Jan 2024 00:04:55 GMT
via: 1.1 google
content-encoding: gzip
last-modified: Mon, 13 Nov 2023 02:59:29 GMT
server: gocache
etag: W/"65519111-46ce"
x-gocache-cachestatus: HIT
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=15552000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 07 Jul 2024 00:04:55 GMT

GET
H2 200 bghometeste.png
www.melhoresdestinos.com.br/wp-content/themes/md2023/img/ 340 KB
340 KB 300ms
299ms Image
image/webp 170.82.174.15
EPP

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.melhoresdestinos.com.br/wp-content/themes/md2023/img/bghometeste.png
Requested by: Host: www.melhoresdestinos.com.br
URL: https://www.melhoresdestinos.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),
Reverse DNS
Software: gocache /
Resource Hash: c19742cd5bd579c79780439356b4237f0a35453c3de08f0272b99d00a4ea9bb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.melhoresdestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: public
date: Tue, 09 Jan 2024 00:04:55 GMT
via: 1.1 google
x-gocache-image: optimized
last-modified: Tue, 07 Nov 2023 03:29:00 GMT
server: gocache
etag: "6549aefc-14835d"
x-gocache-cachestatus: HIT
content-type: image/webp
cache-control: max-age=15552000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 347876
expires: Sun, 07 Jul 2024 00:04:55 GMT

POST
H2 200 collect
www.google-analytics.com/ 35 B
355 B 98ms
42ms Ping
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/collect

Requested by

Host: www.melhoresdestinos.com.br
URL: https://www.melhoresdestinos.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.melhoresdestinos.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 09 Jan 2024 00:04:55 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: https://www.melhoresdestinos.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect
www.google-analytics.com/ 35 B
100 B 99ms
43ms Ping
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/collect

Requested by

Host: www.melhoresdestinos.com.br
URL: https://www.melhoresdestinos.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.melhoresdestinos.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 09 Jan 2024 00:04:55 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: https://www.melhoresdestinos.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 the-beach-sao-roque-praia-capa-01-377x198.jpg
www.melhoresdestinos.com.br/wp-content/uploads/2024/01/ 25 KB
25 KB 443ms
441ms Image
image/jpeg 170.82.174.15
EPP

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.melhoresdestinos.com.br/wp-content/uploads/2024/01/the-beach-sao-roque-praia-capa-01-377x198.jpg
Requested by: Host: www.melhoresdestinos.com.br
URL: https://www.melhoresdestinos.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),
Reverse DNS
Software: gocache /
Resource Hash: d494f38c0b8a6df4239ed1f71c5b4e5da2f65dc160403e26c1587d0754c860ce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.melhoresdestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 00:04:55 GMT
x-gocache-image: unmodified
x-gocache-cachestatus: HIT
x-guploader-uploadid: ABPtcPrlNqyP44246ihyUqqiCs5Xb81JzRbl__UjPUH-rVqUNnQDpo8QcOO0QFbJf3NBOGmhb96yfkMjgBSF9-IXEoQevQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25193
x-goog-meta-height: 198
x-goog-meta-file-hash: d41d8cd98f00b204e9800998ecf8427e
last-modified: Mon, 08 Jan 2024 13:21:52 GMT
x-goog-meta-child-of: 438272
server: gocache
etag: "a8a4473dd80748c2352df3fc5cea3a36"
x-goog-generation: 1704720112887657
content-type: image/jpeg
x-goog-hash: crc32c=6APDeg==, md5=qKRHPdgHSMI1LfP8XOo6Ng==
x-goog-meta-width: 377
cache-control: max-age=15552000
x-goog-stored-content-length: 25193
accept-ranges: bytes
x-goog-meta-size: thumb_home
expires: Sun, 07 Jul 2024 00:04:55 GMT

GET
H2 200 passagens-aereas-curitiba-capa2019-04-377x198.jpg
www.melhoresdestinos.com.br/wp-content/uploads/2019/02/ 25 KB
26 KB 478ms
475ms Image
image/jpeg 170.82.174.15
EPP

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.melhoresdestinos.com.br/wp-content/uploads/2019/02/passagens-aereas-curitiba-capa2019-04-377x198.jpg
Requested by: Host: www.melhoresdestinos.com.br
URL: https://www.melhoresdestinos.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),
Reverse DNS
Software: gocache /
Resource Hash: bb9d01c107e3e112dd88b6996d0767503b0be11b76254749cc2e97992e7243c4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.melhoresdestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 00:04:55 GMT
x-gocache-image: unmodified
age: 0
x-gocache-cachestatus: HIT
x-guploader-uploadid: ABPtcPrrt6Fsulo0Qr4_Uo3rAr4UhIa75LknSKOmnNk7Zm_evSTg5So-BtlY-s8xAbbScNrywHnCtsXyeE1N6KQdHvX4ZQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-meta-object-id: 151355
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25506
x-goog-meta-height: 198
x-goog-meta-file-hash: 89755c65e0af2b244872460f5a750594
last-modified: Wed, 24 Jul 2019 00:39:23 GMT
x-goog-meta-child-of: 151355
server: gocache
etag: "60ea230fe70b681a77939fac968917cb"
x-goog-generation: 1563928763868232
content-type: image/jpeg
x-goog-hash: crc32c=O/XJPw==, md5=YOojD+cLaBp3k5+slokXyw==
x-goog-meta-width: 377
cache-control: max-age=15552000
x-goog-meta-source-id: 82bb2cd8e524b6c2293a2b98fdff1551
x-goog-stored-content-length: 25506
accept-ranges: bytes
expires: Sun, 07 Jul 2024 00:04:55 GMT

GET
H2 200 cartoes-caixa-capa2019-01-377x198.jpg
www.melhoresdestinos.com.br/wp-content/uploads/2020/06/ 22 KB
23 KB 308ms
306ms Image
image/jpeg 170.82.174.15
EPP

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.melhoresdestinos.com.br/wp-content/uploads/2020/06/cartoes-caixa-capa2019-01-377x198.jpg
Requested by: Host: www.melhoresdestinos.com.br
URL: https://www.melhoresdestinos.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),
Reverse DNS
Software: gocache /
Resource Hash: f6d557e9212aa657a54ff5da7b10ea0fd2c8f6268c34481b911b0547a6b08507

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.melhoresdestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 00:04:55 GMT
x-gocache-image: unmodified
age: 0
x-gocache-cachestatus: HIT
x-guploader-uploadid: ABPtcPq1DAt23bxXkdTXWhv10m1mhOMH3CfwrXs9wsK-tWCRS8KV4Y9TV7BYO-T72ZBQC58F-uJHZ5YTDtlLBL266x5jwg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22983
x-goog-meta-height: 198
x-goog-meta-file-hash: d41d8cd98f00b204e9800998ecf8427e
last-modified: Tue, 23 Jun 2020 14:56:27 GMT
x-goog-meta-child-of: 219016
server: gocache
etag: "5820b1f5825f20f64ec6afa8d612018a"
x-goog-generation: 1592924187183281
content-type: image/jpeg
x-goog-hash: crc32c=Bb9N2Q==, md5=WCCx9YJfIPZOxq+o1hIBig==
x-goog-meta-width: 377
cache-control: max-age=15552000
x-goog-stored-content-length: 22983
accept-ranges: bytes
expires: Sun, 07 Jul 2024 00:04:55 GMT

GET
H2 200 franca-paris-2022-capa-377x198.jpg
www.melhoresdestinos.com.br/wp-content/uploads/2022/03/ 21 KB
22 KB 478ms
476ms Image
image/jpeg 170.82.174.15
EPP

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.melhoresdestinos.com.br/wp-content/uploads/2022/03/franca-paris-2022-capa-377x198.jpg
Requested by: Host: www.melhoresdestinos.com.br
URL: https://www.melhoresdestinos.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),
Reverse DNS
Software: gocache /
Resource Hash: bee2308613e447e2fc46fa24cd2826eabbf9731ed9eaccbdbc6eabf961f417c9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.melhoresdestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 00:04:55 GMT
x-gocache-image: unmodified
age: 0
x-gocache-cachestatus: HIT
x-guploader-uploadid: ABPtcPrgwDtSOwnhC0d91oB_muSohwOGKpElaJQcNt181B8mJrCnqwduhqH2hkgT9VZ6vAgFvFxqQHO6incdc2gkxycgcQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21759
x-goog-meta-height: 198
x-goog-meta-file-hash: d41d8cd98f00b204e9800998ecf8427e
last-modified: Fri, 11 Mar 2022 13:42:21 GMT
x-goog-meta-child-of: 321561
server: gocache
etag: "695590b40c76d677c1f69390d1545520"
x-goog-generation: 1647006141850045
content-type: image/jpeg
x-goog-hash: crc32c=VXjEdw==, md5=aVWQtAx21nfB9pOQ0VRVIA==
x-goog-meta-width: 377
cache-control: max-age=15552000
x-goog-stored-content-length: 21759
accept-ranges: bytes
x-goog-meta-size: thumb_home
expires: Sun, 07 Jul 2024 00:04:55 GMT

GET
H2 200 construcao-monotrilho-aeroporto-guarulhos-capa-01-377x198.jpg
www.melhoresdestinos.com.br/wp-content/uploads/2021/08/ 18 KB
19 KB 479ms
477ms Image
image/jpeg 170.82.174.15
EPP

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.melhoresdestinos.com.br/wp-content/uploads/2021/08/construcao-monotrilho-aeroporto-guarulhos-capa-01-377x198.jpg
Requested by: Host: www.melhoresdestinos.com.br
URL: https://www.melhoresdestinos.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),
Reverse DNS
Software: gocache /
Resource Hash: 54e6e8bbe43012e803c5a20496abbe9ab8f670076b49a9bbdc3940e53e3a45fc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.melhoresdestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 00:04:55 GMT
x-gocache-image: unmodified
age: 0
x-gocache-cachestatus: HIT
x-guploader-uploadid: ABPtcPpc9Y5T1_i9lcHNHArLUQOgM60VgiE5-o61a2MRnTF5-0rU19OTabyKCJKEzkY-k9g8xNeHWyHTe79en_JGtVHimg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18399
x-goog-meta-height: 198
x-goog-meta-file-hash: d41d8cd98f00b204e9800998ecf8427e
last-modified: Mon, 09 Aug 2021 21:06:17 GMT
x-goog-meta-child-of: 294614
server: gocache
etag: "ad09bef6a74794be41c27817d70c1f8e"
x-goog-generation: 1628543177397479
content-type: image/jpeg
x-goog-hash: crc32c=dxk1Kw==, md5=rQm+9qdHlL5BwngX1wwfjg==
x-goog-meta-width: 377
cache-control: max-age=15552000
x-goog-stored-content-length: 18399
accept-ranges: bytes
x-goog-meta-size: thumb_home
expires: Sun, 07 Jul 2024 00:04:55 GMT

GET
H2 200 capa-sky-avaliacao-377x189.jpg
www.melhoresdestinos.com.br/wp-content/uploads/2018/09/ 8 KB
9 KB 315ms
313ms Image
image/jpeg 170.82.174.15
EPP

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.melhoresdestinos.com.br/wp-content/uploads/2018/09/capa-sky-avaliacao-377x189.jpg
Requested by: Host: www.melhoresdestinos.com.br
URL: https://www.melhoresdestinos.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),
Reverse DNS
Software: gocache /
Resource Hash: dbcdee701e2b6c28831c62f077f9f8a10a7cf95763de0b1e6898d163e7f6730a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.melhoresdestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 00:04:55 GMT
x-gocache-image: unmodified
x-gocache-cachestatus: HIT
x-guploader-uploadid: ADPycdtrzCI9bWXYG7RCCd0xLHrftAjbDPRL5mqx4fU67B5LGVSKImexZTYAIhZ90M4AhWmrFp9VHIixpNfeaI8a5SsAkD4qog_S
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-meta-object-id: 134269
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8452
x-goog-meta-height: 189
x-goog-meta-file-hash: 0145d39bfc56ce1f152cfcd623243828
last-modified: Wed, 24 Jul 2019 07:33:49 GMT
x-goog-meta-child-of: 134269
server: gocache
etag: "03a0e2b3b99f17ec2bfdd24d0a3f18f2"
x-goog-generation: 1563953629729736
content-type: image/jpeg
x-goog-hash: crc32c=pfC02w==, md5=A6Dis7mfF+wr/dJNCj8Y8g==
x-goog-meta-width: 377
cache-control: max-age=15552000
x-goog-meta-source-id: 2df4670926d48d662097534997a915b3
x-goog-stored-content-length: 8452
accept-ranges: bytes
expires: Sun, 07 Jul 2024 00:04:55 GMT

GET
H2 200 pagol-capa-03-377x198.jpg
www.melhoresdestinos.com.br/wp-content/uploads/2023/09/ 19 KB
20 KB 327ms
325ms Image
image/jpeg 170.82.174.15
EPP

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.melhoresdestinos.com.br/wp-content/uploads/2023/09/pagol-capa-03-377x198.jpg
Requested by: Host: www.melhoresdestinos.com.br
URL: https://www.melhoresdestinos.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),
Reverse DNS
Software: gocache /
Resource Hash: 78d3c2876aac4b579ee6f4342257b98eed49dab231dd3400ee199eb6b31d6084

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.melhoresdestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 00:04:55 GMT
x-gocache-image: unmodified
x-gocache-cachestatus: HIT
x-guploader-uploadid: ABPtcPr4MIeHyitmlN_UlmsUSOiYejLLbhjCDe6ZmgX-XEe6bW5Ig-gUaUX5N__Ty_hEc0z6nfosDIvsqVcEH5wQ9AF-ZQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19783
x-goog-meta-height: 198
x-goog-meta-file-hash: d41d8cd98f00b204e9800998ecf8427e
last-modified: Mon, 04 Sep 2023 13:44:04 GMT
x-goog-meta-child-of: 415046
server: gocache
etag: "fc11ce5b2b30fbb3d4d5a657399f59d1"
x-goog-generation: 1693835043986072
content-type: image/jpeg
x-goog-hash: crc32c=wUEvSA==, md5=/BHOWysw+7PU1aZXOZ9Z0Q==
x-goog-meta-width: 377
cache-control: max-age=15552000
x-goog-stored-content-length: 19783
accept-ranges: bytes
x-goog-meta-size: thumb_home
expires: Sun, 07 Jul 2024 00:04:55 GMT

GET
H2 200 parque-aquatico-olimpia-thermas-dos-laranjais-capa-02-377x198.jpg
www.melhoresdestinos.com.br/wp-content/uploads/2022/02/ 36 KB
37 KB 373ms
371ms Image
image/jpeg 170.82.174.15
EPP

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.melhoresdestinos.com.br/wp-content/uploads/2022/02/parque-aquatico-olimpia-thermas-dos-laranjais-capa-02-377x198.jpg
Requested by: Host: www.melhoresdestinos.com.br
URL: https://www.melhoresdestinos.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),
Reverse DNS
Software: gocache /
Resource Hash: 55b0facbbd33cdcaec7bf4b9581c54b17dce86b509d3bec0d62cf495d8389d55

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.melhoresdestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 00:04:55 GMT
x-gocache-image: unmodified
age: 0
x-gocache-cachestatus: HIT
x-guploader-uploadid: ADPycdsEXxmcarrnYjizUplH1dS2j65hASM7baPe29pUeU-ZqKXF79uhCP7Yh9GhHgdf2B7x5RGDKx-mbYOolYNvf2DW2g
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36982
x-goog-meta-height: 198
x-goog-meta-file-hash: d41d8cd98f00b204e9800998ecf8427e
last-modified: Fri, 25 Feb 2022 19:26:32 GMT
x-goog-meta-child-of: 319548
server: gocache
etag: "0d216e88fa6cfec2b9d2f9bff226d829"
x-goog-generation: 1645817191981058
content-type: image/jpeg
x-goog-hash: crc32c=By3V7Q==, md5=DSFuiPps/sK50vm/8ibYKQ==
x-goog-meta-width: 377
cache-control: max-age=15552000
x-goog-stored-content-length: 36982
accept-ranges: bytes
x-goog-meta-size: thumb_home
expires: Sun, 07 Jul 2024 00:04:55 GMT

GET
H2 200 erros-resorts-all-inclusive-capa-01-377x198.jpg
www.melhoresdestinos.com.br/wp-content/uploads/2022/01/ 22 KB
23 KB 393ms
392ms Image
image/jpeg 170.82.174.15
EPP

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.melhoresdestinos.com.br/wp-content/uploads/2022/01/erros-resorts-all-inclusive-capa-01-377x198.jpg
Requested by: Host: www.melhoresdestinos.com.br
URL: https://www.melhoresdestinos.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),
Reverse DNS
Software: gocache /
Resource Hash: fccf6d5c132d780bdf2205a2d84c9767c18eb557cdd1aeda57b4adcded376c3c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.melhoresdestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 00:04:55 GMT
x-gocache-image: unmodified
age: 0
x-gocache-cachestatus: HIT
x-guploader-uploadid: ABPtcPqBShtwEEFoL-wHWYljwI6zdvVGxn7y9WCaUR3eO5lecc_siI6FUfIZKZTkPF3T9QqPE1H6B_N5CqfY0CbQZOvJBg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22383
x-goog-meta-height: 198
x-goog-meta-file-hash: d41d8cd98f00b204e9800998ecf8427e
last-modified: Thu, 20 Jan 2022 01:01:31 GMT
x-goog-meta-child-of: 314659
server: gocache
etag: "cb12d600b43b4f7b243a20e2fa0ca81e"
x-goog-generation: 1642640491015467
content-type: image/jpeg
x-goog-hash: crc32c=LG0RnA==, md5=yxLWALQ7T3skOiDi+gyoHg==
x-goog-meta-width: 377
cache-control: max-age=15552000
x-goog-stored-content-length: 22383
accept-ranges: bytes
x-goog-meta-size: thumb_home
expires: Sun, 07 Jul 2024 00:04:55 GMT

GET
H2 200 carnaval-rua-rio-de-janeiro-377x198.jpg
www.melhoresdestinos.com.br/wp-content/uploads/2024/01/ 36 KB
36 KB 447ms
445ms Image
image/jpeg 170.82.174.15
EPP

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.melhoresdestinos.com.br/wp-content/uploads/2024/01/carnaval-rua-rio-de-janeiro-377x198.jpg
Requested by: Host: www.melhoresdestinos.com.br
URL: https://www.melhoresdestinos.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),
Reverse DNS
Software: gocache /
Resource Hash: 5d1f34f036a2ecabf25f8fa9b21215f08120283353f3b7d604b12faebde4d728

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.melhoresdestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 00:04:55 GMT
x-gocache-image: unmodified
x-gocache-cachestatus: HIT
x-guploader-uploadid: ABPtcPrzqUqwbxPqqGYsBmSxlzUmDtUACUS1Ak7w1eCXuiv-fWlIVb3zAY9JhNPa2-4SqzNOx2SmIUUKAR30PJ8OWXsEBQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36463
x-goog-meta-height: 198
x-goog-meta-file-hash: d41d8cd98f00b204e9800998ecf8427e
last-modified: Fri, 05 Jan 2024 15:24:21 GMT
x-goog-meta-child-of: 437978
server: gocache
etag: "ced464abece200b529194acf673a7fe6"
x-goog-generation: 1704468261579196
content-type: image/jpeg
x-goog-hash: crc32c=HUEMmQ==, md5=ztRkq+ziALUpGUrPZzp/5g==
x-goog-meta-width: 377
cache-control: max-age=15552000
x-goog-stored-content-length: 36463
accept-ranges: bytes
x-goog-meta-size: thumb_home
expires: Sun, 07 Jul 2024 00:04:55 GMT

GET
H2 200 parque-mundo-criancas-capa-01-377x198.jpg
www.melhoresdestinos.com.br/wp-content/uploads/2024/01/ 21 KB
22 KB 452ms
451ms Image
image/jpeg 170.82.174.15
EPP

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.melhoresdestinos.com.br/wp-content/uploads/2024/01/parque-mundo-criancas-capa-01-377x198.jpg
Requested by: Host: www.melhoresdestinos.com.br
URL: https://www.melhoresdestinos.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),
Reverse DNS
Software: gocache /
Resource Hash: abef335c19de776a01ce823a7e494e946d0c0368529057b25b943cc5a711e1d6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.melhoresdestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 00:04:55 GMT
x-gocache-image: unmodified
x-gocache-cachestatus: HIT
x-guploader-uploadid: ABPtcPrViL3UGIt6grW8VLBP5gWoGR5el8bXjKrqWr0O3dtdJRRBhACdWkOozfXt3JkjHWQcoM_1-pGDZkLg6kbLTm2hL_Am0GQ3
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21322
x-goog-meta-height: 198
x-goog-meta-file-hash: d41d8cd98f00b204e9800998ecf8427e
last-modified: Tue, 02 Jan 2024 17:09:51 GMT
x-goog-meta-child-of: 437425
server: gocache
etag: "38247577712fd940d8422abfa986ae98"
x-goog-generation: 1704215391529924
content-type: image/jpeg
x-goog-hash: crc32c=3TxKBA==, md5=OCR1d3Ev2UDYQiq/qYaumA==
x-goog-meta-width: 377
cache-control: max-age=15552000
x-goog-stored-content-length: 21322
accept-ranges: bytes
x-goog-meta-size: thumb_home
expires: Sun, 07 Jul 2024 00:04:55 GMT

GET
H2 200 cartoes-credito-caixa-capa-377x198.jpg
www.melhoresdestinos.com.br/wp-content/uploads/2022/03/ 12 KB
12 KB 450ms
449ms Image
image/jpeg 170.82.174.15
EPP

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.melhoresdestinos.com.br/wp-content/uploads/2022/03/cartoes-credito-caixa-capa-377x198.jpg
Requested by: Host: www.melhoresdestinos.com.br
URL: https://www.melhoresdestinos.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),
Reverse DNS
Software: gocache /
Resource Hash: b6a6b0e8881ca010843433eb6e650353f93672a522fecea39168b6c817d18fca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.melhoresdestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 00:04:55 GMT
x-gocache-image: unmodified
age: 0
x-gocache-cachestatus: HIT
x-guploader-uploadid: ABPtcPoTWGxiLxIZr4Yhp5XuuR81Rvo5StyQO01s0ChQfVxgdsEfa5-DvQ76QyGTqsuZVqBTZtRb6CMMmbYL4uNRNE8uTQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11877
x-goog-meta-height: 198
x-goog-meta-file-hash: d41d8cd98f00b204e9800998ecf8427e
last-modified: Tue, 08 Mar 2022 23:59:27 GMT
x-goog-meta-child-of: 321224
server: gocache
etag: "dcf1b0ad5368cfdcfcd007b4146af6da"
x-goog-generation: 1646783967548385
content-type: image/jpeg
x-goog-hash: crc32c=kEC1bQ==, md5=3PGwrVNoz9z80Ae0FGr22g==
x-goog-meta-width: 377
cache-control: max-age=15552000
x-goog-stored-content-length: 11877
accept-ranges: bytes
x-goog-meta-size: thumb_home
expires: Sun, 07 Jul 2024 00:04:55 GMT

GET
H2 200 morro-de-sao-paulo-bahia-capa-1-377x198.jpg
www.melhoresdestinos.com.br/wp-content/uploads/2022/02/ 13 KB
14 KB 453ms
452ms Image
image/jpeg 170.82.174.15
EPP

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.melhoresdestinos.com.br/wp-content/uploads/2022/02/morro-de-sao-paulo-bahia-capa-1-377x198.jpg
Requested by: Host: www.melhoresdestinos.com.br
URL: https://www.melhoresdestinos.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),
Reverse DNS
Software: gocache /
Resource Hash: d83245ccaecdf979547f528f38c90b30dff15f7b95d5e8ce4520df844c57f3e6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.melhoresdestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 00:04:55 GMT
x-gocache-image: unmodified
x-gocache-cachestatus: HIT
x-guploader-uploadid: ADPycdtlCBfYvLXm2JwamI1q35C-YGtuSJkqqaUKhOyj3KqugJZzG_1Da9PSUlzTMh-dkS0mv9MkKRnzKd43_WPZYBU
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13626
x-goog-meta-height: 198
x-goog-meta-file-hash: d41d8cd98f00b204e9800998ecf8427e
last-modified: Tue, 01 Feb 2022 23:58:00 GMT
x-goog-meta-child-of: 316520
server: gocache
etag: "46b4f4a2f4b7cf28c70a0f8cfca01086"
x-goog-generation: 1643759880573023
content-type: image/jpeg
x-goog-hash: crc32c=PlkAVA==, md5=RrT0ovS3zyjHCg+M/KAQhg==
x-goog-meta-width: 377
cache-control: max-age=15552000
x-goog-stored-content-length: 13626
accept-ranges: bytes
x-goog-meta-size: thumb_home
expires: Sun, 07 Jul 2024 00:04:55 GMT

GET
H2 200 parque-peppa-pig-capa-377x198.jpg
www.melhoresdestinos.com.br/wp-content/uploads/2024/01/ 26 KB
27 KB 467ms
466ms Image
image/jpeg 170.82.174.15
EPP

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.melhoresdestinos.com.br/wp-content/uploads/2024/01/parque-peppa-pig-capa-377x198.jpg
Requested by: Host: www.melhoresdestinos.com.br
URL: https://www.melhoresdestinos.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),
Reverse DNS
Software: gocache /
Resource Hash: 3e8f163d5037ff5c937e1e211ec4e7668b365c0ba4d408d1d6c7a3bebcaddbb4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.melhoresdestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 00:04:55 GMT
x-gocache-image: unmodified
x-gocache-cachestatus: HIT
x-guploader-uploadid: ABPtcPrQI6Y21VR_5F9_GltjsInOO4gJYnn1rndMwuVmF-ava3RKcqPT7OVMgc_dMANZkBDU_iWiX_cYWIZhtnk3frHm_g
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26550
x-goog-meta-height: 198
x-goog-meta-file-hash: d41d8cd98f00b204e9800998ecf8427e
last-modified: Fri, 05 Jan 2024 20:41:12 GMT
x-goog-meta-child-of: 438120
server: gocache
etag: "549f331d65da7e2e758ef614d1136f3e"
x-goog-generation: 1704487272662797
content-type: image/jpeg
x-goog-hash: crc32c=HgEYUg==, md5=VJ8zHWXafi51jvYU0RNvPg==
x-goog-meta-width: 377
cache-control: max-age=15552000
x-goog-stored-content-length: 26550
accept-ranges: bytes
x-goog-meta-size: thumb_home
expires: Sun, 07 Jul 2024 00:04:55 GMT

GET
H2 200 viagem-visto-brasil-capa-377x198.jpg
www.melhoresdestinos.com.br/wp-content/uploads/2023/12/ 12 KB
13 KB 504ms
503ms Image
image/jpeg 170.82.174.15
EPP

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.melhoresdestinos.com.br/wp-content/uploads/2023/12/viagem-visto-brasil-capa-377x198.jpg
Requested by: Host: www.melhoresdestinos.com.br
URL: https://www.melhoresdestinos.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),
Reverse DNS
Software: gocache /
Resource Hash: d4891d555d3e2614743bcaf3d18c1cf1c318dc141591da1fba60602d2786648c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.melhoresdestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 00:04:55 GMT
x-gocache-image: unmodified
age: 996
x-gocache-cachestatus: HIT
x-guploader-uploadid: ABPtcPp1-7Tn1xTGwupGqRvlLbhWqqCv-2YXox3oyrvYxNV3t1C_i_jjkgNICj7Jy_MvE5N_jMP_q9mhMgnG_L0m8fFP-w
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12311
x-goog-meta-height: 198
x-goog-meta-file-hash: d41d8cd98f00b204e9800998ecf8427e
last-modified: Thu, 07 Dec 2023 11:45:11 GMT
x-goog-meta-child-of: 434392
server: gocache
etag: "8d5752b28298c27b85cd2963658763af"
x-goog-generation: 1701949511388665
content-type: image/jpeg
x-goog-hash: crc32c=f3ynag==, md5=jVdSsoKYwnuFzSljZYdjrw==
x-goog-meta-width: 377
cache-control: max-age=15552000
x-goog-stored-content-length: 12311
accept-ranges: bytes
x-goog-meta-size: thumb_home
expires: Sun, 07 Jul 2024 00:04:55 GMT

GET
H2 200 a320-latam-capa-02-377x198.jpg
www.melhoresdestinos.com.br/wp-content/uploads/2021/11/ 15 KB
16 KB 493ms
492ms Image
image/jpeg 170.82.174.15
EPP

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.melhoresdestinos.com.br/wp-content/uploads/2021/11/a320-latam-capa-02-377x198.jpg
Requested by: Host: www.melhoresdestinos.com.br
URL: https://www.melhoresdestinos.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),
Reverse DNS
Software: gocache /
Resource Hash: 0423b55445020d5ff4daba96c2b325caac0bf64e68cf7087977e8488cf2bb3d5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.melhoresdestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 00:04:55 GMT
x-gocache-image: unmodified
x-gocache-cachestatus: HIT
x-guploader-uploadid: ABPtcPqxgUhWiEF2odOovIyunVciEalipBdDIUboqqGjOpHxAk_J08lakzvhYYRBIH0BvNk7j22XVSrbz9chEKgrXe0--g
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15730
x-goog-meta-height: 198
x-goog-meta-file-hash: d41d8cd98f00b204e9800998ecf8427e
last-modified: Wed, 17 Nov 2021 13:27:46 GMT
x-goog-meta-child-of: 306851
server: gocache
etag: "2d40431a871c2c0acaa99940e56a8de4"
x-goog-generation: 1637155666230003
content-type: image/jpeg
x-goog-hash: crc32c=4pINXg==, md5=LUBDGoccLArKqZlA5WqN5A==
x-goog-meta-width: 377
cache-control: max-age=15552000
x-goog-stored-content-length: 15730
accept-ranges: bytes
x-goog-meta-size: thumb_home
expires: Sun, 07 Jul 2024 00:04:55 GMT

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 4 KB
2 KB 86ms
33ms Script
application/javascript 18.245.60.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: www.melhoresdestinos.com.br
URL: https://www.melhoresdestinos.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.60.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-60-72.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.melhoresdestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 02:10:01 GMT
content-encoding: gzip
via: 1.1 5cf26f8164e0cad37f6634ff6aeac4ce.cloudfront.net (CloudFront)
last-modified: Thu, 07 Dec 2023 12:13:41 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P5
age: 78895
x-amz-server-side-encryption: AES256
etag: W/"a06e7a176f40dc26aa5e9567ac9d2d5e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: gglajH7SqvwOgYOpZol_87J9XjJNgBqm9-g6YkBGP2iREdJWFtMmtw==

GET
H2 200 api.min.js Show response
a.omappapi.com/app/js/ 51 KB
18 KB 80ms
29ms Script
application/javascript 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/api.min.js
Requested by: Host: www.melhoresdestinos.com.br
URL: https://www.melhoresdestinos.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1081 /
Resource Hash: 83c03c13ae512aeaf45b9a54c62dad09b5d833edae4f2459d3f71f2a3f2744aa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.melhoresdestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 00:04:55 GMT
content-encoding: br
cdn-edgestorageid: 1080
perma-cache: HIT
cdn-storageserver: DE-664
cdn-cachedat: 01/08/2024 14:07:46
cdn-pullzone: 293267
last-modified: Tue, 12 Dec 2023 19:57:29 GMT
server: BunnyCDN-DE1-1081
cdn-fileserver: 383
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"6578bb29-cb9a"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: 0c977661e3452723ecf6ce0acff5f7c2
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H/1.1 200
OK count.js Show response
melhoresdestinos.disqus.com/ 1 KB
2 KB 118ms
38ms Script
application/javascript 199.232.192.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://melhoresdestinos.disqus.com/count.js

Requested by

Host: www.melhoresdestinos.com.br
URL: https://www.melhoresdestinos.com.br/wp-content/plugins/disqus-comment-system/public/js/comment_count.js?ver=3.0.23

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

199.232.192.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.melhoresdestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Tue, 09 Jan 2024 00:04:55 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=300; includeSubdomains
X-Amz-Cf-Pop: DFW3-C1
Age: 140
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 871
X-XSS-Protection: 1; mode=block
Last-Modified: Tue, 02 Jan 2024 14:37:25 GMT
Server: nginx
ETag: "65941fa5-367"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, max-age=300
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
X-Amz-Cf-Id: Pl_V38_XD4Ct4UvT569BhBLfdYFv1lNEZBsbmeRt1gIo5dva2w_E7w==

GET
H2 200 www.melhoresdestinos.com.br.json Show response
script.crazyegg.com/pages/data-scripts/0070/3630/site/ 6 KB
2 KB 93ms
44ms XHR
application/json 2606:4700::6813:9408
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/data-scripts/0070/3630/site/www.melhoresdestinos.com.br.json?t=1
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0070/3630.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a93653f7ddd0ae1176ac8871a71881b7c7118f5204b9023b7600be8095fd5607

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.melhoresdestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 00:04:55 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 23505
ce-version: 11.5.164
content-length: 1903
last-modified: Mon, 08 Jan 2024 17:33:10 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 84286cf5db8c30c4-FRA

GET
H2 200 wp-emoji-release.min.js Show response
www.melhoresdestinos.com.br/wp-includes/js/ 18 KB
5 KB 482ms
482ms Script
application/javascript 170.82.174.15
EPP

General

Check archive.org

Show headers Download Go to

Full URL: https://www.melhoresdestinos.com.br/wp-includes/js/wp-emoji-release.min.js?ver=6.4.2
Requested by: Host: www.melhoresdestinos.com.br
URL: https://www.melhoresdestinos.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),
Reverse DNS
Software: gocache /
Resource Hash: 4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.melhoresdestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: public
date: Tue, 09 Jan 2024 00:04:55 GMT
via: 1.1 google
content-encoding: gzip
last-modified: Tue, 25 Jul 2023 17:39:43 GMT
server: gocache
etag: W/"64c008df-4904"
x-gocache-cachestatus: HIT
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=15552000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 07 Jul 2024 00:04:55 GMT

GET
H2 200 viajanet Show response
passagensaereas.melhoresdestinos.com.br/api/v1/locations/origins/packages/ 27 KB
6 KB 653ms
484ms XHR
application/json 2001:4860:4802:36::15
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://passagensaereas.melhoresdestinos.com.br/api/v1/locations/origins/packages/viajanet

Requested by

Host: www.melhoresdestinos.com.br
URL: https://www.melhoresdestinos.com.br/wp-content/themes/md2023/js23/base.js?ver=2023-011a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:36::15 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

69ccdd447bc1d155946f97677fe8eae7b918cbc5da19ca3be25703008c4896e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.melhoresdestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains
access-control-request-method: get, post
x-content-type-options: nosniff
date: Tue, 09 Jan 2024 00:04:55 GMT
content-encoding: gzip
x-permitted-cross-domain-policies: none
content-length: 5807
x-xss-protection: 1; mode=block
x-request-id: 85491d17-6fe8-4c97-8555-b20970bb0100
x-runtime: 0.194873
referrer-policy: strict-origin-when-cross-origin
server: Google Frontend
etag: W/"69ccdd447bc1d155946f97677fe8eae7"
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-cloud-trace-context: 17a53aa481c9fc3db68187ace07e9472/11783923467288758194;o=0
cache-control: max-age=240, public

GET
H2 200 categories Show response
passagensaereas.melhoresdestinos.com.br/api/v1/twd/web/ 4 KB
2 KB 358ms
194ms XHR
application/json 2001:4860:4802:36::15
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://passagensaereas.melhoresdestinos.com.br/api/v1/twd/web/categories

Requested by

Host: www.melhoresdestinos.com.br
URL: https://www.melhoresdestinos.com.br/wp-content/themes/md2023/js23/base.js?ver=2023-011a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:36::15 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

775756b9835fbe95c96fdb3ac527b7a4142efeb50d97842c25b1444409dce482

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.melhoresdestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains
access-control-request-method: get, post
x-content-type-options: nosniff
date: Tue, 09 Jan 2024 00:04:55 GMT
content-encoding: gzip
x-permitted-cross-domain-policies: none
content-length: 1099
x-xss-protection: 1; mode=block
x-request-id: b814014f-f470-4a91-9b48-c1cb3a458380
x-runtime: 0.040916
referrer-policy: strict-origin-when-cross-origin
server: Google Frontend
etag: W/"775756b9835fbe95c96fdb3ac527b7a4"
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-cloud-trace-context: e5224cad23d776da7a9aea9b92a72edd/2275684757941538706;o=0
cache-control: max-age=240, public

GET
H2 200 loading.gif
www.melhoresdestinos.com.br/wp-content/themes/md2018/img/ 40 KB
40 KB 487ms
487ms Image
image/gif 170.82.174.15
EPP

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.melhoresdestinos.com.br/wp-content/themes/md2018/img/loading.gif
Requested by: Host: www.melhoresdestinos.com.br
URL: https://www.melhoresdestinos.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),
Reverse DNS
Software: gocache /
Resource Hash: 7926afc46adb0fc7f96fefcb624f9fef65b163cbb70e289755785c133fc5c1a5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.melhoresdestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: public
date: Tue, 09 Jan 2024 00:04:55 GMT
via: 1.1 google
x-gocache-image: unmodified
last-modified: Wed, 20 Apr 2022 20:52:49 GMT
server: gocache
etag: "626072a1-9ed5"
x-gocache-cachestatus: HIT
content-type: image/gif
cache-control: max-age=15552000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 40661
expires: Sun, 07 Jul 2024 00:04:55 GMT

GET
H3 200 dr Show response
as.ad4m.at/ad/ Frame 297B 2 KB
3 KB 45ms
44ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1h4mcgmt1jme0qbxszhasejfjs3txyh7n9552wy86ysmz61yp56dmkf2me83v2axgvw5ab8wp7bd3fndk79615ett8d1vmrrwrvzgjgxy8k7hb0m6g6xhcmyv1pesw6b5t9adywrv6605jg1cnamss6a6s1cz0h4758hbw9j9wtwwxhaxr9zmy6kdyx5p3x45130qtm9ahcjaagxsp76d5z13nyfc0c5va8an4s3jk4axvvrhade7wdjz4vabvra9wjsh7h979qk1by3bgsy6ppsex8a43c1qgjmh069j94kw4z4y1adv5n98rx1m82mj4s7shhak0wamzghcbrp0x2a924smd4k2ma3jvmrx6whx7242w0ayqc1t2qcqpy0d35km80nhyv2j8wpn4qtqj7bwpyre14wx57a755t4vrj0trsx96f4bc4zcmhdycnpggesm7f&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCyWjypo2cZbyMFqj01PIP3IeCyAeQ4YGEXLaoworwAsCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi02MTIwODA1OTE3NjU1MTAwyAEJqQKHoCQ3TGKyPuACAKgDAcgDAqoEwQJP0DO2FEWyVTMkjpPTxxOp0BrqvcosurZiN1JsFAA0JOtxAlbG7Ept6tsQydxRhH-Sdc6Xu5vd_vj-XEcr-wroylCTe3LwXD1NDECygw2P_EtIXbgeDXbQ90bedK29vf9v3DDbsdQ6EIydeXkoAx47DmwxIcEUWHH8_AOtk50Pybs93Ha32ilHw7fRswvVcvukxNxsGnvFWChZthho6SRsB-ab3mZYgLL18fWlHCtjsq_mU39ec-Ryqv-H3GQEjnP31WBJdXoKwMmOv-NibH8kefOKyWZzGKiw_sjXbTnNm0wEztKA_-kmjUYnvRQAlXlptqAr2TCk8t9_4sm8spkpzPhOTBaK8G3bT2YljEw8pLH6SuA80EXv2NZ2kbivD2fhOZDmrGSYnqDMnqH3jTIrMIoSyX6WMh8KFrDAEyW3jI3gBAGABrnqssHX0466vgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYsa-dg4HPgwP6CwIIAYAMAeINEwjb552Dgc-DAxUoOlUIHdyDAHnQFQGAFwE%26num%3D1%26sig%3DAOD64_3K4XSIv_PnvURJgKjQ-rhqoh_Nnw%26client%3Dca-pub-6120805917655100%26adurl%3D

Requested by

Host: www.melhoresdestinos.com.br
URL: https://www.melhoresdestinos.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4adfe4ec2503e63e6c2272bccecfcb813579ae261765f93a32a7edc7ab7914f7

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src ;connect-src https:;default-src 'self';font-src ;form-action 'none';frame-src ;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src 'unsafe-inline'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://5bfac1e78d50b6cac8dac9b8d2dd593c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 84286cf5acda9b1f-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Tue, 09 Jan 2024 00:04:55 GMT
expires: 0
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy: accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240104/r20110914/client/ Frame 8A17 3 KB
1 KB 20ms
18ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240104/r20110914/client/window_focus_fy2021.js

Requested by

Host: www.melhoresdestinos.com.br
URL: https://www.melhoresdestinos.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5bfac1e78d50b6cac8dac9b8d2dd593c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 20:46:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11910
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 22 Jan 2024 20:46:25 GMT

GET
H2 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 5FE3 1 KB
682 B 20ms
19ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: www.melhoresdestinos.com.br
URL: https://www.melhoresdestinos.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5bfac1e78d50b6cac8dac9b8d2dd593c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 53485
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 08 Jan 2024 09:13:30 GMT
etag: 48472445140208031
expires: Tue, 09 Jan 2024 09:13:30 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240104/r20110914/client/ Frame 8A17 20 KB
8 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240104/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: www.melhoresdestinos.com.br
URL: https://www.melhoresdestinos.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2f764c969a82705ba7838239087f5ff9b33e978b6bae2657e299b6b14c30ad7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5bfac1e78d50b6cac8dac9b8d2dd593c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 20:46:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11910
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8523
x-xss-protection: 0
server: cafe
etag: 16500369019378894752
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 22 Jan 2024 20:46:25 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 8A17 0
0 30ms
29ms Image
text/html 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSe4xeoDPmgf4Uzajlju6-XwvvOoz1i7kZeDjXtG1iL1H9r47c_nlgRRZ1gsVvHPORn6xYFcNV8PDfxdxPiQO0rpH6mcQ
Requested by: Host: www.melhoresdestinos.com.br
URL: https://www.melhoresdestinos.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5bfac1e78d50b6cac8dac9b8d2dd593c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 8A17 24 KB
6 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: www.melhoresdestinos.com.br
URL: https://www.melhoresdestinos.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5bfac1e78d50b6cac8dac9b8d2dd593c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 10:17:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 308831
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 04 Jan 2025 10:17:44 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8A17 205 KB
65 KB 100ms
99ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: www.melhoresdestinos.com.br
URL: https://www.melhoresdestinos.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

daab8a66fad84e54d32b62c10a996179c4d17efc15fc7aa77a5927dbb6cd10a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5bfac1e78d50b6cac8dac9b8d2dd593c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 00:04:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66227
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1704717871404979"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 09 Jan 2024 00:04:55 GMT

GET
H3 200 dr Show response
as.ad4m.at/ad/ Frame F358 2 KB
3 KB 73ms
72ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1hzj67jjy60wdxe6x67422ngjs726rg8m6gnwa0g5t442tmvgn9nz8556hznc0s2k8bvyg8ncc3bh7nt9ykcbze9023qtvtxj9e060q5gdhkv8aa3198em8cbxnsgv4j0n31p582daa2tytteh490gd96ezgmfbmes4xa0t7qkrhrkfwrc9t6p80z19dkcxp8d60h9kdssk0ngg3zw8hztmh7k0zcvhaz768bd17e1jexvx3sdv54q18g6ec87fzd9cdd182tb642s59868633bm8wqaj1cksa969gfgg3jm20qhhf7bweja4497v3vvc3egjmvmxtvfmcsdmdf3fj2swz64tkz88pnhexr4n44bfr4s4b0e60kvwcp0jhqbdw86ey6jp29b0atbyyh8q107wm2apm7p0b0cgqebmeher6tsvzgjsb7yfkan1n7yqkw9qxve&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCKlsXpo2cZb6MFqj01PIP3IeCyAeQ4YGEXLaoworwAsCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi02MTIwODA1OTE3NjU1MTAwyAEJqQKHoCQ3TGKyPuACAKgDAcgDAqoEwgJP0JrNHWABItPN-wmKp0sjgVs4Y2iFXwya43DSK2NwRFJj70TllDapgqsRTQfUM0Oc6m4AeKCC783S-GHblV_71SwqYjlQ00ATw6wmwqMAS0TSgcy0pD98-cn80OBe22mcuMcJSRO5y3RZ6IhDobLsoBs5-_cdlZMfLJLzymzWdRbI5oR0DUh3AIaSI1n4kiTn8sRj05DBeqt_4T9xGmWVZJsLUewZhletNrcQ8W2cGhPDlLtpdlGld6NRgKQZfxghlxNyriqZqW4lRhAPOWsj8-I3PNqj4xMbVDlvxa4aGMmT5D_4AXTSUI6gUQqjdP_ULGUpr0ynsVzZaxCauY6RVqK8nKJYkC6USJmAUL1EOBv0KK17EaAbTJhRC2CczTY-dAWTUVJQL43_hGd4bmBJY_4HGByXx24lYdzMSuACtF2q4AQBgAaalv6x-5b39cgBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WLGvnYOBz4MD-gsCCAGADAHiDRMI3eedg4HPgwMVKDpVCB3cgwB50BUBgBcB%26num%3D1%26sig%3DAOD64_2FGGt69vZhY-aSs-IfNwungNBNSQ%26client%3Dca-pub-6120805917655100%26adurl%3D

Requested by

Host: www.melhoresdestinos.com.br
URL: https://www.melhoresdestinos.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fb1dcc6fe4c18e8e77ba87832e73084f94d8239d485a232093be12b51e8e5a82

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src ;connect-src https:;default-src 'self';font-src ;form-action 'none';frame-src ;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src 'unsafe-inline'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://5bfac1e78d50b6cac8dac9b8d2dd593c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 84286cf5bcde9b1f-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Tue, 09 Jan 2024 00:04:55 GMT
expires: 0
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy: accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240104/r20110914/client/ Frame 65D2 3 KB
1 KB 24ms
22ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240104/r20110914/client/window_focus_fy2021.js

Requested by

Host: www.melhoresdestinos.com.br
URL: https://www.melhoresdestinos.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5bfac1e78d50b6cac8dac9b8d2dd593c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 20:46:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11910
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 22 Jan 2024 20:46:25 GMT

GET
H2 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame D05B 1 KB
677 B 25ms
23ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: www.melhoresdestinos.com.br
URL: https://www.melhoresdestinos.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5bfac1e78d50b6cac8dac9b8d2dd593c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 53485
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 08 Jan 2024 09:13:30 GMT
etag: 48472445140208031
expires: Tue, 09 Jan 2024 09:13:30 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240104/r20110914/client/ Frame 65D2 20 KB
8 KB 26ms
23ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240104/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: www.melhoresdestinos.com.br
URL: https://www.melhoresdestinos.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2f764c969a82705ba7838239087f5ff9b33e978b6bae2657e299b6b14c30ad7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5bfac1e78d50b6cac8dac9b8d2dd593c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 20:46:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11910
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8523
x-xss-protection: 0
server: cafe
etag: 16500369019378894752
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 22 Jan 2024 20:46:25 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 65D2 0
0 34ms
33ms Image
text/html 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQjSgJXiF7v2fBTHjIzK4C5wzc3EWQPEaKcz9-Da0tydIGr3ZnWUaiL1fL8O_ZUqLvLq1QSAS7903EXJTGRO8uDvkGAWw
Requested by: Host: www.melhoresdestinos.com.br
URL: https://www.melhoresdestinos.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5bfac1e78d50b6cac8dac9b8d2dd593c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 65D2 24 KB
6 KB 30ms
27ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: www.melhoresdestinos.com.br
URL: https://www.melhoresdestinos.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5bfac1e78d50b6cac8dac9b8d2dd593c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 10:17:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 308831
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 04 Jan 2025 10:17:44 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 65D2 205 KB
65 KB 114ms
111ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: www.melhoresdestinos.com.br
URL: https://www.melhoresdestinos.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

daab8a66fad84e54d32b62c10a996179c4d17efc15fc7aa77a5927dbb6cd10a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5bfac1e78d50b6cac8dac9b8d2dd593c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 00:04:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66227
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1704717871404979"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 09 Jan 2024 00:04:55 GMT

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.50/one-ad/ Frame 3595 115 KB
14 KB 39ms
38ms Stylesheet
text/css 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=34719%2C117569%2C22451&b=KXRURfZfk7dT5HMHktPteG4S7SAT88qcp25b%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2CG1rtBfpf8m7SKHeHGtPt31dHZSYTJJkCQV5M&f=kkDa5f3fBKMa4HwHetmCw5WuZSjTmmAa91Ye%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CVb8twfmfQxbhVHbHAtXC8j4cBSzTggWuDJ7x&c=300&d=250&e=&g=3e2445f27605b758fa02d6fb44e6a8d9%2F11117739943320941839&i=26474%2C29981%2C25174&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1704758695216&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j7rz37kenrq7ky69x04kfrp79kngzzdk3v480gnngwe1426vtvh4yx9raew81fh003sz09zbwcwj6zbsfyvxxvszzrxh9hbzckp6s3argg3gvnq0ev19zpkcpkz1x2qc7pgbezngxad8eygqa6vxccf63xbyhtvemqh3y12ehrcywe61m19nf7b4a04xmw8sb2nye7my8172b0tf7fn107ha2wrj0sc6a3hb461gyc6fnxd9aacb76tkn0sn91jxdz8428gskkhvtmmpagdmmw3%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCajKRpo2cZb2MFqj01PIP3IeCyAeQ4YGEXLaoworwAsCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi02MTIwODA1OTE3NjU1MTAwyAEJqQKHoCQ3TGKyPuACAKgDAcgDAqoEwgJP0PZFdyzoi1ev7Bcv6nImIChwq8aCl_TLKSV23xK4yiKqi8UuiyA75zyU7r9slQTVPtyvYMVBv1_-1cvbOMbjV6OwSTXFeeHh8xKhbEns0crUjEdfUtrQu8selYWXN9Y14H1b3e9kferepHdUCRumLiE52dCvq63ehChHRdgQC8OtHA9oRXsd9LTULeQx3cHFvszKKVyidxjINifygx9_-iVAiopK-iofgWXtUesk_otIZb7Ds0i_w0WZvFMPfNEBk6oWz0_ej_v3QjZ6gh-gd0Z6JZfyylFD6DB6UX5jENVnxKzbwGeYtvPMuifrnaCTkMskcASYRyCZaQQGGj5X2y0Tc5sRV8E0isFDQZYTo_DYMqcFwthjrCBH1WQuRCtd_spw1jNR1eg863_HTU7pXZosxuYRUB-nbvTWkpECmqem4AQBgAa1_JHwlYSy7-IBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WLGvnYOBz4MD-gsCCAGADAHiDRMI3Oedg4HPgwMVKDpVCB3cgwB50BUBgBcB%2526num%253D1%2526sig%253DAOD64_3COeXIcSXmgR8V1yFe-VG0Uje8_g%2526client%253Dca-pub-6120805917655100%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=34719%2C117569%2C22451&b=KXRURfZfk7dT5HMHktPteG4S7SAT88qcp25b%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2CG1rtBfpf8m7SKHeHGtPt31dHZSYTJJkCQV5M&f=kkDa5f3fBKMa4HwHetmCw5WuZSjTmmAa91Ye%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CVb8twfmfQxbhVHbHAtXC8j4cBSzTggWuDJ7x&c=300&d=250&e=&g=3e2445f27605b758fa02d6fb44e6a8d9%2F11117739943320941839&i=26474%2C29981%2C25174&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1704758695216&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j7rz37kenrq7ky69x04kfrp79kngzzdk3v480gnngwe1426vtvh4yx9raew81fh003sz09zbwcwj6zbsfyvxxvszzrxh9hbzckp6s3argg3gvnq0ev19zpkcpkz1x2qc7pgbezngxad8eygqa6vxccf63xbyhtvemqh3y12ehrcywe61m19nf7b4a04xmw8sb2nye7my8172b0tf7fn107ha2wrj0sc6a3hb461gyc6fnxd9aacb76tkn0sn91jxdz8428gskkhvtmmpagdmmw3%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCajKRpo2cZb2MFqj01PIP3IeCyAeQ4YGEXLaoworwAsCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi02MTIwODA1OTE3NjU1MTAwyAEJqQKHoCQ3TGKyPuACAKgDAcgDAqoEwgJP0PZFdyzoi1ev7Bcv6nImIChwq8aCl_TLKSV23xK4yiKqi8UuiyA75zyU7r9slQTVPtyvYMVBv1_-1cvbOMbjV6OwSTXFeeHh8xKhbEns0crUjEdfUtrQu8selYWXN9Y14H1b3e9kferepHdUCRumLiE52dCvq63ehChHRdgQC8OtHA9oRXsd9LTULeQx3cHFvszKKVyidxjINifygx9_-iVAiopK-iofgWXtUesk_otIZb7Ds0i_w0WZvFMPfNEBk6oWz0_ej_v3QjZ6gh-gd0Z6JZfyylFD6DB6UX5jENVnxKzbwGeYtvPMuifrnaCTkMskcASYRyCZaQQGGj5X2y0Tc5sRV8E0isFDQZYTo_DYMqcFwthjrCBH1WQuRCtd_spw1jNR1eg863_HTU7pXZosxuYRUB-nbvTWkpECmqem4AQBgAa1_JHwlYSy7-IBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WLGvnYOBz4MD-gsCCAGADAHiDRMI3Oedg4HPgwMVKDpVCB3cgwB50BUBgBcB%2526num%253D1%2526sig%253DAOD64_3COeXIcSXmgR8V1yFe-VG0Uje8_g%2526client%253Dca-pub-6120805917655100%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 00:04:55 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2326514
cf-polished: origSize=118430
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 02 Nov 2023 10:26:17 GMT
server: cloudflare
etag: W/"486507ccce9ac587d11c0ef3f32a109a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0IfRI6Z6Pv7btA5rWmIIxTgs11SZKnKpSafM5N1lGxQ50O8XZt8iCCUOuC8T36YfNDKQvlFMWAyP8PSagWDR%2FL1711FAeZJOh%2BxnB0JH19Hohzlw3Kb4Ks2gjV%2FBbslCwEsghnhU%2F%2FY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=86400
cf-ray: 84286cf5bcdf9b1f-FRA
expires: Wed, 10 Jan 2024 00:04:55 GMT

GET
H2 200 E622BC9BD82AE6F51E341CE5BBC00C7BCEF1113266FC86A7954D357A123D68059FD32592A221C64F87EEABAF18D4698D5388E6B9CA984D807BB6BB7E4D07744E
assets.ad4m.at/logo/ Frame 3595 9 KB
9 KB 76ms
75ms Image
image/jpeg 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/E622BC9BD82AE6F51E341CE5BBC00C7BCEF1113266FC86A7954D357A123D68059FD32592A221C64F87EEABAF18D4698D5388E6B9CA984D807BB6BB7E4D07744E
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=34719%2C117569%2C22451&b=KXRURfZfk7dT5HMHktPteG4S7SAT88qcp25b%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2CG1rtBfpf8m7SKHeHGtPt31dHZSYTJJkCQV5M&f=kkDa5f3fBKMa4HwHetmCw5WuZSjTmmAa91Ye%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CVb8twfmfQxbhVHbHAtXC8j4cBSzTggWuDJ7x&c=300&d=250&e=&g=3e2445f27605b758fa02d6fb44e6a8d9%2F11117739943320941839&i=26474%2C29981%2C25174&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1704758695216&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j7rz37kenrq7ky69x04kfrp79kngzzdk3v480gnngwe1426vtvh4yx9raew81fh003sz09zbwcwj6zbsfyvxxvszzrxh9hbzckp6s3argg3gvnq0ev19zpkcpkz1x2qc7pgbezngxad8eygqa6vxccf63xbyhtvemqh3y12ehrcywe61m19nf7b4a04xmw8sb2nye7my8172b0tf7fn107ha2wrj0sc6a3hb461gyc6fnxd9aacb76tkn0sn91jxdz8428gskkhvtmmpagdmmw3%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCajKRpo2cZb2MFqj01PIP3IeCyAeQ4YGEXLaoworwAsCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi02MTIwODA1OTE3NjU1MTAwyAEJqQKHoCQ3TGKyPuACAKgDAcgDAqoEwgJP0PZFdyzoi1ev7Bcv6nImIChwq8aCl_TLKSV23xK4yiKqi8UuiyA75zyU7r9slQTVPtyvYMVBv1_-1cvbOMbjV6OwSTXFeeHh8xKhbEns0crUjEdfUtrQu8selYWXN9Y14H1b3e9kferepHdUCRumLiE52dCvq63ehChHRdgQC8OtHA9oRXsd9LTULeQx3cHFvszKKVyidxjINifygx9_-iVAiopK-iofgWXtUesk_otIZb7Ds0i_w0WZvFMPfNEBk6oWz0_ej_v3QjZ6gh-gd0Z6JZfyylFD6DB6UX5jENVnxKzbwGeYtvPMuifrnaCTkMskcASYRyCZaQQGGj5X2y0Tc5sRV8E0isFDQZYTo_DYMqcFwthjrCBH1WQuRCtd_spw1jNR1eg863_HTU7pXZosxuYRUB-nbvTWkpECmqem4AQBgAa1_JHwlYSy7-IBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WLGvnYOBz4MD-gsCCAGADAHiDRMI3Oedg4HPgwMVKDpVCB3cgwB50BUBgBcB%2526num%253D1%2526sig%253DAOD64_3COeXIcSXmgR8V1yFe-VG0Uje8_g%2526client%253Dca-pub-6120805917655100%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3a58de8d9c7b24b39cfd318f36cf8ac8e2eb491829df30979155028a448fa254

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 00:04:55 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3357090
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400
content-length: 8772
cf-bgj: imgq:85,h2pri
last-modified: Thu, 09 Nov 2023 08:13:38 GMT
server: cloudflare
etag: "15b1f39d668aa86c2ba2ba17d94cc733"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pjuqrQn8Llmj2L0CnrzspK3sb4TLQAlS2%2BSHjgReJBghX0yVDC4qjbFBHqfAtmWrOwHt5yOeSTBiO6oy0lpyLlWTx4Hh3HRKH4G0g0%2BOCUbOw2xHC8BJgqCzkXAcWKxzDfR7BWjWIwZ7zk70"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 84286cf5bcf41d8a-FRA

GET
H2 200 2A409C956034279942BB00C734EEBA96A30BFA66974E50A0A1FCCC37F0E29F63CDE4339A721079F3863F9D3A2D1FC91B69CE99DD1EDFB0C05A709324F55DF63A
assets.ad4m.at/ Frame 3595 32 KB
33 KB 39ms
37ms Image
image/jpeg 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/2A409C956034279942BB00C734EEBA96A30BFA66974E50A0A1FCCC37F0E29F63CDE4339A721079F3863F9D3A2D1FC91B69CE99DD1EDFB0C05A709324F55DF63A
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=34719%2C117569%2C22451&b=KXRURfZfk7dT5HMHktPteG4S7SAT88qcp25b%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2CG1rtBfpf8m7SKHeHGtPt31dHZSYTJJkCQV5M&f=kkDa5f3fBKMa4HwHetmCw5WuZSjTmmAa91Ye%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CVb8twfmfQxbhVHbHAtXC8j4cBSzTggWuDJ7x&c=300&d=250&e=&g=3e2445f27605b758fa02d6fb44e6a8d9%2F11117739943320941839&i=26474%2C29981%2C25174&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1704758695216&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j7rz37kenrq7ky69x04kfrp79kngzzdk3v480gnngwe1426vtvh4yx9raew81fh003sz09zbwcwj6zbsfyvxxvszzrxh9hbzckp6s3argg3gvnq0ev19zpkcpkz1x2qc7pgbezngxad8eygqa6vxccf63xbyhtvemqh3y12ehrcywe61m19nf7b4a04xmw8sb2nye7my8172b0tf7fn107ha2wrj0sc6a3hb461gyc6fnxd9aacb76tkn0sn91jxdz8428gskkhvtmmpagdmmw3%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCajKRpo2cZb2MFqj01PIP3IeCyAeQ4YGEXLaoworwAsCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi02MTIwODA1OTE3NjU1MTAwyAEJqQKHoCQ3TGKyPuACAKgDAcgDAqoEwgJP0PZFdyzoi1ev7Bcv6nImIChwq8aCl_TLKSV23xK4yiKqi8UuiyA75zyU7r9slQTVPtyvYMVBv1_-1cvbOMbjV6OwSTXFeeHh8xKhbEns0crUjEdfUtrQu8selYWXN9Y14H1b3e9kferepHdUCRumLiE52dCvq63ehChHRdgQC8OtHA9oRXsd9LTULeQx3cHFvszKKVyidxjINifygx9_-iVAiopK-iofgWXtUesk_otIZb7Ds0i_w0WZvFMPfNEBk6oWz0_ej_v3QjZ6gh-gd0Z6JZfyylFD6DB6UX5jENVnxKzbwGeYtvPMuifrnaCTkMskcASYRyCZaQQGGj5X2y0Tc5sRV8E0isFDQZYTo_DYMqcFwthjrCBH1WQuRCtd_spw1jNR1eg863_HTU7pXZosxuYRUB-nbvTWkpECmqem4AQBgAa1_JHwlYSy7-IBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WLGvnYOBz4MD-gsCCAGADAHiDRMI3Oedg4HPgwMVKDpVCB3cgwB50BUBgBcB%2526num%253D1%2526sig%253DAOD64_3COeXIcSXmgR8V1yFe-VG0Uje8_g%2526client%253Dca-pub-6120805917655100%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e23b6f4539643a37f0d615a630a76fc48571ebb8b0a9219ad38b4827a60ee18c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 00:04:55 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4991216
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400
content-length: 33043
cf-bgj: imgq:85,h2pri
last-modified: Thu, 09 Nov 2023 08:07:19 GMT
server: cloudflare
etag: "4248eb804269666620fb86952a326d7e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BuXSTFHnKGNLAKbt8%2FufQxCgmEH7KdXtOLXcV2MY%2BwbXmxKVidNBAJA0ASmKdYqOosWxdhYWCkGJ%2BLic%2FsYIQNpndajZFjx%2Fhwwi1d%2B0l%2FANJAi1Y9QuJBQnxcCHAjD2WGbRvDdjEw1BylDU"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 84286cf5bcec1d8a-FRA

GET
H2 200 2aed39855b5f46b7651ba591340f258c
pv.medialead.de/trck/epv/ Frame 3595 0
327 B 137ms
45ms Image
application/javascript 91.121.248.44
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pv.medialead.de/trck/epv/2aed39855b5f46b7651ba591340f258c?t=htlp&subid=wkzMotivBoneidKXRURfZfk7dT5HMHktPteG4S7SAT88qcp25boneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=34719%2C117569%2C22451&b=KXRURfZfk7dT5HMHktPteG4S7SAT88qcp25b%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2CG1rtBfpf8m7SKHeHGtPt31dHZSYTJJkCQV5M&f=kkDa5f3fBKMa4HwHetmCw5WuZSjTmmAa91Ye%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CVb8twfmfQxbhVHbHAtXC8j4cBSzTggWuDJ7x&c=300&d=250&e=&g=3e2445f27605b758fa02d6fb44e6a8d9%2F11117739943320941839&i=26474%2C29981%2C25174&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1704758695216&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j7rz37kenrq7ky69x04kfrp79kngzzdk3v480gnngwe1426vtvh4yx9raew81fh003sz09zbwcwj6zbsfyvxxvszzrxh9hbzckp6s3argg3gvnq0ev19zpkcpkz1x2qc7pgbezngxad8eygqa6vxccf63xbyhtvemqh3y12ehrcywe61m19nf7b4a04xmw8sb2nye7my8172b0tf7fn107ha2wrj0sc6a3hb461gyc6fnxd9aacb76tkn0sn91jxdz8428gskkhvtmmpagdmmw3%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCajKRpo2cZb2MFqj01PIP3IeCyAeQ4YGEXLaoworwAsCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi02MTIwODA1OTE3NjU1MTAwyAEJqQKHoCQ3TGKyPuACAKgDAcgDAqoEwgJP0PZFdyzoi1ev7Bcv6nImIChwq8aCl_TLKSV23xK4yiKqi8UuiyA75zyU7r9slQTVPtyvYMVBv1_-1cvbOMbjV6OwSTXFeeHh8xKhbEns0crUjEdfUtrQu8selYWXN9Y14H1b3e9kferepHdUCRumLiE52dCvq63ehChHRdgQC8OtHA9oRXsd9LTULeQx3cHFvszKKVyidxjINifygx9_-iVAiopK-iofgWXtUesk_otIZb7Ds0i_w0WZvFMPfNEBk6oWz0_ej_v3QjZ6gh-gd0Z6JZfyylFD6DB6UX5jENVnxKzbwGeYtvPMuifrnaCTkMskcASYRyCZaQQGGj5X2y0Tc5sRV8E0isFDQZYTo_DYMqcFwthjrCBH1WQuRCtd_spw1jNR1eg863_HTU7pXZosxuYRUB-nbvTWkpECmqem4AQBgAa1_JHwlYSy7-IBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WLGvnYOBz4MD-gsCCAGADAHiDRMI3Oedg4HPgwMVKDpVCB3cgwB50BUBgBcB%2526num%253D1%2526sig%253DAOD64_3COeXIcSXmgR8V1yFe-VG0Uje8_g%2526client%253Dca-pub-6120805917655100%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 91.121.248.44 , France, ASN16276 (OVH, FR),
Reverse DNS: ip44.ip-91-121-248.eu
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 00:04:55 GMT
attribution-reporting-register-source: {"source_event_id":"17200573720103333","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
server: nginx
host: pv.medialead.de
vary: Origin
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Request-ID
access-control-allow-credentials: true
content-length: 0
proxy-host: pv.medialead.de

GET
H2 200 A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266
assets.ad4m.at/logo/ Frame 3595 2 KB
2 KB 78ms
77ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=34719%2C117569%2C22451&b=KXRURfZfk7dT5HMHktPteG4S7SAT88qcp25b%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2CG1rtBfpf8m7SKHeHGtPt31dHZSYTJJkCQV5M&f=kkDa5f3fBKMa4HwHetmCw5WuZSjTmmAa91Ye%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CVb8twfmfQxbhVHbHAtXC8j4cBSzTggWuDJ7x&c=300&d=250&e=&g=3e2445f27605b758fa02d6fb44e6a8d9%2F11117739943320941839&i=26474%2C29981%2C25174&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1704758695216&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j7rz37kenrq7ky69x04kfrp79kngzzdk3v480gnngwe1426vtvh4yx9raew81fh003sz09zbwcwj6zbsfyvxxvszzrxh9hbzckp6s3argg3gvnq0ev19zpkcpkz1x2qc7pgbezngxad8eygqa6vxccf63xbyhtvemqh3y12ehrcywe61m19nf7b4a04xmw8sb2nye7my8172b0tf7fn107ha2wrj0sc6a3hb461gyc6fnxd9aacb76tkn0sn91jxdz8428gskkhvtmmpagdmmw3%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCajKRpo2cZb2MFqj01PIP3IeCyAeQ4YGEXLaoworwAsCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi02MTIwODA1OTE3NjU1MTAwyAEJqQKHoCQ3TGKyPuACAKgDAcgDAqoEwgJP0PZFdyzoi1ev7Bcv6nImIChwq8aCl_TLKSV23xK4yiKqi8UuiyA75zyU7r9slQTVPtyvYMVBv1_-1cvbOMbjV6OwSTXFeeHh8xKhbEns0crUjEdfUtrQu8selYWXN9Y14H1b3e9kferepHdUCRumLiE52dCvq63ehChHRdgQC8OtHA9oRXsd9LTULeQx3cHFvszKKVyidxjINifygx9_-iVAiopK-iofgWXtUesk_otIZb7Ds0i_w0WZvFMPfNEBk6oWz0_ej_v3QjZ6gh-gd0Z6JZfyylFD6DB6UX5jENVnxKzbwGeYtvPMuifrnaCTkMskcASYRyCZaQQGGj5X2y0Tc5sRV8E0isFDQZYTo_DYMqcFwthjrCBH1WQuRCtd_spw1jNR1eg863_HTU7pXZosxuYRUB-nbvTWkpECmqem4AQBgAa1_JHwlYSy7-IBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WLGvnYOBz4MD-gsCCAGADAHiDRMI3Oedg4HPgwMVKDpVCB3cgwB50BUBgBcB%2526num%253D1%2526sig%253DAOD64_3COeXIcSXmgR8V1yFe-VG0Uje8_g%2526client%253Dca-pub-6120805917655100%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bfe58c3e4f67928f320950cb05524dc012abf7ab1096958560101be80f83d447

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 00:04:55 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 281955
cf-polished: origFmt=png, origSize=2170
alt-svc: h3=":443"; ma=86400
content-length: 1662
cf-bgj: imgq:85,h2pri
last-modified: Mon, 13 Nov 2023 08:38:25 GMT
server: cloudflare
etag: "4721aa7c2d5fa652c8092463f9a485bd"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tZ8Arh5YzWT4mwE6jNjaqHoR338JMaCPfwh10Aj6aRuSVN9bEPzVpCuv2Cp7bdEsteBkgIzZj6KRa6hhBrZPbfTWcZi%2BYUpn6Qvlg7Zv54i3rQd4h1UCZXjctxz8nysJE4Oq4PMJgAK0I7Jy"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 84286cf5bcee1d8a-FRA

GET
H2 200 B4A4D4AE24A1FC5067FA06DB00E21DA5A143F663CF3153C1D2812B519806D793E1E07140C733352966C6C7C037FF39882FAEB141999BF28A93837E2C21DB35B1
assets.ad4m.at/ Frame 3595 23 KB
23 KB 78ms
77ms Image
image/jpeg 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/B4A4D4AE24A1FC5067FA06DB00E21DA5A143F663CF3153C1D2812B519806D793E1E07140C733352966C6C7C037FF39882FAEB141999BF28A93837E2C21DB35B1
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=34719%2C117569%2C22451&b=KXRURfZfk7dT5HMHktPteG4S7SAT88qcp25b%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2CG1rtBfpf8m7SKHeHGtPt31dHZSYTJJkCQV5M&f=kkDa5f3fBKMa4HwHetmCw5WuZSjTmmAa91Ye%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CVb8twfmfQxbhVHbHAtXC8j4cBSzTggWuDJ7x&c=300&d=250&e=&g=3e2445f27605b758fa02d6fb44e6a8d9%2F11117739943320941839&i=26474%2C29981%2C25174&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1704758695216&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j7rz37kenrq7ky69x04kfrp79kngzzdk3v480gnngwe1426vtvh4yx9raew81fh003sz09zbwcwj6zbsfyvxxvszzrxh9hbzckp6s3argg3gvnq0ev19zpkcpkz1x2qc7pgbezngxad8eygqa6vxccf63xbyhtvemqh3y12ehrcywe61m19nf7b4a04xmw8sb2nye7my8172b0tf7fn107ha2wrj0sc6a3hb461gyc6fnxd9aacb76tkn0sn91jxdz8428gskkhvtmmpagdmmw3%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCajKRpo2cZb2MFqj01PIP3IeCyAeQ4YGEXLaoworwAsCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi02MTIwODA1OTE3NjU1MTAwyAEJqQKHoCQ3TGKyPuACAKgDAcgDAqoEwgJP0PZFdyzoi1ev7Bcv6nImIChwq8aCl_TLKSV23xK4yiKqi8UuiyA75zyU7r9slQTVPtyvYMVBv1_-1cvbOMbjV6OwSTXFeeHh8xKhbEns0crUjEdfUtrQu8selYWXN9Y14H1b3e9kferepHdUCRumLiE52dCvq63ehChHRdgQC8OtHA9oRXsd9LTULeQx3cHFvszKKVyidxjINifygx9_-iVAiopK-iofgWXtUesk_otIZb7Ds0i_w0WZvFMPfNEBk6oWz0_ej_v3QjZ6gh-gd0Z6JZfyylFD6DB6UX5jENVnxKzbwGeYtvPMuifrnaCTkMskcASYRyCZaQQGGj5X2y0Tc5sRV8E0isFDQZYTo_DYMqcFwthjrCBH1WQuRCtd_spw1jNR1eg863_HTU7pXZosxuYRUB-nbvTWkpECmqem4AQBgAa1_JHwlYSy7-IBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WLGvnYOBz4MD-gsCCAGADAHiDRMI3Oedg4HPgwMVKDpVCB3cgwB50BUBgBcB%2526num%253D1%2526sig%253DAOD64_3COeXIcSXmgR8V1yFe-VG0Uje8_g%2526client%253Dca-pub-6120805917655100%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 873e5c46cc8ce0b17fbe1f11dd95e9f15dbfa715e3e407d97f31611b5a460d8d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 00:04:55 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4985161
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400
content-length: 23392
cf-bgj: imgq:85,h2pri
last-modified: Thu, 09 Nov 2023 08:08:23 GMT
server: cloudflare
etag: "faa9f958d13ef03f911b71f117846705"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xARQp0bGI9AQVQs%2BPf%2BRTsM3GwHLJIP7ejUjlZoEYrCI9h17XPtfWF0UlakdJXJbUOOPMm0qPBiVqUl50SgjY0i5%2FuCUowIjOee5YE8%2B0%2FPL0RDVNTbGA%2Bb76lJNFox9wzdFqviQTobMqGk4"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 84286cf5bcef1d8a-FRA

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 3595 43 B
704 B 152ms
72ms Image
image/gif 23.199.221.167
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2904924&v=20044&q=415363&r=412871&pv=1&pref3=oneidJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eYoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=34719%2C117569%2C22451&b=KXRURfZfk7dT5HMHktPteG4S7SAT88qcp25b%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2CG1rtBfpf8m7SKHeHGtPt31dHZSYTJJkCQV5M&f=kkDa5f3fBKMa4HwHetmCw5WuZSjTmmAa91Ye%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CVb8twfmfQxbhVHbHAtXC8j4cBSzTggWuDJ7x&c=300&d=250&e=&g=3e2445f27605b758fa02d6fb44e6a8d9%2F11117739943320941839&i=26474%2C29981%2C25174&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1704758695216&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j7rz37kenrq7ky69x04kfrp79kngzzdk3v480gnngwe1426vtvh4yx9raew81fh003sz09zbwcwj6zbsfyvxxvszzrxh9hbzckp6s3argg3gvnq0ev19zpkcpkz1x2qc7pgbezngxad8eygqa6vxccf63xbyhtvemqh3y12ehrcywe61m19nf7b4a04xmw8sb2nye7my8172b0tf7fn107ha2wrj0sc6a3hb461gyc6fnxd9aacb76tkn0sn91jxdz8428gskkhvtmmpagdmmw3%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCajKRpo2cZb2MFqj01PIP3IeCyAeQ4YGEXLaoworwAsCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi02MTIwODA1OTE3NjU1MTAwyAEJqQKHoCQ3TGKyPuACAKgDAcgDAqoEwgJP0PZFdyzoi1ev7Bcv6nImIChwq8aCl_TLKSV23xK4yiKqi8UuiyA75zyU7r9slQTVPtyvYMVBv1_-1cvbOMbjV6OwSTXFeeHh8xKhbEns0crUjEdfUtrQu8selYWXN9Y14H1b3e9kferepHdUCRumLiE52dCvq63ehChHRdgQC8OtHA9oRXsd9LTULeQx3cHFvszKKVyidxjINifygx9_-iVAiopK-iofgWXtUesk_otIZb7Ds0i_w0WZvFMPfNEBk6oWz0_ej_v3QjZ6gh-gd0Z6JZfyylFD6DB6UX5jENVnxKzbwGeYtvPMuifrnaCTkMskcASYRyCZaQQGGj5X2y0Tc5sRV8E0isFDQZYTo_DYMqcFwthjrCBH1WQuRCtd_spw1jNR1eg863_HTU7pXZosxuYRUB-nbvTWkpECmqem4AQBgAa1_JHwlYSy7-IBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WLGvnYOBz4MD-gsCCAGADAHiDRMI3Oedg4HPgwMVKDpVCB3cgwB50BUBgBcB%2526num%253D1%2526sig%253DAOD64_3COeXIcSXmgR8V1yFe-VG0Uje8_g%2526client%253Dca-pub-6120805917655100%2526adurl%253D&y=1&s=&z=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.199.221.167 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-199-221-167.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 09 Jan 2024 00:04:55 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
H2 200 F1668CEEF41AAD8A0C029F9D23FE46EC6F8068CDC15DA60F85AFC1E3BD14A8C560B4DF91D88D53A78DBCC7160246BC21A8B17CCED604428331EE91402A545B83
assets.ad4m.at/logo/ Frame 3595 9 KB
10 KB 40ms
40ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/F1668CEEF41AAD8A0C029F9D23FE46EC6F8068CDC15DA60F85AFC1E3BD14A8C560B4DF91D88D53A78DBCC7160246BC21A8B17CCED604428331EE91402A545B83
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=34719%2C117569%2C22451&b=KXRURfZfk7dT5HMHktPteG4S7SAT88qcp25b%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2CG1rtBfpf8m7SKHeHGtPt31dHZSYTJJkCQV5M&f=kkDa5f3fBKMa4HwHetmCw5WuZSjTmmAa91Ye%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CVb8twfmfQxbhVHbHAtXC8j4cBSzTggWuDJ7x&c=300&d=250&e=&g=3e2445f27605b758fa02d6fb44e6a8d9%2F11117739943320941839&i=26474%2C29981%2C25174&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1704758695216&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j7rz37kenrq7ky69x04kfrp79kngzzdk3v480gnngwe1426vtvh4yx9raew81fh003sz09zbwcwj6zbsfyvxxvszzrxh9hbzckp6s3argg3gvnq0ev19zpkcpkz1x2qc7pgbezngxad8eygqa6vxccf63xbyhtvemqh3y12ehrcywe61m19nf7b4a04xmw8sb2nye7my8172b0tf7fn107ha2wrj0sc6a3hb461gyc6fnxd9aacb76tkn0sn91jxdz8428gskkhvtmmpagdmmw3%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCajKRpo2cZb2MFqj01PIP3IeCyAeQ4YGEXLaoworwAsCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi02MTIwODA1OTE3NjU1MTAwyAEJqQKHoCQ3TGKyPuACAKgDAcgDAqoEwgJP0PZFdyzoi1ev7Bcv6nImIChwq8aCl_TLKSV23xK4yiKqi8UuiyA75zyU7r9slQTVPtyvYMVBv1_-1cvbOMbjV6OwSTXFeeHh8xKhbEns0crUjEdfUtrQu8selYWXN9Y14H1b3e9kferepHdUCRumLiE52dCvq63ehChHRdgQC8OtHA9oRXsd9LTULeQx3cHFvszKKVyidxjINifygx9_-iVAiopK-iofgWXtUesk_otIZb7Ds0i_w0WZvFMPfNEBk6oWz0_ej_v3QjZ6gh-gd0Z6JZfyylFD6DB6UX5jENVnxKzbwGeYtvPMuifrnaCTkMskcASYRyCZaQQGGj5X2y0Tc5sRV8E0isFDQZYTo_DYMqcFwthjrCBH1WQuRCtd_spw1jNR1eg863_HTU7pXZosxuYRUB-nbvTWkpECmqem4AQBgAa1_JHwlYSy7-IBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WLGvnYOBz4MD-gsCCAGADAHiDRMI3Oedg4HPgwMVKDpVCB3cgwB50BUBgBcB%2526num%253D1%2526sig%253DAOD64_3COeXIcSXmgR8V1yFe-VG0Uje8_g%2526client%253Dca-pub-6120805917655100%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3dd5bb9fda081a3cb1bd6d513edb1a71746031bec07d8c646abe5813ba9dd4c4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 00:04:55 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 279282
cf-polished: qual=85, origFmt=jpeg, origSize=13332
alt-svc: h3=":443"; ma=86400
content-length: 9604
cf-bgj: imgq:85,h2pri
last-modified: Fri, 03 Nov 2023 17:02:02 GMT
server: cloudflare
etag: "23e86ef8ba51d351917574e3e8d33ca5"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=epLL4M7rhk5deWcvWEwvi3MdYZ4IGMDEKQN60DyNYwJtLUbJxCS%2BzCjfUOXZ6SmCpANb7lHOeAmKaBBurzOi%2BgFfsTTwtTx2ThnafKt5dN3V5j3ctRv5EKOMueJT%2BQnhnIP%2B%2FxO9Ew2mDif3"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 84286cf5bcf11d8a-FRA

GET
H2 200 FC413BBA72211F5AF56B42ACBA3ABD3A49D827F593C9E1323C0F2A226E056430F688C15FF4CD83A6D4A3CFCFA1FE4220CE28CD84F613C42E73DA82679F4A107B
assets.ad4m.at/product_image/ Frame 3595 26 KB
27 KB 41ms
41ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/FC413BBA72211F5AF56B42ACBA3ABD3A49D827F593C9E1323C0F2A226E056430F688C15FF4CD83A6D4A3CFCFA1FE4220CE28CD84F613C42E73DA82679F4A107B
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=34719%2C117569%2C22451&b=KXRURfZfk7dT5HMHktPteG4S7SAT88qcp25b%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2CG1rtBfpf8m7SKHeHGtPt31dHZSYTJJkCQV5M&f=kkDa5f3fBKMa4HwHetmCw5WuZSjTmmAa91Ye%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CVb8twfmfQxbhVHbHAtXC8j4cBSzTggWuDJ7x&c=300&d=250&e=&g=3e2445f27605b758fa02d6fb44e6a8d9%2F11117739943320941839&i=26474%2C29981%2C25174&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1704758695216&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j7rz37kenrq7ky69x04kfrp79kngzzdk3v480gnngwe1426vtvh4yx9raew81fh003sz09zbwcwj6zbsfyvxxvszzrxh9hbzckp6s3argg3gvnq0ev19zpkcpkz1x2qc7pgbezngxad8eygqa6vxccf63xbyhtvemqh3y12ehrcywe61m19nf7b4a04xmw8sb2nye7my8172b0tf7fn107ha2wrj0sc6a3hb461gyc6fnxd9aacb76tkn0sn91jxdz8428gskkhvtmmpagdmmw3%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCajKRpo2cZb2MFqj01PIP3IeCyAeQ4YGEXLaoworwAsCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi02MTIwODA1OTE3NjU1MTAwyAEJqQKHoCQ3TGKyPuACAKgDAcgDAqoEwgJP0PZFdyzoi1ev7Bcv6nImIChwq8aCl_TLKSV23xK4yiKqi8UuiyA75zyU7r9slQTVPtyvYMVBv1_-1cvbOMbjV6OwSTXFeeHh8xKhbEns0crUjEdfUtrQu8selYWXN9Y14H1b3e9kferepHdUCRumLiE52dCvq63ehChHRdgQC8OtHA9oRXsd9LTULeQx3cHFvszKKVyidxjINifygx9_-iVAiopK-iofgWXtUesk_otIZb7Ds0i_w0WZvFMPfNEBk6oWz0_ej_v3QjZ6gh-gd0Z6JZfyylFD6DB6UX5jENVnxKzbwGeYtvPMuifrnaCTkMskcASYRyCZaQQGGj5X2y0Tc5sRV8E0isFDQZYTo_DYMqcFwthjrCBH1WQuRCtd_spw1jNR1eg863_HTU7pXZosxuYRUB-nbvTWkpECmqem4AQBgAa1_JHwlYSy7-IBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WLGvnYOBz4MD-gsCCAGADAHiDRMI3Oedg4HPgwMVKDpVCB3cgwB50BUBgBcB%2526num%253D1%2526sig%253DAOD64_3COeXIcSXmgR8V1yFe-VG0Uje8_g%2526client%253Dca-pub-6120805917655100%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: db2e4e6461e2031165b8e5e9c11a58bdc3eb90876cb1bf9a660a96220ff103ab

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 00:04:55 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 273452
cf-polished: qual=85, origFmt=jpeg, origSize=27208
alt-svc: h3=":443"; ma=86400
content-length: 27004
cf-bgj: imgq:85,h2pri
last-modified: Wed, 01 Nov 2023 15:25:13 GMT
server: cloudflare
etag: "b0768a8c228032955d69e4578a6f208e"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nQYpoAeglhW2Chz2VUBHlS2DKD%2FPlbisuOxHXfTexv4KrWOvoaFtonV2VeDo3S8tbYBTkT9BWHMcLpgoaR3MSNE4IG4s4T3vfN31JQveulLz%2BzGk9FqpmDkcUkvC5Akrke%2BbsMyO3RDQz1dp"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 84286cf5bcf21d8a-FRA

GET
H/1.1

200

/
banner.congstar.de/cookie/ Frame 3595
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%...
https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_pre=CPie34OBz4MDFWrzEQgdgAYFOA;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_d...
https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneidG1rtBfpf8m7SKHeHGtPt31dHZSYTJJkCQV5Moneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0
https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1704758695_b83ed0d0-ae82-11ee-86b5-22356fe9f584

0
549 B

116ms
14ms

Image
text/plain

87.118.116.9
KEYWEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1704758695_b83ed0d0-ae82-11ee-86b5-22356fe9f584
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=34719%2C117569%2C22451&b=KXRURfZfk7dT5HMHktPteG4S7SAT88qcp25b%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2CG1rtBfpf8m7SKHeHGtPt31dHZSYTJJkCQV5M&f=kkDa5f3fBKMa4HwHetmCw5WuZSjTmmAa91Ye%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CVb8twfmfQxbhVHbHAtXC8j4cBSzTggWuDJ7x&c=300&d=250&e=&g=3e2445f27605b758fa02d6fb44e6a8d9%2F11117739943320941839&i=26474%2C29981%2C25174&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1704758695216&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j7rz37kenrq7ky69x04kfrp79kngzzdk3v480gnngwe1426vtvh4yx9raew81fh003sz09zbwcwj6zbsfyvxxvszzrxh9hbzckp6s3argg3gvnq0ev19zpkcpkz1x2qc7pgbezngxad8eygqa6vxccf63xbyhtvemqh3y12ehrcywe61m19nf7b4a04xmw8sb2nye7my8172b0tf7fn107ha2wrj0sc6a3hb461gyc6fnxd9aacb76tkn0sn91jxdz8428gskkhvtmmpagdmmw3%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCajKRpo2cZb2MFqj01PIP3IeCyAeQ4YGEXLaoworwAsCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi02MTIwODA1OTE3NjU1MTAwyAEJqQKHoCQ3TGKyPuACAKgDAcgDAqoEwgJP0PZFdyzoi1ev7Bcv6nImIChwq8aCl_TLKSV23xK4yiKqi8UuiyA75zyU7r9slQTVPtyvYMVBv1_-1cvbOMbjV6OwSTXFeeHh8xKhbEns0crUjEdfUtrQu8selYWXN9Y14H1b3e9kferepHdUCRumLiE52dCvq63ehChHRdgQC8OtHA9oRXsd9LTULeQx3cHFvszKKVyidxjINifygx9_-iVAiopK-iofgWXtUesk_otIZb7Ds0i_w0WZvFMPfNEBk6oWz0_ej_v3QjZ6gh-gd0Z6JZfyylFD6DB6UX5jENVnxKzbwGeYtvPMuifrnaCTkMskcASYRyCZaQQGGj5X2y0Tc5sRV8E0isFDQZYTo_DYMqcFwthjrCBH1WQuRCtd_spw1jNR1eg863_HTU7pXZosxuYRUB-nbvTWkpECmqem4AQBgAa1_JHwlYSy7-IBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WLGvnYOBz4MD-gsCCAGADAHiDRMI3Oedg4HPgwMVKDpVCB3cgwB50BUBgBcB%2526num%253D1%2526sig%253DAOD64_3COeXIcSXmgR8V1yFe-VG0Uje8_g%2526client%253Dca-pub-6120805917655100%2526adurl%253D&y=1&s=&z=0
Protocol: HTTP/1.1
Server: 87.118.116.9 , Germany, ASN31103 (KEYWEB-AS, DE),
Reverse DNS: km36617.keymachine.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 09 Jan 2024 00:04:55 GMT
Server: Apache
P3P: CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 0

Redirect headers

Date: Tue, 09 Jan 2024 00:04:55 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location: https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1704758695_b83ed0d0-ae82-11ee-86b5-22356fe9f584
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5FE3
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEGerr3RoK0Zs8bfe-Jl88JU&google_cver=1&google_push=AXcoOmTB8K98jtxplxojXbCmG2QI4Rl3vUecTpJCvgtzQToXMO7KDXaQnBAQUeJH_apEuEmshM-VdNmeaAzq5f...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMyMTg4Mjg0MjYwNjA3Mzk5OA%3D%3D&google_push=AXcoOmTB8K98jtxplxojXbCmG2QI4Rl3vUecTpJCvgtzQToXMO7KDXaQnBAQUeJH_apEuEmshM-VdNmeaAzq5fIlCZ...

170 B
188 B

32ms
32ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMyMTg4Mjg0MjYwNjA3Mzk5OA%3D%3D&google_push=AXcoOmTB8K98jtxplxojXbCmG2QI4Rl3vUecTpJCvgtzQToXMO7KDXaQnBAQUeJH_apEuEmshM-VdNmeaAzq5fIlCZc2mv6Baz0

Requested by

Host: 5bfac1e78d50b6cac8dac9b8d2dd593c.safeframe.googlesyndication.com
URL: https://5bfac1e78d50b6cac8dac9b8d2dd593c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Jan 2024 00:04:55 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMyMTg4Mjg0MjYwNjA3Mzk5OA%3D%3D&google_push=AXcoOmTB8K98jtxplxojXbCmG2QI4Rl3vUecTpJCvgtzQToXMO7KDXaQnBAQUeJH_apEuEmshM-VdNmeaAzq5fIlCZc2mv6Baz0
Date: Tue, 09 Jan 2024 00:04:55 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5FE3
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEDsixLL0PsrWilZiSpceeD4&google_cver=1&google_push=AXcoOmSFWMRmlubN2WDSUYRBGZaOOv2D6sdYvnWjcV2ldPdvyn9pEqzLfZQLOpmDmQXwC0wo6eg_9RoIcEHrglOp...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=ws-tiNz2TwgpmmyPlwVGoA&google_push=AXcoOmSFWMRmlubN2WDSUYRBGZaOOv2D6sdYvnWjcV2ldPdvyn9pEqzLfZQLOpmDmQXwC0wo6eg_9RoIcEHrglOp51XG4AtHsrc

170 B
188 B

30ms
30ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=ws-tiNz2TwgpmmyPlwVGoA&google_push=AXcoOmSFWMRmlubN2WDSUYRBGZaOOv2D6sdYvnWjcV2ldPdvyn9pEqzLfZQLOpmDmQXwC0wo6eg_9RoIcEHrglOp51XG4AtHsrc

Requested by

Host: 5bfac1e78d50b6cac8dac9b8d2dd593c.safeframe.googlesyndication.com
URL: https://5bfac1e78d50b6cac8dac9b8d2dd593c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Jan 2024 00:04:55 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 09 Jan 2024 00:04:55 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=ws-tiNz2TwgpmmyPlwVGoA&google_push=AXcoOmSFWMRmlubN2WDSUYRBGZaOOv2D6sdYvnWjcV2ldPdvyn9pEqzLfZQLOpmDmQXwC0wo6eg_9RoIcEHrglOp51XG4AtHsrc
x-host: tde-deliveryengine-production-5db7bf8975-7fcd9
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5FE3
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEFmRDgmAVTHvMIfIt2OLj6M&google_cver=1&google_push=AXcoOmTayVH1GR8Qm6ldG5JeSekVxgrYG_4IBS-y9P1i_7VuLstbg6QbUIJWGPHWtwbqe_xr9SCu4nuIOtzeJoUaCtiwGNN...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTayVH1GR8Qm6ldG5JeSekVxgrYG_4IBS-y9P1i_7VuLstbg6QbUIJWGPHWtwbqe_xr9SCu4nuIOtzeJoUaCtiwGNNKSIA&google_hm=eS1uMzNVUVFORTJwSHg1b19...

170 B
188 B

32ms
32ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTayVH1GR8Qm6ldG5JeSekVxgrYG_4IBS-y9P1i_7VuLstbg6QbUIJWGPHWtwbqe_xr9SCu4nuIOtzeJoUaCtiwGNNKSIA&google_hm=eS1uMzNVUVFORTJwSHg1b19mQWRuWlZyVTRlSW16cXBZTH5B

Requested by

Host: 5bfac1e78d50b6cac8dac9b8d2dd593c.safeframe.googlesyndication.com
URL: https://5bfac1e78d50b6cac8dac9b8d2dd593c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Jan 2024 00:04:55 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 09 Jan 2024 00:04:55 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTayVH1GR8Qm6ldG5JeSekVxgrYG_4IBS-y9P1i_7VuLstbg6QbUIJWGPHWtwbqe_xr9SCu4nuIOtzeJoUaCtiwGNNKSIA&google_hm=eS1uMzNVUVFORTJwSHg1b19mQWRuWlZyVTRlSW16cXBZTH5B
content-length: 0

GET
H2 200 UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 5FE3 0
41 B 37ms
35ms Image
text/html 198.47.127.19
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESELY8q-cmFL1pb3ZUQstnlYI&google_cver=1&google_push=AXcoOmSbOScMvuLDWFkgqm2JTwg5ANZz-B-qUe-32VV1T_ZhstuBaOqlu0zCg5CHNyIr86g73dKHq5iPWJeSWj1mmxC0dJRvy40
Requested by: Host: 5bfac1e78d50b6cac8dac9b8d2dd593c.safeframe.googlesyndication.com
URL: https://5bfac1e78d50b6cac8dac9b8d2dd593c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date: Tue, 09 Jan 2024 00:04:55 GMT
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5FE3
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEK...
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AXcoOmQFPJFtJvekDK8XomKQuHhkF0vk-ldFoXGu3AhoPiJcnn28VtisQMa1q2mRnD-GXds5qSyXTbjJyabljDdzE1_N4kPtGg&redir=https%3A%2F%2Fcm.g.doublec...
https://sync.targeting.unrulymedia.com/csync/RX-75528251-5580-4c5c-ad72-008d2bfc7d89-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAXcoOmQFPJFtJvekDK8XomKQu...
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmQFPJFtJvekDK8XomKQuHhkF0vk-ldFoXGu3AhoPiJcnn28VtisQMa1q2mRnD-GXds5qSyXTbjJyabljDdzE1_N4kPtGg&google_hm=A3VSglFVgExcrXIAjSv8fYk

170 B
188 B

25ms
25ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmQFPJFtJvekDK8XomKQuHhkF0vk-ldFoXGu3AhoPiJcnn28VtisQMa1q2mRnD-GXds5qSyXTbjJyabljDdzE1_N4kPtGg&google_hm=A3VSglFVgExcrXIAjSv8fYk

Requested by

Host: 5bfac1e78d50b6cac8dac9b8d2dd593c.safeframe.googlesyndication.com
URL: https://5bfac1e78d50b6cac8dac9b8d2dd593c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Jan 2024 00:04:55 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmQFPJFtJvekDK8XomKQuHhkF0vk-ldFoXGu3AhoPiJcnn28VtisQMa1q2mRnD-GXds5qSyXTbjJyabljDdzE1_N4kPtGg&google_hm=A3VSglFVgExcrXIAjSv8fYk
date: Tue, 09 Jan 2024 00:04:55 GMT
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RX7552825155804c5cad72008d2bfc7d89003
content-type: text/html

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 5FE3
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEM9njP6IbWCzscfi9rtWWdY&google_cver=1&google_push=AXcoOmTib0fZ7eLDjJefOIY5FzHVicmg57coUhKTqC64nITK2FZx84yyr5v0XvpgttCJ4Ws62OIZJZOmMfzC6jElIXrF5crh7A
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzA1MjM4OTkzMjU2NDA4MjA2NDI2MQ%3D%3D&google_push=AXcoOmTib0fZ7eLDjJefOIY5FzHVicmg57coUhKTqC64nITK2FZx84yy...

170 B
232 B

49ms
49ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzA1MjM4OTkzMjU2NDA4MjA2NDI2MQ%3D%3D&google_push=AXcoOmTib0fZ7eLDjJefOIY5FzHVicmg57coUhKTqC64nITK2FZx84yyr5v0XvpgttCJ4Ws62OIZJZOmMfzC6jElIXrF5crh7A

Requested by

Host: 5bfac1e78d50b6cac8dac9b8d2dd593c.safeframe.googlesyndication.com
URL: https://5bfac1e78d50b6cac8dac9b8d2dd593c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Jan 2024 00:04:55 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzA1MjM4OTkzMjU2NDA4MjA2NDI2MQ%3D%3D&google_push=AXcoOmTib0fZ7eLDjJefOIY5FzHVicmg57coUhKTqC64nITK2FZx84yyr5v0XvpgttCJ4Ws62OIZJZOmMfzC6jElIXrF5crh7A
date: Tue, 09 Jan 2024 00:04:55 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25
x.bidswitch.net/check_uuid/ Frame 5FE3 43 B
146 B 106ms
36ms Image
image/gif 35.157.107.95
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEMEzF5CdzviHpH5rQlxLydc&google_cver=1&google_push=AXcoOmTTliog9cw0dt8cZAvtjXh-uIjzOlhGT51fdg1v9JX7tNykbUj826Y5_npDg6qrpEwoRfe-htM_RmZ2gaIYc9WWc1WI8Ica
Requested by: Host: 5bfac1e78d50b6cac8dac9b8d2dd593c.safeframe.googlesyndication.com
URL: https://5bfac1e78d50b6cac8dac9b8d2dd593c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.157.107.95 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-107-95.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 00:04:55 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 5FE3 0
40 B 45ms
43ms Image
text/html 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13I2pXdYz2Nobo3Oc4IPtar46L-NYlof-DQ7qjlc1X0auYm8ICZ3aHp-x4epZr2YpmOx87x5HQ

Requested by

Host: 5bfac1e78d50b6cac8dac9b8d2dd593c.safeframe.googlesyndication.com
URL: https://5bfac1e78d50b6cac8dac9b8d2dd593c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 00:04:55 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D05B
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEMbjZbmNPSx9K7rAW1C3HIs&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEMbjZbmNPSx9K7rAW1C3HIs&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=bUR1dHZQbTkxUm1aQlo1&google_gid=CAESEMbjZbmNPSx9K7rAW1C3HIs&google_cver=1&google_push=AXcoOmSABG0JunnzuK5nrzjQwzbmnfGi-fmhR7PHqD3nJ2L...

170 B
188 B

32ms
32ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=bUR1dHZQbTkxUm1aQlo1&google_gid=CAESEMbjZbmNPSx9K7rAW1C3HIs&google_cver=1&google_push=AXcoOmSABG0JunnzuK5nrzjQwzbmnfGi-fmhR7PHqD3nJ2LZ2qy-2yvNUGan_ZbaSr9csUuimArANOZrer72W_sgbV6MeSku2fjP

Requested by

Host: 5bfac1e78d50b6cac8dac9b8d2dd593c.safeframe.googlesyndication.com
URL: https://5bfac1e78d50b6cac8dac9b8d2dd593c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Jan 2024 00:04:55 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 09 Jan 2024 00:04:54 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-795-gb641a57#rel-ec2-master i-0f7f5cc7c951f6e61@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=bUR1dHZQbTkxUm1aQlo1&google_gid=CAESEMbjZbmNPSx9K7rAW1C3HIs&google_cver=1&google_push=AXcoOmSABG0JunnzuK5nrzjQwzbmnfGi-fmhR7PHqD3nJ2LZ2qy-2yvNUGan_ZbaSr9csUuimArANOZrer72W_sgbV6MeSku2fjP
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame D05B
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEJO-VRnDyHo8zSu6Kbo2ZGg&google_cver=1&google_push=AXcoOmQ01knE5tUwUYNTOYOZZlYz7pklFtPbYwBl82DSzW9RPJU_4yc9zt4WK5mXxF03OV8PirIVzJwJDcCs5IMeV5tAhyzD0lc-
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=F9D91BD4AC174CAB98BE824B1E6736E2&google_push=AXcoOmQ01knE5tUwUYNTOYOZZlYz7pklFtPbYwBl82DSzW9RPJU_4yc9zt4WK5mXxF03OV8PirIVzJwJDcCs5IM...

170 B
232 B

48ms
48ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=F9D91BD4AC174CAB98BE824B1E6736E2&google_push=AXcoOmQ01knE5tUwUYNTOYOZZlYz7pklFtPbYwBl82DSzW9RPJU_4yc9zt4WK5mXxF03OV8PirIVzJwJDcCs5IMeV5tAhyzD0lc-

Requested by

Host: 5bfac1e78d50b6cac8dac9b8d2dd593c.safeframe.googlesyndication.com
URL: https://5bfac1e78d50b6cac8dac9b8d2dd593c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Jan 2024 00:04:55 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 09 Jan 2024 00:04:55 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=F9D91BD4AC174CAB98BE824B1E6736E2&google_push=AXcoOmQ01knE5tUwUYNTOYOZZlYz7pklFtPbYwBl82DSzW9RPJU_4yc9zt4WK5mXxF03OV8PirIVzJwJDcCs5IMeV5tAhyzD0lc-
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Mon, 08 Jan 2024 00:04:55 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D05B
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEFmRDgmAVTHvMIfIt2OLj6M&google_cver=1&google_push=AXcoOmQbgHUEyb0APLHdjSOqmH0F5et2MwIHXBpPhRS3mEGcfOlxaeV0vGYwYyx16r__j0i77nzegS4CCQe5NsNqCcq4nLI...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQbgHUEyb0APLHdjSOqmH0F5et2MwIHXBpPhRS3mEGcfOlxaeV0vGYwYyx16r__j0i77nzegS4CCQe5NsNqCcq4nLI7DqKB&google_hm=eS01dl85MDZ0RTJwRTNqOH...

170 B
188 B

32ms
32ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQbgHUEyb0APLHdjSOqmH0F5et2MwIHXBpPhRS3mEGcfOlxaeV0vGYwYyx16r__j0i77nzegS4CCQe5NsNqCcq4nLI7DqKB&google_hm=eS01dl85MDZ0RTJwRTNqOHZUNEdSOVJQY1Z6QUM0SUVfTH5B

Requested by

Host: 5bfac1e78d50b6cac8dac9b8d2dd593c.safeframe.googlesyndication.com
URL: https://5bfac1e78d50b6cac8dac9b8d2dd593c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Jan 2024 00:04:55 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 09 Jan 2024 00:04:55 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQbgHUEyb0APLHdjSOqmH0F5et2MwIHXBpPhRS3mEGcfOlxaeV0vGYwYyx16r__j0i77nzegS4CCQe5NsNqCcq4nLI7DqKB&google_hm=eS01dl85MDZ0RTJwRTNqOHZUNEdSOVJQY1Z6QUM0SUVfTH5B
content-length: 0

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame D05B 43 B
363 B 122ms
33ms Image
image/gif 178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmRUlFP_AisunlbVmSnzo8uab6jyJCNqzo75b2dqsq9QgVW0VqsPMmBEi1wqLkPKoh-MRFyPZKn2WGQhBrhwO1o5CoaZ0J4&google_gid=CAESEI7KAUOMNtuznXckJlJQNYc&google_cver=1

Requested by

Host: 5bfac1e78d50b6cac8dac9b8d2dd593c.safeframe.googlesyndication.com
URL: https://5bfac1e78d50b6cac8dac9b8d2dd593c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Jan 2024 00:04:54 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 242985
expires: Tue, 09 Jan 2024 00:00:00 GMT

GET
H2 200 UCookieSetPug
image6.pubmatic.com/AdServer/ Frame D05B 0
41 B 42ms
40ms Image
text/html 198.47.127.19
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESELY8q-cmFL1pb3ZUQstnlYI&google_cver=1&google_push=AXcoOmQdIRGkO1C34AXTHiiJyvZThj5TsWon8u4Wa6dvheXhYQTmEKROR96cbKuyGti43X5JzA6d9L2PI9izROA7_oL_ezz8Z9gy
Requested by: Host: 5bfac1e78d50b6cac8dac9b8d2dd593c.safeframe.googlesyndication.com
URL: https://5bfac1e78d50b6cac8dac9b8d2dd593c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date: Tue, 09 Jan 2024 00:04:54 GMT
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D05B
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEK...
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AXcoOmTr-97nzJeB25kmMua4oCbHl_o83m-pbOcXLeEEmc0HuHT6VFufVNYG4FLtVXldURbzjOntrbZ_i56meZAkBucX_IW5Rrwz&redir=https%3A%2F%2Fcm.g.doubl...
https://sync.targeting.unrulymedia.com/csync/RX-75528251-5580-4c5c-ad72-008d2bfc7d89-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAXcoOmTr-97nzJeB25kmMua4o...
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmTr-97nzJeB25kmMua4oCbHl_o83m-pbOcXLeEEmc0HuHT6VFufVNYG4FLtVXldURbzjOntrbZ_i56meZAkBucX_IW5Rrwz&google_hm=A3VSglFVgExcrXIAjSv8fYk

170 B
188 B

26ms
25ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmTr-97nzJeB25kmMua4oCbHl_o83m-pbOcXLeEEmc0HuHT6VFufVNYG4FLtVXldURbzjOntrbZ_i56meZAkBucX_IW5Rrwz&google_hm=A3VSglFVgExcrXIAjSv8fYk

Requested by

Host: 5bfac1e78d50b6cac8dac9b8d2dd593c.safeframe.googlesyndication.com
URL: https://5bfac1e78d50b6cac8dac9b8d2dd593c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Jan 2024 00:04:55 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmTr-97nzJeB25kmMua4oCbHl_o83m-pbOcXLeEEmc0HuHT6VFufVNYG4FLtVXldURbzjOntrbZ_i56meZAkBucX_IW5Rrwz&google_hm=A3VSglFVgExcrXIAjSv8fYk
date: Tue, 09 Jan 2024 00:04:55 GMT
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RX7552825155804c5cad72008d2bfc7d89003
content-type: text/html

GET
H2

200

/
onetag-sys.com/match/ Frame D05B
Redirect Chain

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEIqaX29S-ppe8X2gTCpyzZ4&google_cver=1&google_push=AXcoOmT0lo4owDRfHxs3GTWi6Yg2RVOi69L6HV9cko1NgTgQMmTj7QggVGxBWKPtfTqh7YjgRPnkuL77bK9...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmT0lo4owDRfHxs3GTWi6Yg2RVOi69L6HV9cko1NgTgQMmTj7QggVGxBWKPtfTqh7YjgRPnkuL77bK9adw1igBIAjPbar8yhHA
https://onetag-sys.com/match/?int_id=19&google_error=5

0
200 B

25ms
25ms

Image
text/plain

51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=19&google_error=5

Requested by

Host: 5bfac1e78d50b6cac8dac9b8d2dd593c.safeframe.googlesyndication.com
URL: https://5bfac1e78d50b6cac8dac9b8d2dd593c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Tue, 09 Jan 2024 00:04:55 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 255
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame D05B 0
40 B 44ms
43ms Image
text/html 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LEHZWXp7mh5NflNPs5u6PdS0wdDH_jNekI_OyNmtyqknRc0cym1jw_pWRYQcYtR497UyYe2g

Requested by

Host: 5bfac1e78d50b6cac8dac9b8d2dd593c.safeframe.googlesyndication.com
URL: https://5bfac1e78d50b6cac8dac9b8d2dd593c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 00:04:55 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
DATA 200
OK truncated
/ Frame 8A17 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f4d3116590fe12f997a9a11ac10911517ee0a468ac563444edc374f16010158e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.50/one-ad/ Frame 297B 115 KB
14 KB 75ms
75ms Stylesheet
text/css 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1h4mcgmt1jme0qbxszhasejfjs3txyh7n9552wy86ysmz61yp56dmkf2me83v2axgvw5ab8wp7bd3fndk79615ett8d1vmrrwrvzgjgxy8k7hb0m6g6xhcmyv1pesw6b5t9adywrv6605jg1cnamss6a6s1cz0h4758hbw9j9wtwwxhaxr9zmy6kdyx5p3x45130qtm9ahcjaagxsp76d5z13nyfc0c5va8an4s3jk4axvvrhade7wdjz4vabvra9wjsh7h979qk1by3bgsy6ppsex8a43c1qgjmh069j94kw4z4y1adv5n98rx1m82mj4s7shhak0wamzghcbrp0x2a924smd4k2ma3jvmrx6whx7242w0ayqc1t2qcqpy0d35km80nhyv2j8wpn4qtqj7bwpyre14wx57a755t4vrj0trsx96f4bc4zcmhdycnpggesm7f&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCyWjypo2cZbyMFqj01PIP3IeCyAeQ4YGEXLaoworwAsCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi02MTIwODA1OTE3NjU1MTAwyAEJqQKHoCQ3TGKyPuACAKgDAcgDAqoEwQJP0DO2FEWyVTMkjpPTxxOp0BrqvcosurZiN1JsFAA0JOtxAlbG7Ept6tsQydxRhH-Sdc6Xu5vd_vj-XEcr-wroylCTe3LwXD1NDECygw2P_EtIXbgeDXbQ90bedK29vf9v3DDbsdQ6EIydeXkoAx47DmwxIcEUWHH8_AOtk50Pybs93Ha32ilHw7fRswvVcvukxNxsGnvFWChZthho6SRsB-ab3mZYgLL18fWlHCtjsq_mU39ec-Ryqv-H3GQEjnP31WBJdXoKwMmOv-NibH8kefOKyWZzGKiw_sjXbTnNm0wEztKA_-kmjUYnvRQAlXlptqAr2TCk8t9_4sm8spkpzPhOTBaK8G3bT2YljEw8pLH6SuA80EXv2NZ2kbivD2fhOZDmrGSYnqDMnqH3jTIrMIoSyX6WMh8KFrDAEyW3jI3gBAGABrnqssHX0466vgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYsa-dg4HPgwP6CwIIAYAMAeINEwjb552Dgc-DAxUoOlUIHdyDAHnQFQGAFwE%26num%3D1%26sig%3DAOD64_3K4XSIv_PnvURJgKjQ-rhqoh_Nnw%26client%3Dca-pub-6120805917655100%26adurl%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1h4mcgmt1jme0qbxszhasejfjs3txyh7n9552wy86ysmz61yp56dmkf2me83v2axgvw5ab8wp7bd3fndk79615ett8d1vmrrwrvzgjgxy8k7hb0m6g6xhcmyv1pesw6b5t9adywrv6605jg1cnamss6a6s1cz0h4758hbw9j9wtwwxhaxr9zmy6kdyx5p3x45130qtm9ahcjaagxsp76d5z13nyfc0c5va8an4s3jk4axvvrhade7wdjz4vabvra9wjsh7h979qk1by3bgsy6ppsex8a43c1qgjmh069j94kw4z4y1adv5n98rx1m82mj4s7shhak0wamzghcbrp0x2a924smd4k2ma3jvmrx6whx7242w0ayqc1t2qcqpy0d35km80nhyv2j8wpn4qtqj7bwpyre14wx57a755t4vrj0trsx96f4bc4zcmhdycnpggesm7f&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCyWjypo2cZbyMFqj01PIP3IeCyAeQ4YGEXLaoworwAsCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi02MTIwODA1OTE3NjU1MTAwyAEJqQKHoCQ3TGKyPuACAKgDAcgDAqoEwQJP0DO2FEWyVTMkjpPTxxOp0BrqvcosurZiN1JsFAA0JOtxAlbG7Ept6tsQydxRhH-Sdc6Xu5vd_vj-XEcr-wroylCTe3LwXD1NDECygw2P_EtIXbgeDXbQ90bedK29vf9v3DDbsdQ6EIydeXkoAx47DmwxIcEUWHH8_AOtk50Pybs93Ha32ilHw7fRswvVcvukxNxsGnvFWChZthho6SRsB-ab3mZYgLL18fWlHCtjsq_mU39ec-Ryqv-H3GQEjnP31WBJdXoKwMmOv-NibH8kefOKyWZzGKiw_sjXbTnNm0wEztKA_-kmjUYnvRQAlXlptqAr2TCk8t9_4sm8spkpzPhOTBaK8G3bT2YljEw8pLH6SuA80EXv2NZ2kbivD2fhOZDmrGSYnqDMnqH3jTIrMIoSyX6WMh8KFrDAEyW3jI3gBAGABrnqssHX0466vgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYsa-dg4HPgwP6CwIIAYAMAeINEwjb552Dgc-DAxUoOlUIHdyDAHnQFQGAFwE%26num%3D1%26sig%3DAOD64_3K4XSIv_PnvURJgKjQ-rhqoh_Nnw%26client%3Dca-pub-6120805917655100%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 00:04:55 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2326514
cf-polished: origSize=118430
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 02 Nov 2023 10:26:17 GMT
server: cloudflare
etag: W/"486507ccce9ac587d11c0ef3f32a109a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OcHkSJKo0IIygKU5FZDTLA0AJiAaY1rCuwuYRLIgo58JHgSoo4N1TqvY6mf58EOD3idR107SC4rzUw0IJVlgXgWudzUEhheIzUe38EGMXLEe%2Bpx5%2FWSiXBYBgfTt6wVrkpfnLiX65AE%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=86400
cf-ray: 84286cf5fcee9b1f-FRA
expires: Wed, 10 Jan 2024 00:04:55 GMT

GET
H3 200 r62eglto.js Show response
ad4m.at/ Frame 297B 24 KB
10 KB 124ms
124ms Script
application/javascript 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1h4mcgmt1jme0qbxszhasejfjs3txyh7n9552wy86ysmz61yp56dmkf2me83v2axgvw5ab8wp7bd3fndk79615ett8d1vmrrwrvzgjgxy8k7hb0m6g6xhcmyv1pesw6b5t9adywrv6605jg1cnamss6a6s1cz0h4758hbw9j9wtwwxhaxr9zmy6kdyx5p3x45130qtm9ahcjaagxsp76d5z13nyfc0c5va8an4s3jk4axvvrhade7wdjz4vabvra9wjsh7h979qk1by3bgsy6ppsex8a43c1qgjmh069j94kw4z4y1adv5n98rx1m82mj4s7shhak0wamzghcbrp0x2a924smd4k2ma3jvmrx6whx7242w0ayqc1t2qcqpy0d35km80nhyv2j8wpn4qtqj7bwpyre14wx57a755t4vrj0trsx96f4bc4zcmhdycnpggesm7f&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCyWjypo2cZbyMFqj01PIP3IeCyAeQ4YGEXLaoworwAsCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi02MTIwODA1OTE3NjU1MTAwyAEJqQKHoCQ3TGKyPuACAKgDAcgDAqoEwQJP0DO2FEWyVTMkjpPTxxOp0BrqvcosurZiN1JsFAA0JOtxAlbG7Ept6tsQydxRhH-Sdc6Xu5vd_vj-XEcr-wroylCTe3LwXD1NDECygw2P_EtIXbgeDXbQ90bedK29vf9v3DDbsdQ6EIydeXkoAx47DmwxIcEUWHH8_AOtk50Pybs93Ha32ilHw7fRswvVcvukxNxsGnvFWChZthho6SRsB-ab3mZYgLL18fWlHCtjsq_mU39ec-Ryqv-H3GQEjnP31WBJdXoKwMmOv-NibH8kefOKyWZzGKiw_sjXbTnNm0wEztKA_-kmjUYnvRQAlXlptqAr2TCk8t9_4sm8spkpzPhOTBaK8G3bT2YljEw8pLH6SuA80EXv2NZ2kbivD2fhOZDmrGSYnqDMnqH3jTIrMIoSyX6WMh8KFrDAEyW3jI3gBAGABrnqssHX0466vgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYsa-dg4HPgwP6CwIIAYAMAeINEwjb552Dgc-DAxUoOlUIHdyDAHnQFQGAFwE%26num%3D1%26sig%3DAOD64_3K4XSIv_PnvURJgKjQ-rhqoh_Nnw%26client%3Dca-pub-6120805917655100%26adurl%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e688c863b85a28f75e5c1c7f21092f1f419649e10496f9f1fc36826112bbd348

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 00:04:55 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 29 Nov 2023 09:14:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 485403
etag: W/"aa3e81d21ff1f0e18f4862e53a794952"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9aXbMSvplg4%2Fml3VjQhooY0ns3Ci%2Ba229Z5MhGDlqwHzTu8NGBrh0tJZA%2BfUCdP7geMySNq8K5Fh9QQvcNoYFBdMilYsPtTMYS22U5V3Iw6mleweef5UJXIlrn7OSQxR1uoZuI0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 84286cf5fcef9b1f-FRA
alt-svc: h3=":443"; ma=86400
expires: Wed, 27 Dec 2023 09:17:16 GMT

GET
H2 204 b
sb.scorecardresearch.com/ 0
225 B 40ms
40ms Image
text/plain 18.245.60.72
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=2&c2=20966896&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1704758695356&ns_c=UTF-8&c7=https%3A%2F%2Fwww.melhoresdestinos.com.br%2F&c8=Melhores%20Destinos%20-%20Passagens%20a%C3%A9reas%20baratas&c9=
Requested by: Host: www.melhoresdestinos.com.br
URL: https://www.melhoresdestinos.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.60.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-60-72.fra60.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.melhoresdestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 00:04:55 GMT
via: 1.1 5cf26f8164e0cad37f6634ff6aeac4ce.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: FRA60-P5
x-amz-cf-id: js8plSQdUWacF6tDgveXkS2uIrWCnpxRHbTowR1diTJET-p5yRYdZA==
x-cache: Miss from cloudfront

GET
H2 200 8ba07dcc278cb95cb008c6e507593ee9.js Show response
script.crazyegg.com/pages/versioned/common-scripts/ 96 KB
31 KB 43ms
43ms Script
text/javascript 2606:4700::6813:9408
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/versioned/common-scripts/8ba07dcc278cb95cb008c6e507593ee9.js
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0070/3630.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d6d0824c232f1be9cf8778e2f91360b3562ac7464795f81882f95d22defbd146

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.melhoresdestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 00:04:55 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 19 Dec 2023 07:22:31 GMT
server: cloudflare
age: 23831
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 84286cf628e835ea-FRA
content-length: 31973

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.50/one-ad/ Frame F358 115 KB
14 KB 109ms
109ms Stylesheet
text/css 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1hzj67jjy60wdxe6x67422ngjs726rg8m6gnwa0g5t442tmvgn9nz8556hznc0s2k8bvyg8ncc3bh7nt9ykcbze9023qtvtxj9e060q5gdhkv8aa3198em8cbxnsgv4j0n31p582daa2tytteh490gd96ezgmfbmes4xa0t7qkrhrkfwrc9t6p80z19dkcxp8d60h9kdssk0ngg3zw8hztmh7k0zcvhaz768bd17e1jexvx3sdv54q18g6ec87fzd9cdd182tb642s59868633bm8wqaj1cksa969gfgg3jm20qhhf7bweja4497v3vvc3egjmvmxtvfmcsdmdf3fj2swz64tkz88pnhexr4n44bfr4s4b0e60kvwcp0jhqbdw86ey6jp29b0atbyyh8q107wm2apm7p0b0cgqebmeher6tsvzgjsb7yfkan1n7yqkw9qxve&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCKlsXpo2cZb6MFqj01PIP3IeCyAeQ4YGEXLaoworwAsCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi02MTIwODA1OTE3NjU1MTAwyAEJqQKHoCQ3TGKyPuACAKgDAcgDAqoEwgJP0JrNHWABItPN-wmKp0sjgVs4Y2iFXwya43DSK2NwRFJj70TllDapgqsRTQfUM0Oc6m4AeKCC783S-GHblV_71SwqYjlQ00ATw6wmwqMAS0TSgcy0pD98-cn80OBe22mcuMcJSRO5y3RZ6IhDobLsoBs5-_cdlZMfLJLzymzWdRbI5oR0DUh3AIaSI1n4kiTn8sRj05DBeqt_4T9xGmWVZJsLUewZhletNrcQ8W2cGhPDlLtpdlGld6NRgKQZfxghlxNyriqZqW4lRhAPOWsj8-I3PNqj4xMbVDlvxa4aGMmT5D_4AXTSUI6gUQqjdP_ULGUpr0ynsVzZaxCauY6RVqK8nKJYkC6USJmAUL1EOBv0KK17EaAbTJhRC2CczTY-dAWTUVJQL43_hGd4bmBJY_4HGByXx24lYdzMSuACtF2q4AQBgAaalv6x-5b39cgBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WLGvnYOBz4MD-gsCCAGADAHiDRMI3eedg4HPgwMVKDpVCB3cgwB50BUBgBcB%26num%3D1%26sig%3DAOD64_2FGGt69vZhY-aSs-IfNwungNBNSQ%26client%3Dca-pub-6120805917655100%26adurl%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1hzj67jjy60wdxe6x67422ngjs726rg8m6gnwa0g5t442tmvgn9nz8556hznc0s2k8bvyg8ncc3bh7nt9ykcbze9023qtvtxj9e060q5gdhkv8aa3198em8cbxnsgv4j0n31p582daa2tytteh490gd96ezgmfbmes4xa0t7qkrhrkfwrc9t6p80z19dkcxp8d60h9kdssk0ngg3zw8hztmh7k0zcvhaz768bd17e1jexvx3sdv54q18g6ec87fzd9cdd182tb642s59868633bm8wqaj1cksa969gfgg3jm20qhhf7bweja4497v3vvc3egjmvmxtvfmcsdmdf3fj2swz64tkz88pnhexr4n44bfr4s4b0e60kvwcp0jhqbdw86ey6jp29b0atbyyh8q107wm2apm7p0b0cgqebmeher6tsvzgjsb7yfkan1n7yqkw9qxve&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCKlsXpo2cZb6MFqj01PIP3IeCyAeQ4YGEXLaoworwAsCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi02MTIwODA1OTE3NjU1MTAwyAEJqQKHoCQ3TGKyPuACAKgDAcgDAqoEwgJP0JrNHWABItPN-wmKp0sjgVs4Y2iFXwya43DSK2NwRFJj70TllDapgqsRTQfUM0Oc6m4AeKCC783S-GHblV_71SwqYjlQ00ATw6wmwqMAS0TSgcy0pD98-cn80OBe22mcuMcJSRO5y3RZ6IhDobLsoBs5-_cdlZMfLJLzymzWdRbI5oR0DUh3AIaSI1n4kiTn8sRj05DBeqt_4T9xGmWVZJsLUewZhletNrcQ8W2cGhPDlLtpdlGld6NRgKQZfxghlxNyriqZqW4lRhAPOWsj8-I3PNqj4xMbVDlvxa4aGMmT5D_4AXTSUI6gUQqjdP_ULGUpr0ynsVzZaxCauY6RVqK8nKJYkC6USJmAUL1EOBv0KK17EaAbTJhRC2CczTY-dAWTUVJQL43_hGd4bmBJY_4HGByXx24lYdzMSuACtF2q4AQBgAaalv6x-5b39cgBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WLGvnYOBz4MD-gsCCAGADAHiDRMI3eedg4HPgwMVKDpVCB3cgwB50BUBgBcB%26num%3D1%26sig%3DAOD64_2FGGt69vZhY-aSs-IfNwungNBNSQ%26client%3Dca-pub-6120805917655100%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 00:04:55 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2326514
cf-polished: origSize=118430
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 02 Nov 2023 10:26:17 GMT
server: cloudflare
etag: W/"486507ccce9ac587d11c0ef3f32a109a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KWUo09nKjrsaE8u3TPWlmg2Nga2SBK99iQExY6%2FLqLyTq%2Ba5QRrapFeUzBc7ctfjk1NUe4Uqoa1V%2By0wGcosLlMOg1%2BSOrd82HIsISvHZ14q6dlWILTQ%2BKBuIVlAdvx4uSoINFib72w%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=86400
cf-ray: 84286cf63d0a9b1f-FRA
expires: Wed, 10 Jan 2024 00:04:55 GMT

GET
H3 200 r62eglto.js Show response
ad4m.at/ Frame F358 24 KB
10 KB 134ms
134ms Script
application/javascript 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1hzj67jjy60wdxe6x67422ngjs726rg8m6gnwa0g5t442tmvgn9nz8556hznc0s2k8bvyg8ncc3bh7nt9ykcbze9023qtvtxj9e060q5gdhkv8aa3198em8cbxnsgv4j0n31p582daa2tytteh490gd96ezgmfbmes4xa0t7qkrhrkfwrc9t6p80z19dkcxp8d60h9kdssk0ngg3zw8hztmh7k0zcvhaz768bd17e1jexvx3sdv54q18g6ec87fzd9cdd182tb642s59868633bm8wqaj1cksa969gfgg3jm20qhhf7bweja4497v3vvc3egjmvmxtvfmcsdmdf3fj2swz64tkz88pnhexr4n44bfr4s4b0e60kvwcp0jhqbdw86ey6jp29b0atbyyh8q107wm2apm7p0b0cgqebmeher6tsvzgjsb7yfkan1n7yqkw9qxve&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCKlsXpo2cZb6MFqj01PIP3IeCyAeQ4YGEXLaoworwAsCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi02MTIwODA1OTE3NjU1MTAwyAEJqQKHoCQ3TGKyPuACAKgDAcgDAqoEwgJP0JrNHWABItPN-wmKp0sjgVs4Y2iFXwya43DSK2NwRFJj70TllDapgqsRTQfUM0Oc6m4AeKCC783S-GHblV_71SwqYjlQ00ATw6wmwqMAS0TSgcy0pD98-cn80OBe22mcuMcJSRO5y3RZ6IhDobLsoBs5-_cdlZMfLJLzymzWdRbI5oR0DUh3AIaSI1n4kiTn8sRj05DBeqt_4T9xGmWVZJsLUewZhletNrcQ8W2cGhPDlLtpdlGld6NRgKQZfxghlxNyriqZqW4lRhAPOWsj8-I3PNqj4xMbVDlvxa4aGMmT5D_4AXTSUI6gUQqjdP_ULGUpr0ynsVzZaxCauY6RVqK8nKJYkC6USJmAUL1EOBv0KK17EaAbTJhRC2CczTY-dAWTUVJQL43_hGd4bmBJY_4HGByXx24lYdzMSuACtF2q4AQBgAaalv6x-5b39cgBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WLGvnYOBz4MD-gsCCAGADAHiDRMI3eedg4HPgwMVKDpVCB3cgwB50BUBgBcB%26num%3D1%26sig%3DAOD64_2FGGt69vZhY-aSs-IfNwungNBNSQ%26client%3Dca-pub-6120805917655100%26adurl%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e688c863b85a28f75e5c1c7f21092f1f419649e10496f9f1fc36826112bbd348

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 00:04:55 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 29 Nov 2023 09:14:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 485403
etag: W/"aa3e81d21ff1f0e18f4862e53a794952"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IxZTKRFBBoRa1%2Fh2rW7hwKGY5J4ZyQWlgPGgSmyubHUy28yXLeyfriD1MLN6s0N3r21TT3efAATOLlRIFqrkcFI0tvFg7NdtKsfRNeTrTSMfqEqhvvymhoteoOcFvM%2Fahfpkxs0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 84286cf63d0c9b1f-FRA
alt-svc: h3=":443"; ma=86400
expires: Wed, 27 Dec 2023 09:17:16 GMT

GET
H2 200 www.melhoresdestinos.com.br.json Show response
script.crazyegg.com/pages/data-scripts/0070/3630/sampling/ 184 B
252 B 35ms
35ms XHR
application/json 2606:4700::6813:9408
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/data-scripts/0070/3630/sampling/www.melhoresdestinos.com.br.json?t=473544
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/8ba07dcc278cb95cb008c6e507593ee9.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6150b7f1f2b4e52b25a34140eb1752b1cfe19a7bb05edff4a361f403208d1df9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.melhoresdestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 00:04:55 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 23384
ce-version: 11.5.164
content-length: 159
last-modified: Mon, 08 Jan 2024 17:35:11 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 84286cf67bcd30c4-FRA

GET
H2 200 api.min.css
a.omappapi.com/app/js/ 10 KB
3 KB 22ms
20ms Stylesheet
text/css 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/api.min.css
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1081 /
Resource Hash: 428f350bd53281aeb92b949ccc048356f66823858401537ef57c712bf179fe3e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.melhoresdestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 00:04:55 GMT
content-encoding: br
cdn-edgestorageid: 1082
perma-cache: HIT
cdn-storageserver: DE-599
cdn-cachedat: 01/08/2024 14:07:46
cdn-pullzone: 293267
last-modified: Tue, 12 Dec 2023 20:02:02 GMT
server: BunnyCDN-DE1-1081
cdn-fileserver: 383
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"6578bc3a-2644"
vary: Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: ba7400bb8e48a06f11c6f1c054c6ac5c
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 24907 Show response
api.omappapi.com/v2/embed/ 6 KB
2 KB 164ms
113ms XHR
application/json 18.66.248.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.omappapi.com/v2/embed/24907?d=melhoresdestinos.com.br
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-83.dus51.r.cloudfront.net
Software: Pagely Gateway/1.5.1 /
Resource Hash: 23fc33aba2893547f5de3696974d9a00debef206f738a3f8ff3e81caad3dce16

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.melhoresdestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 00:04:55 GMT
content-encoding: gzip
via: 1.1 acf8dc23ea92f292049638fbd5d718e2.cloudfront.net (CloudFront)
x-cache-config: 0 0
x-amz-cf-pop: DUS51-P1
x-cache-status: HIT
x-cache: Miss from cloudfront
x-optinmonster-account: 2130
x-user-agent: standard--
last-modified: Wed, 09 Aug 2023 19:29:35 GMT
server: Pagely Gateway/1.5.1
etag: W/"1455ac929f5399bb8f2cc86e6bfddcdc"
vary: Accept-Encoding, User-Agent
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: X-OptinMonster-Account, X-User-Agent
cache-control: public, max-age=30, stale-while-revalidate=1800
access-control-allow-headers: X-CSRF-Token
x-amz-cf-id: EXKbZ21nlaGr1CGlP9uFeU_Y8dEBD2PJfw1e8V1VTy1t7btFpKT1PA==
expires: Tue, 09 Jan 2024 00:03:51 GMT

GET
H2 200 healthcheck Show response
pagestates-tracking.crazyegg.com/ 19 B
472 B 70ms
20ms XHR
application/json 18.66.248.28
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pagestates-tracking.crazyegg.com/healthcheck
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/8ba07dcc278cb95cb008c6e507593ee9.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-28.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.melhoresdestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 01:43:28 GMT
via: 1.1 5e696cef0c57cc6cd171bf72fe757bf4.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
age: 9584488
x-cache: Hit from cloudfront
content-length: 19
last-modified: Fri, 08 Jul 2022 22:25:51 GMT
server: AmazonS3
etag: "d06f04fccf68d0b228a5923187ce1afd"
access-control-max-age: 31536000
access-control-allow-methods: GET, HEAD
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin
accept-ranges: bytes
x-amz-cf-id: LvxffhpZtNaNErJyTQwcpTCDeFZvE3_2ozESeEO0Wb6IbOXpKNd7Bg==

GET
H2 200 healthcheck Show response
assets-tracking.crazyegg.com/ 19 B
471 B 71ms
21ms XHR
application/json 18.66.248.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets-tracking.crazyegg.com/healthcheck
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/8ba07dcc278cb95cb008c6e507593ee9.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-37.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.melhoresdestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 04:00:49 GMT
via: 1.1 6fadd80db8a3a154b0b68f055a91920c.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
age: 12341047
x-cache: Hit from cloudfront
content-length: 19
last-modified: Fri, 08 Jul 2022 22:25:51 GMT
server: AmazonS3
etag: "d06f04fccf68d0b228a5923187ce1afd"
access-control-max-age: 31536000
access-control-allow-methods: GET, HEAD
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin
accept-ranges: bytes
x-amz-cf-id: 3ICaHNZv_St9cR3K56mKTFz3nns1YCpINF9PPy5Ao4kyLFZ-k9bhhA==

GET
H2 200 in.php Show response
in.getclicky.com/ 131 B
282 B 200ms
192ms Script
text/javascript 2606:4700::6811:626c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://in.getclicky.com/in.php?site_id=41003&href=%2F&title=Melhores%20Destinos%20-%20Passagens%20a%C3%A9reas%20baratas&res=1600x1200&lang=en-US&tz=Europe%2FBerlin&tc=&ck=1&x=23gzr6
Requested by: Host: static.getclicky.com
URL: https://static.getclicky.com/41003.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:626c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0d6c2aa0a446364169fba9251e31da41e2f618a09e3cceae2fccd617508e372f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.melhoresdestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 00:04:55 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding, Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=0, must-revalidate, no-cache, no-store, private
cf-ray: 84286cf6fb24362f-FRA
alt-svc: h3=":443"; ma=86400
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
BLOB 200
OK 1063c370-0110-4ad6-9c78-6ec90e73640f
https://www.melhoresdestinos.com.br/ 45 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.melhoresdestinos.com.br/1063c370-0110-4ad6-9c78-6ec90e73640f
Requested by: Host: www.melhoresdestinos.com.br
URL: https://www.melhoresdestinos.com.br/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 86551808dbfbf8bc9b23ab3d0725794c2e1f2b4265c96715f2945638160edc2b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Length: 45
Content-Type: text/javascript

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 297B 350 B
913 B 78ms
30ms Image
image/png 2606:4700:20::681a:61b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:61b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d41dc07aed30cb54de661289691254b1288a52bcf4d121cec3acb89d4aa872a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 00:04:55 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4275942
alt-svc: h3=":443"; ma=86400
content-length: 350
last-modified: Mon, 20 Nov 2023 11:04:04 GMT
server: cloudflare
etag: "e7fc49b61cae983db8c3a1dccf923b93"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QglCkbyz6XG5QlreKsK5z8B73ZNDhYD4%2F%2FNWo1O%2F2EZ%2F%2Bg8zC6piIn3QPELnqB7JPJVu29AIw%2BNYjZmcZr89FZ4PVKAqammhrVcsJxEDnJ9W6lOyLY3cj6Rlwod5Jo4o8aCSfqGShhwwqCC882Yf4j05"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 84286cf72cbf18d3-FRA
expires: Tue, 19 Nov 2024 11:23:05 GMT

GET
H3 200 cookie-frame.html Show response
ad4m.at/ Frame 332E 2 KB
1 KB 32ms
32ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/cookie-frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0db16c25165bfd35ea9114187f3e97d7084a33135cb56fe276f6cdd2ab675647

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 850883
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=86400, stale-if-error=86400
cf-cache-status: HIT
cf-ray: 84286cf6ed699b1f-FRA
content-encoding: br
content-language: en
content-type: text/html
date: Tue, 09 Jan 2024 00:04:55 GMT
expires: Wed, 29 Nov 2023 11:19:10 GMT
last-modified: Tue, 28 Nov 2023 11:49:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4mFMRZdbq6DkE0Md2%2F9MsC%2F1AbEu5gWsjylix9vv9Gz9NLqcERxcGK0MtA6x20ANElOUr9UdcYOnHAKycJTBdd5mIFSmby9r5ROrbvZocbKbGMZTH2VhM8Ij1UyLM23OMCJ%2B6TA%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 65D2 0
0 59ms
58ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CATz2po2cZb6MFqj01PIP3IeCyAeQ4YGEXLaoworwAsCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi02MTIwODA1OTE3NjU1MTAwyAEJqQKHoCQ3TGKyPuACAKgDAcgDAqoEvwJP0JrNHWABItPN-wmKp0sjgVs4Y2iFXwya43DSK2NwRFJj70TllDapgqsRTQfUM0Oc6m4AeKCC783S-GHblV_71SwqYjlQ00ATw6wmwqMAS0TSgcy0pD98-cn80OBe22mcuMcJSRO5y3RZ6IhDobLsoBs5-_cdlZMfLJLzymzWdRbI5oR0DUh3AIaSI1n4kiTn8sRj05DBeqt_4T9xGmWVZJsLUewZhletNrcQ8W2cGhPDlLtpdlGld6NRgKQZfxghlxNyriqZqW4lRhAPOWsj8-I3PNqj4xMbVDlvxa4aGMmT5D_4AXTSUI6gUQqjdP_ULGUpr0ynsVzZaxCauY6RVqK8nKJYkC6USJmAUL1EOBv0KK17EaAbTNpTKvJLNLF-vILbx4gZvX_GkG3VZE5Rvn7FUY5vU3AJeQkQ1aDK4AQBgAaalv6x-5b39cgBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WLGvnYOBz4MDgAoD-gsCCAGADAHiDRMI3eedg4HPgwMVKDpVCB3cgwB50BUBgBcBshccChoSFHB1Yi02MTIwODA1OTE3NjU1MTAwGKyvBg&sigh=J7apXNDMeJQ&uach_m=%5BUACH%5D&cid=CAQSPAAvHhf__Zan-qG0Itetjw60u_LkSDNVsIJjPz2LQ0WXWRQelx_aSe2e40iutcB5QjWFlG1vdb-adhgLbBgB&cbvp=2&vis=1
Requested by: Host: 5bfac1e78d50b6cac8dac9b8d2dd593c.safeframe.googlesyndication.com
URL: https://5bfac1e78d50b6cac8dac9b8d2dd593c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5bfac1e78d50b6cac8dac9b8d2dd593c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame 65D2 0
39 B 24ms
24ms Image
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1g3vx0psbzp1h7m7eb8d7ys5g9kpks9admbpfe88jmk8xt9ejgx826x42scdkhx4g25a6xn76t21rrh5f1w8s8eh4a287zmj2gkzdy286j1cenffbtxt9ztmv4g3xwtrwwz46q9nptegb37e2tqxzr67db6cfjjy9qsbdwfe8ybc0eqywcbg466jay8xp4e2wt2q1nsep1tk8v1rz613r1nyx6m7nhekr7k0jaj7m05epm8wxwqgnzaxh3zk41411xej29ymbjqwxg1fsgmhfna2n0be3cyvnwpm9dca92afcbwexzrtdznrb916hdg4sdw70wxz2khrcq94gnf43afd9jcb6cvbwhcxwegwfv25xhbmae84bagvnp7fc7rp6np2cmecznspb5g&b=ZZyNpgAFhj4IVTooAACD3CUPQRI8Rtej-X_AMA&cbvp=2
Requested by: Host: 5bfac1e78d50b6cac8dac9b8d2dd593c.safeframe.googlesyndication.com
URL: https://5bfac1e78d50b6cac8dac9b8d2dd593c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5bfac1e78d50b6cac8dac9b8d2dd593c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 09 Jan 2024 00:04:55 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H3 200 cookie-frame.html Show response
ad4m.at/ Frame 2765 2 KB
1 KB 25ms
25ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/cookie-frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0db16c25165bfd35ea9114187f3e97d7084a33135cb56fe276f6cdd2ab675647

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 850883
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=86400, stale-if-error=86400
cf-cache-status: HIT
cf-ray: 84286cf71d719b1f-FRA
content-encoding: br
content-language: en
content-type: text/html
date: Tue, 09 Jan 2024 00:04:55 GMT
expires: Wed, 29 Nov 2023 11:19:10 GMT
last-modified: Tue, 28 Nov 2023 11:49:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HRglH%2B7utblNOZil6NT75nww1%2FiYvWSZtahDxg6ccJnKVFchdUgNIGzIyOiCVphSNE3THC8nyJD7QXPNcNfp0fwvu7pq3TFdpjqpZFny%2Bdj9KkFux%2Bu9PtRjLunY1dUS7B52kXQ%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 36ms
36ms Preflight
text/plain 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 84286cf72e1e8ff5-FRA
content-length: 24
content-type: text/plain
date: Tue, 09 Jan 2024 00:04:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LAxeUCmnA0kIM1zuO%2B8OF2xMf5XvhhAiPsbKY3kwFRhyvrSpHaNbVz0%2BQr%2FGhuhjOE2dTrKp3lhtPoRXc7RPetH7N6aq0D8fjW31IzlBW2FYpYXCh3wvzdBV53O0bJcXu9wDf8w%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-7gmt

POST
H3 200 rs Show response
ad4m.at/ Frame 297B 2 KB
2 KB 41ms
41ms XHR
text/plain 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ab31f0c52d39ade8f507820b55c06fdadd288290829a359e75993c81748d2b36

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 09 Jan 2024 00:04:55 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VGGcFbVoxJi1ApaV1jELaypz2n4xC4i3nLBsC2A60XA9iGr%2Bsynbnh7sxOpw57AUe2ee35afMdLcTILl%2FCI0oDFeRV%2FgTZuLR9lBF2Fe6rI1UTNNTNVuYOP3Hioc%2FEghXjqcdkE%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
cf-ray: 84286cf76e308ff5-FRA
x-backend-server: aa-reachservice-group-europe-west1-7gmt
alt-svc: h3=":443"; ma=86400

GET
H2 200 clock Show response
tracking.crazyegg.com/ 26 B
133 B 148ms
48ms XHR
text/plain 34.253.106.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tracking.crazyegg.com/clock?t=1704758695542&tk=9f6faafe404f9e6744d91c137c0f78c6&s=276365&p=%2F&u=703630&v=3150712bdab9b9d5eeea47a27c3866a2c22f0954&f=melhoresdestinos.com.br&ul=https%3A%2F%2Fwww.melhoresdestinos.com.br%2F
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/8ba07dcc278cb95cb008c6e507593ee9.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.253.106.93 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-253-106-93.eu-west-1.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: 73de04e024e0e8d40f62ee75e433b7906f23094ece20aacbd2015c0c000d5a62

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.melhoresdestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 09 Jan 2024 00:04:55 GMT
cache-control: no-store
server: awselb/2.0
content-length: 26
content-type: text/plain

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 8A17 0
0 60ms
60ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C0pYupo2cZbyMFqj01PIP3IeCyAeQ4YGEXLaoworwAsCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi02MTIwODA1OTE3NjU1MTAwyAEJqQKHoCQ3TGKyPuACAKgDAcgDAqoEvgJP0DO2FEWyVTMkjpPTxxOp0BrqvcosurZiN1JsFAA0JOtxAlbG7Ept6tsQydxRhH-Sdc6Xu5vd_vj-XEcr-wroylCTe3LwXD1NDECygw2P_EtIXbgeDXbQ90bedK29vf9v3DDbsdQ6EIydeXkoAx47DmwxIcEUWHH8_AOtk50Pybs93Ha32ilHw7fRswvVcvukxNxsGnvFWChZthho6SRsB-ab3mZYgLL18fWlHCtjsq_mU39ec-Ryqv-H3GQEjnP31WBJdXoKwMmOv-NibH8kefOKyWZzGKiw_sjXbTnNm0wEztKA_-kmjUYnvRQAlXlptqAr2TCk8t9_4sm8spkpzPhOTBaK8G3bT2YljEw8pLH6SuA80EXvmtRXA29WiCcpvthwdi0KbJnYlAz9oyr2sEhbW4YCLDMSw2xfU-3gBAGABrnqssHX0466vgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYsa-dg4HPgwOACgP6CwIIAYAMAeINEwjb552Dgc-DAxUoOlUIHdyDAHnQFQGAFwGyFxwKGhIUcHViLTYxMjA4MDU5MTc2NTUxMDAYrK8G&sigh=4cQ-odH0L3E&uach_m=%5BUACH%5D&cid=CAQSPAAvHhf__Zan-qG0Itetjw60u_LkSDNVsIJjPz2LQ0WXWRQelx_aSe2e40iutcB5QjWFlG1vdb-adhgLbBgB&cbvp=2&vis=1
Requested by: Host: 5bfac1e78d50b6cac8dac9b8d2dd593c.safeframe.googlesyndication.com
URL: https://5bfac1e78d50b6cac8dac9b8d2dd593c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5bfac1e78d50b6cac8dac9b8d2dd593c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

GET
H3 204 winResponse
prod-rtb.ad4mat.net/ Frame 8A17 0
11 B 23ms
23ms Image
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1kgz73sb1g2rvrgbccvpk7yb61d4vm2s7gd4xt1x748ksxc2k59yyadt88jva77nnfx10hx639p2rnvc10e0e8y3mbfc0v2q8zgs017e2dtwsgbpb0vh1q4fev0gz5agkdzhsgh12t41jyy6g81nxjh5j8759254a28swmve3swbnrm79p9b656ecnmbzwh0g7x78p9bzkj66svcnz0pkp4ebhhz8gcjsgf3ftnnnahd8fnbtcept5b62n0sw7yrdajkvg77m9w2m8e1v8g5cx8sprt54ntnja3kfypgc6hhzg31y7jb6qmnn379x3x48x2e2yqvv54camedszgvv2nqx25xvvkkds97w298cqz5e3fzewgagjfx3yham9p0qqgk3bwbx01rhhr&b=ZZyNpgAFhjwIVTooAACD3Nf-WU-0evu3I2XRXg&cbvp=2
Requested by: Host: 5bfac1e78d50b6cac8dac9b8d2dd593c.safeframe.googlesyndication.com
URL: https://5bfac1e78d50b6cac8dac9b8d2dd593c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5bfac1e78d50b6cac8dac9b8d2dd593c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 09 Jan 2024 00:04:55 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame A001 13 KB
5 KB 36ms
32ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=43766%2C19769%2C197862&b=791CqfzfGk6urHXHgtAtWJBH4S1TQQ2f2kBW%2Cjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2C3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3&f=EDbhDfEfRDqFzHAHjt6C3BqfKSVTYYgSBgdP%2CxmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W&c=728&d=90&e=&g=c5fa743b39a02594cbcc60731a801ec0%2F8878562932021235608&i=24891%2C21630%2C71725&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1704758695597&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kt46gd71yv7k4t1g4sxj9t8dv7gwtvyefckaynd2051dkevz8bq76jty6j2gb963tj8gtgpvp4e4yeymvsn0adg9zjgs32df1vs3ke6h03twbvtphyc9e7wg8xa9cb0hbvnt98adwvttb2b4azj0wb0968qfh66g98ct1qpcvm0sjm7rada544hegpvye66s0hydvmnnmfxfwz2q8t5p4n1y6cnv5r6m8ys59243mwjywy9arksdd0e0fsd7r3h36t0hjav8mtbrgksmzg77vjx%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCyWjypo2cZbyMFqj01PIP3IeCyAeQ4YGEXLaoworwAsCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi02MTIwODA1OTE3NjU1MTAwyAEJqQKHoCQ3TGKyPuACAKgDAcgDAqoEwQJP0DO2FEWyVTMkjpPTxxOp0BrqvcosurZiN1JsFAA0JOtxAlbG7Ept6tsQydxRhH-Sdc6Xu5vd_vj-XEcr-wroylCTe3LwXD1NDECygw2P_EtIXbgeDXbQ90bedK29vf9v3DDbsdQ6EIydeXkoAx47DmwxIcEUWHH8_AOtk50Pybs93Ha32ilHw7fRswvVcvukxNxsGnvFWChZthho6SRsB-ab3mZYgLL18fWlHCtjsq_mU39ec-Ryqv-H3GQEjnP31WBJdXoKwMmOv-NibH8kefOKyWZzGKiw_sjXbTnNm0wEztKA_-kmjUYnvRQAlXlptqAr2TCk8t9_4sm8spkpzPhOTBaK8G3bT2YljEw8pLH6SuA80EXv2NZ2kbivD2fhOZDmrGSYnqDMnqH3jTIrMIoSyX6WMh8KFrDAEyW3jI3gBAGABrnqssHX0466vgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYsa-dg4HPgwP6CwIIAYAMAeINEwjb552Dgc-DAxUoOlUIHdyDAHnQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3K4XSIv_PnvURJgKjQ-rhqoh_Nnw%2526client%253Dca-pub-6120805917655100%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

07bd2e868d32456709e646d24236c7e8bd3c1a453258c89597772a53eae52799

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src ;connect-src https:;default-src 'self';font-src ;form-action 'none';frame-src ;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src 'unsafe-inline'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1h4mcgmt1jme0qbxszhasejfjs3txyh7n9552wy86ysmz61yp56dmkf2me83v2axgvw5ab8wp7bd3fndk79615ett8d1vmrrwrvzgjgxy8k7hb0m6g6xhcmyv1pesw6b5t9adywrv6605jg1cnamss6a6s1cz0h4758hbw9j9wtwwxhaxr9zmy6kdyx5p3x45130qtm9ahcjaagxsp76d5z13nyfc0c5va8an4s3jk4axvvrhade7wdjz4vabvra9wjsh7h979qk1by3bgsy6ppsex8a43c1qgjmh069j94kw4z4y1adv5n98rx1m82mj4s7shhak0wamzghcbrp0x2a924smd4k2ma3jvmrx6whx7242w0ayqc1t2qcqpy0d35km80nhyv2j8wpn4qtqj7bwpyre14wx57a755t4vrj0trsx96f4bc4zcmhdycnpggesm7f&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCyWjypo2cZbyMFqj01PIP3IeCyAeQ4YGEXLaoworwAsCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi02MTIwODA1OTE3NjU1MTAwyAEJqQKHoCQ3TGKyPuACAKgDAcgDAqoEwQJP0DO2FEWyVTMkjpPTxxOp0BrqvcosurZiN1JsFAA0JOtxAlbG7Ept6tsQydxRhH-Sdc6Xu5vd_vj-XEcr-wroylCTe3LwXD1NDECygw2P_EtIXbgeDXbQ90bedK29vf9v3DDbsdQ6EIydeXkoAx47DmwxIcEUWHH8_AOtk50Pybs93Ha32ilHw7fRswvVcvukxNxsGnvFWChZthho6SRsB-ab3mZYgLL18fWlHCtjsq_mU39ec-Ryqv-H3GQEjnP31WBJdXoKwMmOv-NibH8kefOKyWZzGKiw_sjXbTnNm0wEztKA_-kmjUYnvRQAlXlptqAr2TCk8t9_4sm8spkpzPhOTBaK8G3bT2YljEw8pLH6SuA80EXv2NZ2kbivD2fhOZDmrGSYnqDMnqH3jTIrMIoSyX6WMh8KFrDAEyW3jI3gBAGABrnqssHX0466vgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYsa-dg4HPgwP6CwIIAYAMAeINEwjb552Dgc-DAxUoOlUIHdyDAHnQFQGAFwE%26num%3D1%26sig%3DAOD64_3K4XSIv_PnvURJgKjQ-rhqoh_Nnw%26client%3Dca-pub-6120805917655100%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 84286cf7cd919b1f-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Tue, 09 Jan 2024 00:04:55 GMT
expires: 0
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy: accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H2 200 5.c3191d3c.min.js Show response
a.omappapi.com/app/js/ 16 KB
6 KB 13ms
13ms Script
application/javascript 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/5.c3191d3c.min.js
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1081 /
Resource Hash: 745b79544835c8ee16198c039bdde0b6ec42333c0f830df5770bd4dcd60a6ac6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.melhoresdestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 00:04:55 GMT
content-encoding: br
cdn-edgestorageid: 1081
perma-cache: HIT
cdn-storageserver: DE-679
cdn-cachedat: 01/08/2024 14:07:46
cdn-pullzone: 293267
last-modified: Wed, 25 Oct 2023 17:45:58 GMT
server: BunnyCDN-DE1-1081
cdn-fileserver: 709
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"65395456-4146"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: fce025ee8e284aa6daab1352fe4d0b4b
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 bandeirabrasil01-6a76590897.jpg
imgmd.net/image/upload/c_fill,w_200/v1/passagens/image/588/file/ 7 KB
7 KB 444ms
144ms Image
image/jpeg 170.82.174.10
EPP

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imgmd.net/image/upload/c_fill,w_200/v1/passagens/image/588/file/bandeirabrasil01-6a76590897.jpg

Requested by

Host: www.melhoresdestinos.com.br
URL: https://www.melhoresdestinos.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.10 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

761568e43b7654d306e7fb7a1edbe1ba6336b0e20f68c14eb9dc74b104838142

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.melhoresdestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 00:04:56 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
x-gocache-image: unmodified
x-gocache-cachestatus: HIT
server-timing: cld-fastly;mitm=o;dur=2;cpu=1;start=2023-12-27T23:25:51.909Z;desc=hit,rtt;dur=1
content-length: 7028
last-modified: Mon, 22 Jun 2020 23:24:44 GMT
server: gocache
etag: "3dd9725e18fac4e8a5007658c38b0b42"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: max-age=15552000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 07 Jul 2024 00:04:56 GMT

GET
H2 200 bandeiraestadosunidos01-247181611e.jpg
imgmd.net/image/upload/c_fill,w_200/v1/passagens/image/656/file/ 8 KB
9 KB 718ms
418ms Image
image/jpeg 170.82.174.10
EPP

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imgmd.net/image/upload/c_fill,w_200/v1/passagens/image/656/file/bandeiraestadosunidos01-247181611e.jpg

Requested by

Host: www.melhoresdestinos.com.br
URL: https://www.melhoresdestinos.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.10 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

2bb98b92ff1f00dc7e58f86b35993849ac27f95351a9f7cc561df24c916da282

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.melhoresdestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 00:04:56 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
x-gocache-image: unmodified
x-gocache-cachestatus: HIT
server-timing: cld-fastly;mitm=po;dur=2;cpu=0;start=2024-01-01T00:37:15.081Z;desc=hit,rtt;dur=0
content-length: 8689
last-modified: Thu, 17 Sep 2020 15:13:13 GMT
server: gocache
etag: "04a2483374146b535b5e35f5ecd84a1d"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: max-age=15552000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 07 Jul 2024 00:04:56 GMT

GET
H2 200 paris03-15f5a05f7b.jpg
imgmd.net/image/upload/c_fill,w_200/v1/passagens/image/420/file/ 16 KB
16 KB 718ms
418ms Image
image/jpeg 170.82.174.10
EPP

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imgmd.net/image/upload/c_fill,w_200/v1/passagens/image/420/file/paris03-15f5a05f7b.jpg

Requested by

Host: www.melhoresdestinos.com.br
URL: https://www.melhoresdestinos.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.10 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

af1033f7c8076dcb04c18587d17ed521ec442d135fe53609b476d06ba26add0c

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.melhoresdestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 00:04:56 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
x-gocache-image: unmodified
x-gocache-cachestatus: HIT
server-timing: fastly;dur=2;cpu=0;start=2022-12-23T12:03:28.195Z;desc=hit,rtt;dur=0
content-length: 15901
last-modified: Wed, 20 May 2020 20:22:29 GMT
server: gocache
etag: "b66d0e0d7d5cdd366755d3455fe122fa"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: max-age=15552000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 07 Jul 2024 00:04:56 GMT

GET
H2 200 mapa-argentina-01-f7eb26ba25.jpg
imgmd.net/image/upload/c_fill,w_200/v1/passagens/image/154/file/ 16 KB
16 KB 583ms
283ms Image
image/jpeg 170.82.174.10
EPP

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imgmd.net/image/upload/c_fill,w_200/v1/passagens/image/154/file/mapa-argentina-01-f7eb26ba25.jpg

Requested by

Host: www.melhoresdestinos.com.br
URL: https://www.melhoresdestinos.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.10 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

19993270973a1eb5c2d0c24d930480d169e55924fbf99dee40e774ecb80cd887

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.melhoresdestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 00:04:56 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
x-gocache-image: unmodified
x-gocache-cachestatus: HIT
server-timing: cld-fastly;mitm=o;dur=2;cpu=1;start=2023-12-26T23:11:44.470Z;desc=hit,rtt;dur=1
content-length: 15931
last-modified: Wed, 20 May 2020 20:22:29 GMT
server: gocache
etag: "937254568a00c0c6a4a137e504959004"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: max-age=15552000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 07 Jul 2024 00:04:56 GMT

GET
H2 200 bangkok02-e89e1d15cc.jpg
imgmd.net/image/upload/c_fill,w_200/v1/passagens/image/162/file/ 13 KB
13 KB 720ms
420ms Image
image/jpeg 170.82.174.10
EPP

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imgmd.net/image/upload/c_fill,w_200/v1/passagens/image/162/file/bangkok02-e89e1d15cc.jpg

Requested by

Host: www.melhoresdestinos.com.br
URL: https://www.melhoresdestinos.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.10 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

4cc96468621acfdc7ff7744414fa46a1f1b0f4acbfdbdb06c03cd035f53a2600

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.melhoresdestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 00:04:56 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
x-gocache-image: unmodified
x-gocache-cachestatus: HIT
server-timing: cld-fastly;mitm=o;dur=1;cpu=0;start=2023-12-30T10:52:17.648Z;desc=hit,rtt;dur=1
content-length: 12927
last-modified: Wed, 20 May 2020 20:22:28 GMT
server: gocache
etag: "b9e46f2c27e3549b79ea48c6c335f294"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: max-age=15552000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 07 Jul 2024 00:04:56 GMT

GET
H2 200 cancun02-2c11838d21.jpg
imgmd.net/image/upload/c_fill,w_200/v1/passagens/image/187/file/ 14 KB
14 KB 716ms
417ms Image
image/jpeg 170.82.174.10
EPP

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imgmd.net/image/upload/c_fill,w_200/v1/passagens/image/187/file/cancun02-2c11838d21.jpg

Requested by

Host: www.melhoresdestinos.com.br
URL: https://www.melhoresdestinos.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.10 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

b8f45e511cad59d2b012be1c2bb3b762c4d66b919d732be3a935ddd76325903c

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.melhoresdestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 00:04:56 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
x-gocache-image: unmodified
x-gocache-cachestatus: HIT
server-timing: fastly;dur=3;cpu=1;start=2022-09-06T17:03:27.808Z;desc=hit,rtt;dur=0
content-length: 14177
last-modified: Wed, 20 May 2020 20:22:29 GMT
server: gocache
etag: "4f0a3bbb3c53bd4ab1a97fc46843a388"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: max-age=15552000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 07 Jul 2024 00:04:56 GMT

GET
H2 200 dubai01-ba177263ff.jpg
imgmd.net/image/upload/c_fill,w_200/v1/passagens/image/214/file/ 10 KB
10 KB 276ms
275ms Image
image/jpeg 170.82.174.10
EPP

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imgmd.net/image/upload/c_fill,w_200/v1/passagens/image/214/file/dubai01-ba177263ff.jpg

Requested by

Host: www.melhoresdestinos.com.br
URL: https://www.melhoresdestinos.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.10 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

d653f1b06327b82fc8e17923f289ca268b8c3a19a62f64c761e888a8be375988

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.melhoresdestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 00:04:56 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
x-gocache-image: unmodified
x-gocache-cachestatus: HIT
server-timing: fastly;dur=2;cpu=1;start=2022-03-04T12:04:04.398Z;desc=hit,rtt;dur=0
content-length: 10086
last-modified: Wed, 20 May 2020 20:22:31 GMT
server: gocache
etag: "4ad2841c92f99c0a6a8901ee9316115b"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: max-age=15552000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 07 Jul 2024 00:04:56 GMT

GET
H2 200 toronto01-e8e36ebfe3.jpg
imgmd.net/image/upload/c_fill,w_200/v1/passagens/image/471/file/ 16 KB
17 KB 276ms
275ms Image
image/jpeg 170.82.174.10
EPP

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imgmd.net/image/upload/c_fill,w_200/v1/passagens/image/471/file/toronto01-e8e36ebfe3.jpg

Requested by

Host: www.melhoresdestinos.com.br
URL: https://www.melhoresdestinos.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.10 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

242f284b8dc10f2076ad6f016fea39fa9213b53e00a548a32fe5f0b60b8ed1b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.melhoresdestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 00:04:56 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
x-gocache-image: unmodified
x-gocache-cachestatus: HIT
server-timing: cld-fastly;mitm=o;dur=2;cpu=0;start=2023-09-04T10:59:37.654Z;desc=hit,rtt;dur=1
content-length: 16418
last-modified: Wed, 20 May 2020 20:22:30 GMT
server: gocache
etag: "e9388abdfbf538b3dc2cfe39273a8c9b"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: max-age=15552000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 07 Jul 2024 00:04:56 GMT

GET
H2 200 joanesburgo01-294fccc424.jpg
imgmd.net/image/upload/c_fill,w_200/v1/passagens/image/256/file/ 15 KB
15 KB 276ms
276ms Image
image/jpeg 170.82.174.10
EPP

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imgmd.net/image/upload/c_fill,w_200/v1/passagens/image/256/file/joanesburgo01-294fccc424.jpg

Requested by

Host: www.melhoresdestinos.com.br
URL: https://www.melhoresdestinos.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.10 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

5d802eb06232195d9320d35faad7f61141e7ef0c773eacd029f761d64967a938

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.melhoresdestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 00:04:56 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
x-gocache-image: unmodified
x-gocache-cachestatus: HIT
server-timing: cld-fastly;mitm=o;dur=2;cpu=1;start=2024-01-02T23:45:12.837Z;desc=hit,rtt;dur=1
content-length: 14949
last-modified: Wed, 20 May 2020 20:22:29 GMT
server: gocache
etag: "72410ac34a17cacfbeb95f1734fdd0f9"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: max-age=15552000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 07 Jul 2024 00:04:56 GMT

GET
H2 200 sydney01-85ab3434fa.jpg
imgmd.net/image/upload/c_fill,w_200/v1/passagens/image/465/file/ 11 KB
12 KB 276ms
276ms Image
image/jpeg 170.82.174.10
EPP

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imgmd.net/image/upload/c_fill,w_200/v1/passagens/image/465/file/sydney01-85ab3434fa.jpg

Requested by

Host: www.melhoresdestinos.com.br
URL: https://www.melhoresdestinos.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.10 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

2bc8ef30f6d402126a93f7f2f36753e90c569a1a356905952d0e8e2a4935adbd

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.melhoresdestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 00:04:56 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
x-gocache-image: unmodified
x-gocache-cachestatus: HIT
server-timing: fastly;dur=2;cpu=0;start=2022-03-04T12:49:00.449Z;desc=hit,rtt;dur=0
content-length: 11236
last-modified: Wed, 20 May 2020 20:22:30 GMT
server: gocache
etag: "a1e95e828a235ed23b9fc395451102c1"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: max-age=15552000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 07 Jul 2024 00:04:56 GMT

GET
H2 200 4.1dae6b4d.min.js Show response
a.omappapi.com/app/js/ 48 KB
14 KB 7ms
7ms Script
application/javascript 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/4.1dae6b4d.min.js
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1081 /
Resource Hash: 8d7293476de0d15a9417a6f896f642845e90a174c74455e095f5f9a69768b51c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.melhoresdestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 00:04:55 GMT
content-encoding: br
cdn-edgestorageid: 1081
perma-cache: HIT
cdn-storageserver: DE-663
cdn-cachedat: 01/08/2024 14:07:46
cdn-pullzone: 293267
last-modified: Wed, 01 Nov 2023 17:12:10 GMT
server: BunnyCDN-DE1-1081
cdn-fileserver: 599
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"654286ea-c029"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: dcf037d132971dfca564844a7b0a7c96
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 28ms
28ms Preflight
text/plain 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 84286cf7de548ff5-FRA
content-length: 24
content-type: text/plain
date: Tue, 09 Jan 2024 00:04:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eGxWTPIYPKqP%2FLbLp4qrk4gvEEVT2qn0ZjmSNo17Ktr1mUnSGJ9%2FnoQUl9pQD36db0aUMEq1bhkd%2B0A042YChBrl3C4Vwfhrt3ELE2G2sfr6bby4Xs%2Fko05il2nmDL9YZoR5WO4%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-7gmt

POST
H3 200 rs Show response
ad4m.at/ Frame F358 1 KB
2 KB 37ms
36ms XHR
text/plain 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 574f09eef32236ecab7df1b0321e48ac73438105c06cc10fa909e6e3fc7f1e6c

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 09 Jan 2024 00:04:55 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i%2FuA3qhHaAnBSlsvhD2xPBa7L8nS4JiOFVBZP%2FtxETP2aJRroqSFBXtaF9QD2NW8rZNGLi0P0kC%2FeJhwj%2F6f3lJogLAaG8EN5tEBhiAMmD1KjzRqTjUZnG6doVl5MCxMMHdN2t8%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
cf-ray: 84286cf81e678ff5-FRA
x-backend-server: aa-reachservice-group-europe-west1-7gmt
alt-svc: h3=":443"; ma=86400

GET
H2 200 20.1d4b97e9.min.js Show response
a.omappapi.com/app/js/ 4 KB
2 KB 7ms
7ms Script
application/javascript 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/20.1d4b97e9.min.js
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1081 /
Resource Hash: e1b149f9dffc3130750034a65c4a1d2cbefe7ffcef67fcb368f292a065aabeef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.melhoresdestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 00:04:55 GMT
content-encoding: br
cdn-edgestorageid: 1082
perma-cache: HIT
cdn-storageserver: DE-587
cdn-cachedat: 01/08/2024 14:07:46
cdn-pullzone: 293267
last-modified: Mon, 18 Sep 2023 16:47:38 GMT
server: BunnyCDN-DE1-1081
cdn-fileserver: 587
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"65087f2a-1062"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: dbe78daf8945720375bb96d5e1ccfd6b
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 19.b93023b7.min.js Show response
a.omappapi.com/app/js/ 4 KB
3 KB 13ms
9ms Script
application/javascript 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/19.b93023b7.min.js
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1081 /
Resource Hash: 263c3a799ea39e2db3c3347bab23a9f98990d9d9633d2d8b833d8766c3dc2b36

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.melhoresdestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 00:04:55 GMT
content-encoding: br
cdn-edgestorageid: 1080
perma-cache: HIT
cdn-storageserver: DE-164
cdn-cachedat: 01/08/2024 14:07:46
cdn-pullzone: 293267
last-modified: Mon, 18 Sep 2023 16:47:40 GMT
server: BunnyCDN-DE1-1081
cdn-fileserver: 587
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"65087f2c-10b0"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: 5e210f137fb0aeac73f3ce729f6bdad0
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 27.78393e5b.min.js Show response
a.omappapi.com/app/js/ 6 KB
3 KB 14ms
10ms Script
application/javascript 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/27.78393e5b.min.js
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1081 /
Resource Hash: 5405f21fd05a73a76a85b2021b366df4dcd00dd93ad956d671776622ea5e1ffc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.melhoresdestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 00:04:55 GMT
content-encoding: br
cdn-edgestorageid: 1081
perma-cache: HIT
cdn-storageserver: DE-599
cdn-cachedat: 01/08/2024 14:07:46
cdn-pullzone: 293267
last-modified: Mon, 18 Sep 2023 16:47:43 GMT
server: BunnyCDN-DE1-1081
cdn-fileserver: 587
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"65087f2f-1973"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: 30c55633a5142434107e5d1f8d6157f9
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 32.b9065693.min.js Show response
a.omappapi.com/app/js/ 11 KB
5 KB 16ms
12ms Script
application/javascript 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/32.b9065693.min.js
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1081 /
Resource Hash: 978277c7385002bbd8eca4f51d7bdac7424ef8c6d267066e36b018b25bf88f7a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.melhoresdestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 00:04:55 GMT
content-encoding: br
cdn-edgestorageid: 1080
perma-cache: HIT
cdn-storageserver: DE-662
cdn-cachedat: 01/08/2024 14:07:46
cdn-pullzone: 293267
last-modified: Mon, 18 Sep 2023 16:47:33 GMT
server: BunnyCDN-DE1-1081
cdn-fileserver: 587
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"65087f25-2c41"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: e8f5519c52c7388cd17045aa53f094d8
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 10.acdc9ced.min.js Show response
a.omappapi.com/app/js/ 33 KB
10 KB 19ms
15ms Script
application/javascript 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/10.acdc9ced.min.js
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1081 /
Resource Hash: 21111013521ce045115ade20ed1b0ac09b102688f010ecf84bb7f3f53574456c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.melhoresdestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 00:04:55 GMT
content-encoding: br
cdn-edgestorageid: 1082
perma-cache: HIT
cdn-storageserver: DE-679
cdn-cachedat: 01/08/2024 14:07:46
cdn-pullzone: 293267
last-modified: Tue, 12 Dec 2023 19:57:31 GMT
server: BunnyCDN-DE1-1081
cdn-fileserver: 383
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"6578bb2b-8515"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: 9d0bed81199c609909f06f22cec81ded
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 0.514c5def.min.js Show response
a.omappapi.com/app/js/ 7 KB
3 KB 21ms
17ms Script
application/javascript 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/0.514c5def.min.js
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1081 /
Resource Hash: a0746aee5a2b0032d3d664b8383d97bb3e1f0dce11ececfa1258072a704b1a72

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.melhoresdestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 00:04:55 GMT
content-encoding: br
cdn-edgestorageid: 1081
perma-cache: HIT
cdn-storageserver: DE-679
cdn-cachedat: 01/08/2024 14:07:46
cdn-pullzone: 293267
last-modified: Mon, 18 Sep 2023 16:47:37 GMT
server: BunnyCDN-DE1-1081
cdn-fileserver: 383
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"65087f29-1d49"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: f7af131992f117f747fd3117071569ff
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 9.c66ab701.min.js Show response
a.omappapi.com/app/js/ 2 KB
2 KB 22ms
18ms Script
application/javascript 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/9.c66ab701.min.js
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1081 /
Resource Hash: 8ad9a6bcdc20b0bb29576b861332e7b11719bd11af68024d7676724574070f05

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.melhoresdestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 00:04:55 GMT
content-encoding: br
cdn-edgestorageid: 1080
perma-cache: HIT
cdn-storageserver: DE-662
cdn-cachedat: 01/08/2024 14:07:46
cdn-pullzone: 293267
last-modified: Mon, 18 Sep 2023 18:28:00 GMT
server: BunnyCDN-DE1-1081
cdn-fileserver: 599
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"650896b0-879"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: f8a581596fbd18751c49fb1b0b55e60f
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 11.38e902ad.min.js Show response
a.omappapi.com/app/js/ 3 KB
2 KB 23ms
19ms Script
application/javascript 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/11.38e902ad.min.js
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1081 /
Resource Hash: c110d3e795d9bcb956d5c9ef500d23c7e480a259519d383d5c626293ee413815

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.melhoresdestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 00:04:55 GMT
content-encoding: br
cdn-edgestorageid: 1081
perma-cache: HIT
cdn-storageserver: DE-599
cdn-cachedat: 01/08/2024 14:07:46
cdn-pullzone: 293267
last-modified: Mon, 18 Sep 2023 16:47:37 GMT
server: BunnyCDN-DE1-1081
cdn-fileserver: 383
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"65087f29-a40"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: aaa4b24cde0c5f26595eac01b6bfd9b8
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 28.377be946.min.js Show response
a.omappapi.com/app/js/ 3 KB
2 KB 24ms
20ms Script
application/javascript 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/28.377be946.min.js
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1081 /
Resource Hash: 8f927cd54d7ef0ffd667f6537f9a9f3ef56fd8f86b32c8dfd534c29da2f2242a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.melhoresdestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 00:04:55 GMT
content-encoding: br
cdn-edgestorageid: 1082
perma-cache: HIT
cdn-storageserver: DE-164
cdn-cachedat: 01/08/2024 14:07:46
cdn-pullzone: 293267
last-modified: Mon, 18 Sep 2023 16:47:51 GMT
server: BunnyCDN-DE1-1081
cdn-fileserver: 383
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"65087f37-d7b"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: 20889b2b0de5b12e7d6b7f3f2618a8b8
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 26.1898e425.min.js Show response
a.omappapi.com/app/js/ 2 KB
1 KB 24ms
21ms Script
application/javascript 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/26.1898e425.min.js
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1081 /
Resource Hash: c6fd60d4ecfcac36ecdcb7456ecf170d8eef75c883a1e34a4dd7855d23966cd2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.melhoresdestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 00:04:55 GMT
content-encoding: br
cdn-edgestorageid: 1081
perma-cache: HIT
cdn-storageserver: DE-587
cdn-cachedat: 01/08/2024 14:07:46
cdn-pullzone: 293267
last-modified: Mon, 18 Sep 2023 16:47:40 GMT
server: BunnyCDN-DE1-1081
cdn-fileserver: 588
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"65087f2c-6b6"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: 421feeb409c981f985ae2510415377b8
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 16.0e435a6f.min.js Show response
a.omappapi.com/app/js/ 1 KB
1 KB 25ms
22ms Script
application/javascript 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/16.0e435a6f.min.js
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1081 /
Resource Hash: c4fbf61bcc8a017d5d9cd2d95105bf88005bc0a3b6c18be6bfee8fc94d0adf52

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.melhoresdestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 00:04:55 GMT
content-encoding: br
cdn-edgestorageid: 1080
perma-cache: HIT
cdn-storageserver: DE-677
cdn-cachedat: 01/08/2024 14:07:46
cdn-pullzone: 293267
last-modified: Mon, 18 Sep 2023 16:47:35 GMT
server: BunnyCDN-DE1-1081
cdn-fileserver: 383
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"65087f27-51f"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: 172382858d5afcaecbcb0ef1262d67b2
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 1.ea963399.min.js Show response
a.omappapi.com/app/js/ 11 KB
3 KB 26ms
23ms Script
application/javascript 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/1.ea963399.min.js
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1081 /
Resource Hash: 6507a044d207a767ec2971e891b149b58d6d32a6ee1b18068a6d6dd36bc5fa9a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.melhoresdestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 00:04:55 GMT
content-encoding: br
cdn-edgestorageid: 1080
perma-cache: HIT
cdn-storageserver: DE-661
cdn-cachedat: 01/08/2024 14:07:46
cdn-pullzone: 293267
last-modified: Mon, 18 Sep 2023 16:47:50 GMT
server: BunnyCDN-DE1-1081
cdn-fileserver: 587
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"65087f36-2abc"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: d664c63839f09ceda7a8eb48d2bd0ff3
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 21.5aa698b1.min.js Show response
a.omappapi.com/app/js/ 2 KB
2 KB 27ms
24ms Script
application/javascript 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/21.5aa698b1.min.js
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1081 /
Resource Hash: 5c756ba00bc22ff5690e08fc74aa2c70cde9b692a4acb7ca813a9dc7168c27d5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.melhoresdestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 00:04:55 GMT
content-encoding: br
cdn-edgestorageid: 1082
perma-cache: HIT
cdn-storageserver: DE-167
cdn-cachedat: 01/08/2024 14:07:46
cdn-pullzone: 293267
last-modified: Mon, 18 Sep 2023 16:47:35 GMT
server: BunnyCDN-DE1-1081
cdn-fileserver: 599
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"65087f27-81f"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: d661726b35e2206a99ca8d08c92be2ce
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.50/one-ad/ Frame A001 115 KB
14 KB 25ms
25ms Stylesheet
text/css 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43766%2C19769%2C197862&b=791CqfzfGk6urHXHgtAtWJBH4S1TQQ2f2kBW%2Cjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2C3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3&f=EDbhDfEfRDqFzHAHjt6C3BqfKSVTYYgSBgdP%2CxmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W&c=728&d=90&e=&g=c5fa743b39a02594cbcc60731a801ec0%2F8878562932021235608&i=24891%2C21630%2C71725&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1704758695597&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kt46gd71yv7k4t1g4sxj9t8dv7gwtvyefckaynd2051dkevz8bq76jty6j2gb963tj8gtgpvp4e4yeymvsn0adg9zjgs32df1vs3ke6h03twbvtphyc9e7wg8xa9cb0hbvnt98adwvttb2b4azj0wb0968qfh66g98ct1qpcvm0sjm7rada544hegpvye66s0hydvmnnmfxfwz2q8t5p4n1y6cnv5r6m8ys59243mwjywy9arksdd0e0fsd7r3h36t0hjav8mtbrgksmzg77vjx%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCyWjypo2cZbyMFqj01PIP3IeCyAeQ4YGEXLaoworwAsCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi02MTIwODA1OTE3NjU1MTAwyAEJqQKHoCQ3TGKyPuACAKgDAcgDAqoEwQJP0DO2FEWyVTMkjpPTxxOp0BrqvcosurZiN1JsFAA0JOtxAlbG7Ept6tsQydxRhH-Sdc6Xu5vd_vj-XEcr-wroylCTe3LwXD1NDECygw2P_EtIXbgeDXbQ90bedK29vf9v3DDbsdQ6EIydeXkoAx47DmwxIcEUWHH8_AOtk50Pybs93Ha32ilHw7fRswvVcvukxNxsGnvFWChZthho6SRsB-ab3mZYgLL18fWlHCtjsq_mU39ec-Ryqv-H3GQEjnP31WBJdXoKwMmOv-NibH8kefOKyWZzGKiw_sjXbTnNm0wEztKA_-kmjUYnvRQAlXlptqAr2TCk8t9_4sm8spkpzPhOTBaK8G3bT2YljEw8pLH6SuA80EXv2NZ2kbivD2fhOZDmrGSYnqDMnqH3jTIrMIoSyX6WMh8KFrDAEyW3jI3gBAGABrnqssHX0466vgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYsa-dg4HPgwP6CwIIAYAMAeINEwjb552Dgc-DAxUoOlUIHdyDAHnQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3K4XSIv_PnvURJgKjQ-rhqoh_Nnw%2526client%253Dca-pub-6120805917655100%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=43766%2C19769%2C197862&b=791CqfzfGk6urHXHgtAtWJBH4S1TQQ2f2kBW%2Cjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2C3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3&f=EDbhDfEfRDqFzHAHjt6C3BqfKSVTYYgSBgdP%2CxmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W&c=728&d=90&e=&g=c5fa743b39a02594cbcc60731a801ec0%2F8878562932021235608&i=24891%2C21630%2C71725&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1704758695597&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kt46gd71yv7k4t1g4sxj9t8dv7gwtvyefckaynd2051dkevz8bq76jty6j2gb963tj8gtgpvp4e4yeymvsn0adg9zjgs32df1vs3ke6h03twbvtphyc9e7wg8xa9cb0hbvnt98adwvttb2b4azj0wb0968qfh66g98ct1qpcvm0sjm7rada544hegpvye66s0hydvmnnmfxfwz2q8t5p4n1y6cnv5r6m8ys59243mwjywy9arksdd0e0fsd7r3h36t0hjav8mtbrgksmzg77vjx%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCyWjypo2cZbyMFqj01PIP3IeCyAeQ4YGEXLaoworwAsCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi02MTIwODA1OTE3NjU1MTAwyAEJqQKHoCQ3TGKyPuACAKgDAcgDAqoEwQJP0DO2FEWyVTMkjpPTxxOp0BrqvcosurZiN1JsFAA0JOtxAlbG7Ept6tsQydxRhH-Sdc6Xu5vd_vj-XEcr-wroylCTe3LwXD1NDECygw2P_EtIXbgeDXbQ90bedK29vf9v3DDbsdQ6EIydeXkoAx47DmwxIcEUWHH8_AOtk50Pybs93Ha32ilHw7fRswvVcvukxNxsGnvFWChZthho6SRsB-ab3mZYgLL18fWlHCtjsq_mU39ec-Ryqv-H3GQEjnP31WBJdXoKwMmOv-NibH8kefOKyWZzGKiw_sjXbTnNm0wEztKA_-kmjUYnvRQAlXlptqAr2TCk8t9_4sm8spkpzPhOTBaK8G3bT2YljEw8pLH6SuA80EXv2NZ2kbivD2fhOZDmrGSYnqDMnqH3jTIrMIoSyX6WMh8KFrDAEyW3jI3gBAGABrnqssHX0466vgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYsa-dg4HPgwP6CwIIAYAMAeINEwjb552Dgc-DAxUoOlUIHdyDAHnQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3K4XSIv_PnvURJgKjQ-rhqoh_Nnw%2526client%253Dca-pub-6120805917655100%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 00:04:55 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2326514
cf-polished: origSize=118430
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 02 Nov 2023 10:26:17 GMT
server: cloudflare
etag: W/"486507ccce9ac587d11c0ef3f32a109a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=22HwCzdn23gIjngQVmgN3WkbjAAronCKqj1C2jEMMqSQ5q%2Bb5OFRW%2FGU2bNf9wfGQd7PVVtL33FWUne2GQdnr3yPqfEcRkIIT7YSOmgf7imuz9L5lJLPyjufldgPf2SM0zNGJBVqAbE%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=86400
cf-ray: 84286cf80d9d9b1f-FRA
expires: Wed, 10 Jan 2024 00:04:55 GMT

GET
H3 200 4CF27F3A6A2F6D91C5A3622C8F01C9A26CFA811CA6347403820EFE1173CC3C68B9FBEA4FDD4B7737FA67797C095DA1E54C193B8458F430E3BCD6ACC6B33929DA
assets.ad4m.at/logo/ Frame A001 10 KB
10 KB 46ms
44ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/4CF27F3A6A2F6D91C5A3622C8F01C9A26CFA811CA6347403820EFE1173CC3C68B9FBEA4FDD4B7737FA67797C095DA1E54C193B8458F430E3BCD6ACC6B33929DA
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43766%2C19769%2C197862&b=791CqfzfGk6urHXHgtAtWJBH4S1TQQ2f2kBW%2Cjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2C3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3&f=EDbhDfEfRDqFzHAHjt6C3BqfKSVTYYgSBgdP%2CxmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W&c=728&d=90&e=&g=c5fa743b39a02594cbcc60731a801ec0%2F8878562932021235608&i=24891%2C21630%2C71725&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1704758695597&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kt46gd71yv7k4t1g4sxj9t8dv7gwtvyefckaynd2051dkevz8bq76jty6j2gb963tj8gtgpvp4e4yeymvsn0adg9zjgs32df1vs3ke6h03twbvtphyc9e7wg8xa9cb0hbvnt98adwvttb2b4azj0wb0968qfh66g98ct1qpcvm0sjm7rada544hegpvye66s0hydvmnnmfxfwz2q8t5p4n1y6cnv5r6m8ys59243mwjywy9arksdd0e0fsd7r3h36t0hjav8mtbrgksmzg77vjx%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCyWjypo2cZbyMFqj01PIP3IeCyAeQ4YGEXLaoworwAsCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi02MTIwODA1OTE3NjU1MTAwyAEJqQKHoCQ3TGKyPuACAKgDAcgDAqoEwQJP0DO2FEWyVTMkjpPTxxOp0BrqvcosurZiN1JsFAA0JOtxAlbG7Ept6tsQydxRhH-Sdc6Xu5vd_vj-XEcr-wroylCTe3LwXD1NDECygw2P_EtIXbgeDXbQ90bedK29vf9v3DDbsdQ6EIydeXkoAx47DmwxIcEUWHH8_AOtk50Pybs93Ha32ilHw7fRswvVcvukxNxsGnvFWChZthho6SRsB-ab3mZYgLL18fWlHCtjsq_mU39ec-Ryqv-H3GQEjnP31WBJdXoKwMmOv-NibH8kefOKyWZzGKiw_sjXbTnNm0wEztKA_-kmjUYnvRQAlXlptqAr2TCk8t9_4sm8spkpzPhOTBaK8G3bT2YljEw8pLH6SuA80EXv2NZ2kbivD2fhOZDmrGSYnqDMnqH3jTIrMIoSyX6WMh8KFrDAEyW3jI3gBAGABrnqssHX0466vgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYsa-dg4HPgwP6CwIIAYAMAeINEwjb552Dgc-DAxUoOlUIHdyDAHnQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3K4XSIv_PnvURJgKjQ-rhqoh_Nnw%2526client%253Dca-pub-6120805917655100%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 617175475dd7762c2557066f330446636c982b371b142462cf7b4cd7c395f79a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 00:04:55 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 270766
cf-polished: qual=85, origFmt=jpeg, origSize=11698
alt-svc: h3=":443"; ma=86400
content-length: 10082
cf-bgj: imgq:85,h2pri
last-modified: Sat, 04 Nov 2023 16:39:26 GMT
server: cloudflare
etag: "bf7d8cf3c1179b8166a2b621809cce6b"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5Qki%2FVlJ95k8KRGYDg6Vy8kXL7uDuxHEr4mhWlizB%2FpLsmCCSWuDU%2BkeB1oI2%2FX9lsWbGBEk3I3Uf2yIKD3XsNhaduRqeOVD9%2BW6un3kQ9DOnmDK1KheqpfmJmEmnnmt%2FAa70UwPVt5ft9Yb"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 84286cf80d9e9b1f-FRA

GET
H3 200 D0B9541CF4E773D41DBC4ABCC9F6E672B34430F49375E17E41F087E6D1C801229BC513C607F51A81B070BEEF036EED35D1C1A6EBC0C47606BF42647C16A34FCE
assets.ad4m.at/product_image/ Frame A001 14 KB
14 KB 51ms
50ms Image
image/jpeg 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/D0B9541CF4E773D41DBC4ABCC9F6E672B34430F49375E17E41F087E6D1C801229BC513C607F51A81B070BEEF036EED35D1C1A6EBC0C47606BF42647C16A34FCE
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43766%2C19769%2C197862&b=791CqfzfGk6urHXHgtAtWJBH4S1TQQ2f2kBW%2Cjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2C3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3&f=EDbhDfEfRDqFzHAHjt6C3BqfKSVTYYgSBgdP%2CxmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W&c=728&d=90&e=&g=c5fa743b39a02594cbcc60731a801ec0%2F8878562932021235608&i=24891%2C21630%2C71725&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1704758695597&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kt46gd71yv7k4t1g4sxj9t8dv7gwtvyefckaynd2051dkevz8bq76jty6j2gb963tj8gtgpvp4e4yeymvsn0adg9zjgs32df1vs3ke6h03twbvtphyc9e7wg8xa9cb0hbvnt98adwvttb2b4azj0wb0968qfh66g98ct1qpcvm0sjm7rada544hegpvye66s0hydvmnnmfxfwz2q8t5p4n1y6cnv5r6m8ys59243mwjywy9arksdd0e0fsd7r3h36t0hjav8mtbrgksmzg77vjx%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCyWjypo2cZbyMFqj01PIP3IeCyAeQ4YGEXLaoworwAsCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi02MTIwODA1OTE3NjU1MTAwyAEJqQKHoCQ3TGKyPuACAKgDAcgDAqoEwQJP0DO2FEWyVTMkjpPTxxOp0BrqvcosurZiN1JsFAA0JOtxAlbG7Ept6tsQydxRhH-Sdc6Xu5vd_vj-XEcr-wroylCTe3LwXD1NDECygw2P_EtIXbgeDXbQ90bedK29vf9v3DDbsdQ6EIydeXkoAx47DmwxIcEUWHH8_AOtk50Pybs93Ha32ilHw7fRswvVcvukxNxsGnvFWChZthho6SRsB-ab3mZYgLL18fWlHCtjsq_mU39ec-Ryqv-H3GQEjnP31WBJdXoKwMmOv-NibH8kefOKyWZzGKiw_sjXbTnNm0wEztKA_-kmjUYnvRQAlXlptqAr2TCk8t9_4sm8spkpzPhOTBaK8G3bT2YljEw8pLH6SuA80EXv2NZ2kbivD2fhOZDmrGSYnqDMnqH3jTIrMIoSyX6WMh8KFrDAEyW3jI3gBAGABrnqssHX0466vgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYsa-dg4HPgwP6CwIIAYAMAeINEwjb552Dgc-DAxUoOlUIHdyDAHnQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3K4XSIv_PnvURJgKjQ-rhqoh_Nnw%2526client%253Dca-pub-6120805917655100%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2a9e1eedba53e281f772796dd83eb2280b1a1c1c1c9ebd114d5bb7499fde7bdc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 00:04:55 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3344111
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400
content-length: 14254
cf-bgj: imgq:85,h2pri
last-modified: Thu, 09 Nov 2023 09:11:52 GMT
server: cloudflare
etag: "5354ec8a9e72c8f64868101f5dd44ece"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gkB2TRG1jdpk3zlorOp8VzDqTbIxM4vehVkJ8DclTS8FJ1BxzdEf2ibh8k6iEzrrtDSSdoJlv7xyLU6PIwSxhMU1dQCnFR%2Bs2MuGVz2WXBYYZfSIQ2nXLOVk5Rr%2Be%2Bmmo3z%2B4hfVh%2BsX9oAf"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 84286cf80d9f9b1f-FRA

GET
H3 200 90E11D2E4CFB32857DB7C2E1317DD53401EA4F6F6F9CD68E6E871CA9D0C876402E8B3C561F20D09E5FFCF6D6F6634B28F60F47276020F60158747BE09B58F826
assets.ad4m.at/logo/ Frame A001 4 KB
5 KB 59ms
58ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/90E11D2E4CFB32857DB7C2E1317DD53401EA4F6F6F9CD68E6E871CA9D0C876402E8B3C561F20D09E5FFCF6D6F6634B28F60F47276020F60158747BE09B58F826
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43766%2C19769%2C197862&b=791CqfzfGk6urHXHgtAtWJBH4S1TQQ2f2kBW%2Cjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2C3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3&f=EDbhDfEfRDqFzHAHjt6C3BqfKSVTYYgSBgdP%2CxmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W&c=728&d=90&e=&g=c5fa743b39a02594cbcc60731a801ec0%2F8878562932021235608&i=24891%2C21630%2C71725&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1704758695597&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kt46gd71yv7k4t1g4sxj9t8dv7gwtvyefckaynd2051dkevz8bq76jty6j2gb963tj8gtgpvp4e4yeymvsn0adg9zjgs32df1vs3ke6h03twbvtphyc9e7wg8xa9cb0hbvnt98adwvttb2b4azj0wb0968qfh66g98ct1qpcvm0sjm7rada544hegpvye66s0hydvmnnmfxfwz2q8t5p4n1y6cnv5r6m8ys59243mwjywy9arksdd0e0fsd7r3h36t0hjav8mtbrgksmzg77vjx%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCyWjypo2cZbyMFqj01PIP3IeCyAeQ4YGEXLaoworwAsCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi02MTIwODA1OTE3NjU1MTAwyAEJqQKHoCQ3TGKyPuACAKgDAcgDAqoEwQJP0DO2FEWyVTMkjpPTxxOp0BrqvcosurZiN1JsFAA0JOtxAlbG7Ept6tsQydxRhH-Sdc6Xu5vd_vj-XEcr-wroylCTe3LwXD1NDECygw2P_EtIXbgeDXbQ90bedK29vf9v3DDbsdQ6EIydeXkoAx47DmwxIcEUWHH8_AOtk50Pybs93Ha32ilHw7fRswvVcvukxNxsGnvFWChZthho6SRsB-ab3mZYgLL18fWlHCtjsq_mU39ec-Ryqv-H3GQEjnP31WBJdXoKwMmOv-NibH8kefOKyWZzGKiw_sjXbTnNm0wEztKA_-kmjUYnvRQAlXlptqAr2TCk8t9_4sm8spkpzPhOTBaK8G3bT2YljEw8pLH6SuA80EXv2NZ2kbivD2fhOZDmrGSYnqDMnqH3jTIrMIoSyX6WMh8KFrDAEyW3jI3gBAGABrnqssHX0466vgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYsa-dg4HPgwP6CwIIAYAMAeINEwjb552Dgc-DAxUoOlUIHdyDAHnQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3K4XSIv_PnvURJgKjQ-rhqoh_Nnw%2526client%253Dca-pub-6120805917655100%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7df956c080a1bb3ed36decdc5b978505ddf07aa8d4b1b69e6ded3a9773464a2b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 00:04:55 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 271355
cf-polished: qual=85, origFmt=jpeg, origSize=7258
alt-svc: h3=":443"; ma=86400
content-length: 4294
cf-bgj: imgq:85,h2pri
last-modified: Wed, 01 Nov 2023 09:56:16 GMT
server: cloudflare
etag: "679602b08629bcaaabfcfad4e68fe53a"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=56GRSgqWrjLs37%2FWLeIqwziivCemazufIPTnLg%2Fr7ptr%2BWOGK632s76vZDB3rBZKpnJ15AuoeuVCBCupnP%2FoOW2Ogi9zhFWIej2r5cGrZdYomMQSQfsEQbbmUr3e6RIVpitDQWVkVT%2F6KdCB"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 84286cf80da09b1f-FRA

GET
H3 200 287435BEDBEF5210566F91ED2E6D57494D1CBA241E887A111712FB8ADF6747B3B44CBC7EE390AD74BB6985CDD69339A9B2EDEE7334ACD70F503D0812F8C7EBF1
assets.ad4m.at/ Frame A001 15 KB
16 KB 60ms
59ms Image
image/jpeg 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/287435BEDBEF5210566F91ED2E6D57494D1CBA241E887A111712FB8ADF6747B3B44CBC7EE390AD74BB6985CDD69339A9B2EDEE7334ACD70F503D0812F8C7EBF1
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43766%2C19769%2C197862&b=791CqfzfGk6urHXHgtAtWJBH4S1TQQ2f2kBW%2Cjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2C3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3&f=EDbhDfEfRDqFzHAHjt6C3BqfKSVTYYgSBgdP%2CxmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W&c=728&d=90&e=&g=c5fa743b39a02594cbcc60731a801ec0%2F8878562932021235608&i=24891%2C21630%2C71725&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1704758695597&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kt46gd71yv7k4t1g4sxj9t8dv7gwtvyefckaynd2051dkevz8bq76jty6j2gb963tj8gtgpvp4e4yeymvsn0adg9zjgs32df1vs3ke6h03twbvtphyc9e7wg8xa9cb0hbvnt98adwvttb2b4azj0wb0968qfh66g98ct1qpcvm0sjm7rada544hegpvye66s0hydvmnnmfxfwz2q8t5p4n1y6cnv5r6m8ys59243mwjywy9arksdd0e0fsd7r3h36t0hjav8mtbrgksmzg77vjx%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCyWjypo2cZbyMFqj01PIP3IeCyAeQ4YGEXLaoworwAsCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi02MTIwODA1OTE3NjU1MTAwyAEJqQKHoCQ3TGKyPuACAKgDAcgDAqoEwQJP0DO2FEWyVTMkjpPTxxOp0BrqvcosurZiN1JsFAA0JOtxAlbG7Ept6tsQydxRhH-Sdc6Xu5vd_vj-XEcr-wroylCTe3LwXD1NDECygw2P_EtIXbgeDXbQ90bedK29vf9v3DDbsdQ6EIydeXkoAx47DmwxIcEUWHH8_AOtk50Pybs93Ha32ilHw7fRswvVcvukxNxsGnvFWChZthho6SRsB-ab3mZYgLL18fWlHCtjsq_mU39ec-Ryqv-H3GQEjnP31WBJdXoKwMmOv-NibH8kefOKyWZzGKiw_sjXbTnNm0wEztKA_-kmjUYnvRQAlXlptqAr2TCk8t9_4sm8spkpzPhOTBaK8G3bT2YljEw8pLH6SuA80EXv2NZ2kbivD2fhOZDmrGSYnqDMnqH3jTIrMIoSyX6WMh8KFrDAEyW3jI3gBAGABrnqssHX0466vgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYsa-dg4HPgwP6CwIIAYAMAeINEwjb552Dgc-DAxUoOlUIHdyDAHnQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3K4XSIv_PnvURJgKjQ-rhqoh_Nnw%2526client%253Dca-pub-6120805917655100%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5c8aaf3a0a4a9840eef8109904bf9d8ca3cf0933567fc63c82f239b7bd344ce3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 00:04:55 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3449297
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400
content-length: 15521
cf-bgj: imgq:85,h2pri
last-modified: Thu, 09 Nov 2023 08:09:52 GMT
server: cloudflare
etag: "269bd58060bc660c3aec98b388bae571"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gUYs3cWnDG%2BoCb02tW0hdnXFRGFNaz%2FA8VMOGEfXSjd8TfZK3yIwp3yw0gh6hgeoz9tdQwJAMF%2Fan9%2BioRr1u30XnOU3aHuuQPrDhOVHqN%2Frn9yPg5Pfghr%2F9DUmWkefLGdtrc%2FFQmaa0CXE"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 84286cf80da39b1f-FRA

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame A001 43 B
704 B 46ms
45ms Image
image/gif 23.199.221.167
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2531885&v=14702&q=365825&r=412871&pv=1&pref3=oneidjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7oneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43766%2C19769%2C197862&b=791CqfzfGk6urHXHgtAtWJBH4S1TQQ2f2kBW%2Cjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2C3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3&f=EDbhDfEfRDqFzHAHjt6C3BqfKSVTYYgSBgdP%2CxmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W&c=728&d=90&e=&g=c5fa743b39a02594cbcc60731a801ec0%2F8878562932021235608&i=24891%2C21630%2C71725&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1704758695597&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kt46gd71yv7k4t1g4sxj9t8dv7gwtvyefckaynd2051dkevz8bq76jty6j2gb963tj8gtgpvp4e4yeymvsn0adg9zjgs32df1vs3ke6h03twbvtphyc9e7wg8xa9cb0hbvnt98adwvttb2b4azj0wb0968qfh66g98ct1qpcvm0sjm7rada544hegpvye66s0hydvmnnmfxfwz2q8t5p4n1y6cnv5r6m8ys59243mwjywy9arksdd0e0fsd7r3h36t0hjav8mtbrgksmzg77vjx%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCyWjypo2cZbyMFqj01PIP3IeCyAeQ4YGEXLaoworwAsCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi02MTIwODA1OTE3NjU1MTAwyAEJqQKHoCQ3TGKyPuACAKgDAcgDAqoEwQJP0DO2FEWyVTMkjpPTxxOp0BrqvcosurZiN1JsFAA0JOtxAlbG7Ept6tsQydxRhH-Sdc6Xu5vd_vj-XEcr-wroylCTe3LwXD1NDECygw2P_EtIXbgeDXbQ90bedK29vf9v3DDbsdQ6EIydeXkoAx47DmwxIcEUWHH8_AOtk50Pybs93Ha32ilHw7fRswvVcvukxNxsGnvFWChZthho6SRsB-ab3mZYgLL18fWlHCtjsq_mU39ec-Ryqv-H3GQEjnP31WBJdXoKwMmOv-NibH8kefOKyWZzGKiw_sjXbTnNm0wEztKA_-kmjUYnvRQAlXlptqAr2TCk8t9_4sm8spkpzPhOTBaK8G3bT2YljEw8pLH6SuA80EXv2NZ2kbivD2fhOZDmrGSYnqDMnqH3jTIrMIoSyX6WMh8KFrDAEyW3jI3gBAGABrnqssHX0466vgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYsa-dg4HPgwP6CwIIAYAMAeINEwjb552Dgc-DAxUoOlUIHdyDAHnQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3K4XSIv_PnvURJgKjQ-rhqoh_Nnw%2526client%253Dca-pub-6120805917655100%2526adurl%253D&y=1&s=&z=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.199.221.167 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-199-221-167.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 09 Jan 2024 00:04:55 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
H3 200 AC50ED06D6B01579BBF8202CAC1E2BC99A8C4EFC03AE0DB29DFC1BDB2F82E09188D30122E09EB7D91DC8B3182DA9DB4A5BED06E4BC2B9D6F0CA2AC61EC267111
assets.ad4m.at/logo/ Frame A001 8 KB
8 KB 72ms
71ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/AC50ED06D6B01579BBF8202CAC1E2BC99A8C4EFC03AE0DB29DFC1BDB2F82E09188D30122E09EB7D91DC8B3182DA9DB4A5BED06E4BC2B9D6F0CA2AC61EC267111
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43766%2C19769%2C197862&b=791CqfzfGk6urHXHgtAtWJBH4S1TQQ2f2kBW%2Cjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2C3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3&f=EDbhDfEfRDqFzHAHjt6C3BqfKSVTYYgSBgdP%2CxmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W&c=728&d=90&e=&g=c5fa743b39a02594cbcc60731a801ec0%2F8878562932021235608&i=24891%2C21630%2C71725&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1704758695597&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kt46gd71yv7k4t1g4sxj9t8dv7gwtvyefckaynd2051dkevz8bq76jty6j2gb963tj8gtgpvp4e4yeymvsn0adg9zjgs32df1vs3ke6h03twbvtphyc9e7wg8xa9cb0hbvnt98adwvttb2b4azj0wb0968qfh66g98ct1qpcvm0sjm7rada544hegpvye66s0hydvmnnmfxfwz2q8t5p4n1y6cnv5r6m8ys59243mwjywy9arksdd0e0fsd7r3h36t0hjav8mtbrgksmzg77vjx%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCyWjypo2cZbyMFqj01PIP3IeCyAeQ4YGEXLaoworwAsCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi02MTIwODA1OTE3NjU1MTAwyAEJqQKHoCQ3TGKyPuACAKgDAcgDAqoEwQJP0DO2FEWyVTMkjpPTxxOp0BrqvcosurZiN1JsFAA0JOtxAlbG7Ept6tsQydxRhH-Sdc6Xu5vd_vj-XEcr-wroylCTe3LwXD1NDECygw2P_EtIXbgeDXbQ90bedK29vf9v3DDbsdQ6EIydeXkoAx47DmwxIcEUWHH8_AOtk50Pybs93Ha32ilHw7fRswvVcvukxNxsGnvFWChZthho6SRsB-ab3mZYgLL18fWlHCtjsq_mU39ec-Ryqv-H3GQEjnP31WBJdXoKwMmOv-NibH8kefOKyWZzGKiw_sjXbTnNm0wEztKA_-kmjUYnvRQAlXlptqAr2TCk8t9_4sm8spkpzPhOTBaK8G3bT2YljEw8pLH6SuA80EXv2NZ2kbivD2fhOZDmrGSYnqDMnqH3jTIrMIoSyX6WMh8KFrDAEyW3jI3gBAGABrnqssHX0466vgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYsa-dg4HPgwP6CwIIAYAMAeINEwjb552Dgc-DAxUoOlUIHdyDAHnQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3K4XSIv_PnvURJgKjQ-rhqoh_Nnw%2526client%253Dca-pub-6120805917655100%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1126261762db36bce53560ac36f5ede1954662d33a6d6eeb62d84b715070e7bc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 00:04:55 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 280404
cf-polished: qual=85, origFmt=jpeg, origSize=10446
alt-svc: h3=":443"; ma=86400
content-length: 7728
cf-bgj: imgq:85,h2pri
last-modified: Sat, 04 Nov 2023 16:41:23 GMT
server: cloudflare
etag: "bddcb815cd8abad672404f9cdec6f97c"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T9g7i1X1wpwXzTPAf%2BPDgv6%2FkLzX3%2B1xY2HwvjBUTGjpNdgXhBcAOY5vJ4039ZWZbsCZiMkR0XDD5j51mFGR1GYpTgIgUWcek26fu1vf0g3vK%2FMYqqwRwvmOa9U0WbmgbaARkvBB4e7s2Mxj"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 84286cf80da49b1f-FRA

GET
H3 200 A36DAD0D440985CF6ABFA23492945CE5BC6D94350A66B19418CB771AFE823AD9B48ADE8E2F007546F0A50A710172EEFC2CAC1468E38852CE2028C22592AAFB75
assets.ad4m.at/product_image/ Frame A001 11 KB
12 KB 87ms
86ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/A36DAD0D440985CF6ABFA23492945CE5BC6D94350A66B19418CB771AFE823AD9B48ADE8E2F007546F0A50A710172EEFC2CAC1468E38852CE2028C22592AAFB75
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43766%2C19769%2C197862&b=791CqfzfGk6urHXHgtAtWJBH4S1TQQ2f2kBW%2Cjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2C3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3&f=EDbhDfEfRDqFzHAHjt6C3BqfKSVTYYgSBgdP%2CxmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W&c=728&d=90&e=&g=c5fa743b39a02594cbcc60731a801ec0%2F8878562932021235608&i=24891%2C21630%2C71725&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1704758695597&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kt46gd71yv7k4t1g4sxj9t8dv7gwtvyefckaynd2051dkevz8bq76jty6j2gb963tj8gtgpvp4e4yeymvsn0adg9zjgs32df1vs3ke6h03twbvtphyc9e7wg8xa9cb0hbvnt98adwvttb2b4azj0wb0968qfh66g98ct1qpcvm0sjm7rada544hegpvye66s0hydvmnnmfxfwz2q8t5p4n1y6cnv5r6m8ys59243mwjywy9arksdd0e0fsd7r3h36t0hjav8mtbrgksmzg77vjx%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCyWjypo2cZbyMFqj01PIP3IeCyAeQ4YGEXLaoworwAsCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi02MTIwODA1OTE3NjU1MTAwyAEJqQKHoCQ3TGKyPuACAKgDAcgDAqoEwQJP0DO2FEWyVTMkjpPTxxOp0BrqvcosurZiN1JsFAA0JOtxAlbG7Ept6tsQydxRhH-Sdc6Xu5vd_vj-XEcr-wroylCTe3LwXD1NDECygw2P_EtIXbgeDXbQ90bedK29vf9v3DDbsdQ6EIydeXkoAx47DmwxIcEUWHH8_AOtk50Pybs93Ha32ilHw7fRswvVcvukxNxsGnvFWChZthho6SRsB-ab3mZYgLL18fWlHCtjsq_mU39ec-Ryqv-H3GQEjnP31WBJdXoKwMmOv-NibH8kefOKyWZzGKiw_sjXbTnNm0wEztKA_-kmjUYnvRQAlXlptqAr2TCk8t9_4sm8spkpzPhOTBaK8G3bT2YljEw8pLH6SuA80EXv2NZ2kbivD2fhOZDmrGSYnqDMnqH3jTIrMIoSyX6WMh8KFrDAEyW3jI3gBAGABrnqssHX0466vgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYsa-dg4HPgwP6CwIIAYAMAeINEwjb552Dgc-DAxUoOlUIHdyDAHnQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3K4XSIv_PnvURJgKjQ-rhqoh_Nnw%2526client%253Dca-pub-6120805917655100%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c7f7f5265aeb0202ce88e8a6dfcc0ca25a7b990bb9ffac2f9e430ae6af2b6154

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 00:04:55 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 11937
cf-polished: qual=85, origFmt=jpeg, origSize=13532
alt-svc: h3=":443"; ma=86400
content-length: 11268
cf-bgj: imgq:85,h2pri
last-modified: Fri, 03 Nov 2023 22:13:51 GMT
server: cloudflare
etag: "d9fd29c7a268fd485230a60f0d2e0192"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UQ7cNEyPzpBO2n6WI%2FScTk2CP9v%2F%2FE4i71A9lK7tZ8Ktge1oNFi9JXhN6Fnp%2BdmbIwpNvLOg%2BHkEDctUfMFmQmDFYENpBHp%2FcKCsR2f1swzFmW4m6LGDPEmF4XG07KxRZrMmXCKijmIDln16"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 84286cf80da59b1f-FRA

GET
BLOB 200
OK 14dd89dd-380f-4c87-bab4-e5f6b943c752
https://www.melhoresdestinos.com.br/ 241 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.melhoresdestinos.com.br/14dd89dd-380f-4c87-bab4-e5f6b943c752
Requested by: Host: www.melhoresdestinos.com.br
URL: https://www.melhoresdestinos.com.br/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7bb2a9b0b57103bb573bb91e43ef305d3b9fe7bf80a61adf26234f17bc32c5f5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Length: 241
Content-Type: text/javascript

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame 19D0 3 KB
3 KB 42ms
41ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=537178&b=dk8aEfkf47VzcEHjHwtEtbXQfeS4T55PfgVPW&f=KXRURfZfK8m6S5HMHktzCB2Gh7SAT88qcp25b&c=300&d=50&e=&g=2e75643854e1e629df1242c45af7d972%2F18026590647324241718&i=21596&j=16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1704758695708&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1knb2z6rx3b5fpp5133929qty82ywnfz7sbj2em3nyh5qfnzhk1yyjzjjp4hks5exrb96c4ymzstysnfphrzb54q97znwch4n5rn300ffxb6zk7mxygrrb0bgtke7mrkhcp31nf2knfx1mwkq8q7jwmzda9savdx1evd7ag94w8cay585pz3dxp4vtgjqypjg7nbbjg6gnkntbxhftwxh6p4npns7q7j4pt92t0qrseww8c75t3czy43p8mda9r90jtc5qx10ej2mj4stf0c1zx2%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCKlsXpo2cZb6MFqj01PIP3IeCyAeQ4YGEXLaoworwAsCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi02MTIwODA1OTE3NjU1MTAwyAEJqQKHoCQ3TGKyPuACAKgDAcgDAqoEwgJP0JrNHWABItPN-wmKp0sjgVs4Y2iFXwya43DSK2NwRFJj70TllDapgqsRTQfUM0Oc6m4AeKCC783S-GHblV_71SwqYjlQ00ATw6wmwqMAS0TSgcy0pD98-cn80OBe22mcuMcJSRO5y3RZ6IhDobLsoBs5-_cdlZMfLJLzymzWdRbI5oR0DUh3AIaSI1n4kiTn8sRj05DBeqt_4T9xGmWVZJsLUewZhletNrcQ8W2cGhPDlLtpdlGld6NRgKQZfxghlxNyriqZqW4lRhAPOWsj8-I3PNqj4xMbVDlvxa4aGMmT5D_4AXTSUI6gUQqjdP_ULGUpr0ynsVzZaxCauY6RVqK8nKJYkC6USJmAUL1EOBv0KK17EaAbTJhRC2CczTY-dAWTUVJQL43_hGd4bmBJY_4HGByXx24lYdzMSuACtF2q4AQBgAaalv6x-5b39cgBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WLGvnYOBz4MD-gsCCAGADAHiDRMI3eedg4HPgwMVKDpVCB3cgwB50BUBgBcB%2526num%253D1%2526sig%253DAOD64_2FGGt69vZhY-aSs-IfNwungNBNSQ%2526client%253Dca-pub-6120805917655100%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a9e1acfa4849788483f1c004dbb01378a5a163076dc0d9ce939528b14e010006

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src ;connect-src https:;default-src 'self';font-src ;form-action 'none';frame-src ;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src 'unsafe-inline'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1hzj67jjy60wdxe6x67422ngjs726rg8m6gnwa0g5t442tmvgn9nz8556hznc0s2k8bvyg8ncc3bh7nt9ykcbze9023qtvtxj9e060q5gdhkv8aa3198em8cbxnsgv4j0n31p582daa2tytteh490gd96ezgmfbmes4xa0t7qkrhrkfwrc9t6p80z19dkcxp8d60h9kdssk0ngg3zw8hztmh7k0zcvhaz768bd17e1jexvx3sdv54q18g6ec87fzd9cdd182tb642s59868633bm8wqaj1cksa969gfgg3jm20qhhf7bweja4497v3vvc3egjmvmxtvfmcsdmdf3fj2swz64tkz88pnhexr4n44bfr4s4b0e60kvwcp0jhqbdw86ey6jp29b0atbyyh8q107wm2apm7p0b0cgqebmeher6tsvzgjsb7yfkan1n7yqkw9qxve&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCKlsXpo2cZb6MFqj01PIP3IeCyAeQ4YGEXLaoworwAsCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi02MTIwODA1OTE3NjU1MTAwyAEJqQKHoCQ3TGKyPuACAKgDAcgDAqoEwgJP0JrNHWABItPN-wmKp0sjgVs4Y2iFXwya43DSK2NwRFJj70TllDapgqsRTQfUM0Oc6m4AeKCC783S-GHblV_71SwqYjlQ00ATw6wmwqMAS0TSgcy0pD98-cn80OBe22mcuMcJSRO5y3RZ6IhDobLsoBs5-_cdlZMfLJLzymzWdRbI5oR0DUh3AIaSI1n4kiTn8sRj05DBeqt_4T9xGmWVZJsLUewZhletNrcQ8W2cGhPDlLtpdlGld6NRgKQZfxghlxNyriqZqW4lRhAPOWsj8-I3PNqj4xMbVDlvxa4aGMmT5D_4AXTSUI6gUQqjdP_ULGUpr0ynsVzZaxCauY6RVqK8nKJYkC6USJmAUL1EOBv0KK17EaAbTJhRC2CczTY-dAWTUVJQL43_hGd4bmBJY_4HGByXx24lYdzMSuACtF2q4AQBgAaalv6x-5b39cgBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WLGvnYOBz4MD-gsCCAGADAHiDRMI3eedg4HPgwMVKDpVCB3cgwB50BUBgBcB%26num%3D1%26sig%3DAOD64_2FGGt69vZhY-aSs-IfNwungNBNSQ%26client%3Dca-pub-6120805917655100%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 84286cf85dbd9b1f-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Tue, 09 Jan 2024 00:04:55 GMT
expires: 0
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy: accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H2 429 link.html
track.webgains.com/ Frame A001 0
0 149ms
54ms Script
text/html 13.40.252.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=3118461&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1hk50bmtbwfkje3hetbmtg16h0adnmw9gbkmt63bbzf7p2ja6ckf6ed2q7hxgrbk0027kn0z6f03hvhtj8p3ey50c4hk3twwr1z4qsa5gz3z829v9w1py25vm81br0he3vazn0553nwczbfm1mwpsxn8a0bfdmrb7pnwf8f3en42g5ftc4gzqwb42774w0ay5q8b88mpznqv0h00jj4jxt8xj4aez2x156vy6cf1110kamdghys7v9y4jbfa8mktem%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1kt46gd71yv7k4t1g4sxj9t8dv7gwtvyefckaynd2051dkevz8bq76jty6j2gb963tj8gtgpvp4e4yeymvsn0adg9zjgs32df1vs3ke6h03twbvtphyc9e7wg8xa9cb0hbvnt98adwvttb2b4azj0wb0968qfh66g98ct1qpcvm0sjm7rada544hegpvye66s0hydvmnnmfxfwz2q8t5p4n1y6cnv5r6m8ys59243mwjywy9arksdd0e0fsd7r3h36t0hjav8mtbrgksmzg77vjx%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCyWjypo2cZbyMFqj01PIP3IeCyAeQ4YGEXLaoworwAsCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi02MTIwODA1OTE3NjU1MTAwyAEJqQKHoCQ3TGKyPuACAKgDAcgDAqoEwQJP0DO2FEWyVTMkjpPTxxOp0BrqvcosurZiN1JsFAA0JOtxAlbG7Ept6tsQydxRhH-Sdc6Xu5vd_vj-XEcr-wroylCTe3LwXD1NDECygw2P_EtIXbgeDXbQ90bedK29vf9v3DDbsdQ6EIydeXkoAx47DmwxIcEUWHH8_AOtk50Pybs93Ha32ilHw7fRswvVcvukxNxsGnvFWChZthho6SRsB-ab3mZYgLL18fWlHCtjsq_mU39ec-Ryqv-H3GQEjnP31WBJdXoKwMmOv-NibH8kefOKyWZzGKiw_sjXbTnNm0wEztKA_-kmjUYnvRQAlXlptqAr2TCk8t9_4sm8spkpzPhOTBaK8G3bT2YljEw8pLH6SuA80EXv2NZ2kbivD2fhOZDmrGSYnqDMnqH3jTIrMIoSyX6WMh8KFrDAEyW3jI3gBAGABrnqssHX0466vgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYsa-dg4HPgwP6CwIIAYAMAeINEwjb552Dgc-DAxUoOlUIHdyDAHnQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_3K4XSIv_PnvURJgKjQ-rhqoh_Nnw%252526client%25253Dca-pub-6120805917655100%252526adurl%25253D&clickref=oneidEDbhDfEfRDqFzHAHjt6C3BqfKSVTYYgSBgdPoneid__suite_Netmix_Reach121_BESTPERFORMER&viewref=oneid791CqfzfGk6urHXHgtAtWJBH4S1TQQ2f2kBWoneid__suite_Netmix_Reach121_BESTPERFORMER
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43766%2C19769%2C197862&b=791CqfzfGk6urHXHgtAtWJBH4S1TQQ2f2kBW%2Cjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2C3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3&f=EDbhDfEfRDqFzHAHjt6C3BqfKSVTYYgSBgdP%2CxmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W&c=728&d=90&e=&g=c5fa743b39a02594cbcc60731a801ec0%2F8878562932021235608&i=24891%2C21630%2C71725&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1704758695597&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kt46gd71yv7k4t1g4sxj9t8dv7gwtvyefckaynd2051dkevz8bq76jty6j2gb963tj8gtgpvp4e4yeymvsn0adg9zjgs32df1vs3ke6h03twbvtphyc9e7wg8xa9cb0hbvnt98adwvttb2b4azj0wb0968qfh66g98ct1qpcvm0sjm7rada544hegpvye66s0hydvmnnmfxfwz2q8t5p4n1y6cnv5r6m8ys59243mwjywy9arksdd0e0fsd7r3h36t0hjav8mtbrgksmzg77vjx%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCyWjypo2cZbyMFqj01PIP3IeCyAeQ4YGEXLaoworwAsCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi02MTIwODA1OTE3NjU1MTAwyAEJqQKHoCQ3TGKyPuACAKgDAcgDAqoEwQJP0DO2FEWyVTMkjpPTxxOp0BrqvcosurZiN1JsFAA0JOtxAlbG7Ept6tsQydxRhH-Sdc6Xu5vd_vj-XEcr-wroylCTe3LwXD1NDECygw2P_EtIXbgeDXbQ90bedK29vf9v3DDbsdQ6EIydeXkoAx47DmwxIcEUWHH8_AOtk50Pybs93Ha32ilHw7fRswvVcvukxNxsGnvFWChZthho6SRsB-ab3mZYgLL18fWlHCtjsq_mU39ec-Ryqv-H3GQEjnP31WBJdXoKwMmOv-NibH8kefOKyWZzGKiw_sjXbTnNm0wEztKA_-kmjUYnvRQAlXlptqAr2TCk8t9_4sm8spkpzPhOTBaK8G3bT2YljEw8pLH6SuA80EXv2NZ2kbivD2fhOZDmrGSYnqDMnqH3jTIrMIoSyX6WMh8KFrDAEyW3jI3gBAGABrnqssHX0466vgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYsa-dg4HPgwP6CwIIAYAMAeINEwjb552Dgc-DAxUoOlUIHdyDAHnQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3K4XSIv_PnvURJgKjQ-rhqoh_Nnw%2526client%253Dca-pub-6120805917655100%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.40.252.97 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-40-252-97.eu-west-2.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 00:04:55 GMT
server: awselb/2.0
content-length: 45
content-type: text/html

GET
H2 200 link.html Show response
track.webgains.com/ Frame A001 2 KB
2 KB 182ms
87ms Script
text/html 13.40.252.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=3641431&wgcampaignid=1384975&wgprogramid=286305&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1j411y9tk6a1c1ksvq6r4ven8e4pg5d06wwkeywekfk7cyjs9n7pxn10ftd7vkdj0b13e4fakbypa95mkzp31zfz4egbj6966ytjpg4dvja2vp1wg0jh8a1j7wrqwamb80fmp39chxkstv4g6q4sgfywhd5zg3z4a3xqtf7xbtsn1ffm1nqk24kkw67e1kcnrkesbn5x8q634ytkrs2a8pd0kc01vwvbdh5fd4etqgt2p3cktffzhbka9e89672347hg%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1kt46gd71yv7k4t1g4sxj9t8dv7gwtvyefckaynd2051dkevz8bq76jty6j2gb963tj8gtgpvp4e4yeymvsn0adg9zjgs32df1vs3ke6h03twbvtphyc9e7wg8xa9cb0hbvnt98adwvttb2b4azj0wb0968qfh66g98ct1qpcvm0sjm7rada544hegpvye66s0hydvmnnmfxfwz2q8t5p4n1y6cnv5r6m8ys59243mwjywy9arksdd0e0fsd7r3h36t0hjav8mtbrgksmzg77vjx%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCyWjypo2cZbyMFqj01PIP3IeCyAeQ4YGEXLaoworwAsCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi02MTIwODA1OTE3NjU1MTAwyAEJqQKHoCQ3TGKyPuACAKgDAcgDAqoEwQJP0DO2FEWyVTMkjpPTxxOp0BrqvcosurZiN1JsFAA0JOtxAlbG7Ept6tsQydxRhH-Sdc6Xu5vd_vj-XEcr-wroylCTe3LwXD1NDECygw2P_EtIXbgeDXbQ90bedK29vf9v3DDbsdQ6EIydeXkoAx47DmwxIcEUWHH8_AOtk50Pybs93Ha32ilHw7fRswvVcvukxNxsGnvFWChZthho6SRsB-ab3mZYgLL18fWlHCtjsq_mU39ec-Ryqv-H3GQEjnP31WBJdXoKwMmOv-NibH8kefOKyWZzGKiw_sjXbTnNm0wEztKA_-kmjUYnvRQAlXlptqAr2TCk8t9_4sm8spkpzPhOTBaK8G3bT2YljEw8pLH6SuA80EXv2NZ2kbivD2fhOZDmrGSYnqDMnqH3jTIrMIoSyX6WMh8KFrDAEyW3jI3gBAGABrnqssHX0466vgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYsa-dg4HPgwP6CwIIAYAMAeINEwjb552Dgc-DAxUoOlUIHdyDAHnQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_3K4XSIv_PnvURJgKjQ-rhqoh_Nnw%252526client%25253Dca-pub-6120805917655100%252526adurl%25253D&clickref=oneidWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8Woneid__suite_Netmix_Reach121_BESTPERFORMER&viewref=oneid3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3oneid__suite_Netmix_Reach121_BESTPERFORMER
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43766%2C19769%2C197862&b=791CqfzfGk6urHXHgtAtWJBH4S1TQQ2f2kBW%2Cjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2C3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3&f=EDbhDfEfRDqFzHAHjt6C3BqfKSVTYYgSBgdP%2CxmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W&c=728&d=90&e=&g=c5fa743b39a02594cbcc60731a801ec0%2F8878562932021235608&i=24891%2C21630%2C71725&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1704758695597&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kt46gd71yv7k4t1g4sxj9t8dv7gwtvyefckaynd2051dkevz8bq76jty6j2gb963tj8gtgpvp4e4yeymvsn0adg9zjgs32df1vs3ke6h03twbvtphyc9e7wg8xa9cb0hbvnt98adwvttb2b4azj0wb0968qfh66g98ct1qpcvm0sjm7rada544hegpvye66s0hydvmnnmfxfwz2q8t5p4n1y6cnv5r6m8ys59243mwjywy9arksdd0e0fsd7r3h36t0hjav8mtbrgksmzg77vjx%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCyWjypo2cZbyMFqj01PIP3IeCyAeQ4YGEXLaoworwAsCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi02MTIwODA1OTE3NjU1MTAwyAEJqQKHoCQ3TGKyPuACAKgDAcgDAqoEwQJP0DO2FEWyVTMkjpPTxxOp0BrqvcosurZiN1JsFAA0JOtxAlbG7Ept6tsQydxRhH-Sdc6Xu5vd_vj-XEcr-wroylCTe3LwXD1NDECygw2P_EtIXbgeDXbQ90bedK29vf9v3DDbsdQ6EIydeXkoAx47DmwxIcEUWHH8_AOtk50Pybs93Ha32ilHw7fRswvVcvukxNxsGnvFWChZthho6SRsB-ab3mZYgLL18fWlHCtjsq_mU39ec-Ryqv-H3GQEjnP31WBJdXoKwMmOv-NibH8kefOKyWZzGKiw_sjXbTnNm0wEztKA_-kmjUYnvRQAlXlptqAr2TCk8t9_4sm8spkpzPhOTBaK8G3bT2YljEw8pLH6SuA80EXv2NZ2kbivD2fhOZDmrGSYnqDMnqH3jTIrMIoSyX6WMh8KFrDAEyW3jI3gBAGABrnqssHX0466vgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYsa-dg4HPgwP6CwIIAYAMAeINEwjb552Dgc-DAxUoOlUIHdyDAHnQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3K4XSIv_PnvURJgKjQ-rhqoh_Nnw%2526client%253Dca-pub-6120805917655100%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.40.252.97 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-40-252-97.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: 823e092e7558a171e4799ef9e8aa1d42a523a581d8cfa246c5d611cfc188cb85

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 00:04:55 GMT
last-modified: Tue, 09 Jan 2024 00:04:55 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Tue, 09 Jan 2024 00:05:55 GMT

GET
H2 200 1f499.svg
s.w.org/images/core/emoji/14.0.0/svg/ 368 B
679 B 78ms
25ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/1f499.svg

Requested by

Host: www.melhoresdestinos.com.br
URL: https://www.melhoresdestinos.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

44cb18486c627b7e38f3d6fd9bb5c3609ef8193d66046933230ec104420bf314

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.melhoresdestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Tue, 09 Jan 2024 00:04:55 GMT
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:50:38 GMT
server: nginx
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 368
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.50/one-ad/ Frame 19D0 115 KB
14 KB 36ms
36ms Stylesheet
text/css 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=537178&b=dk8aEfkf47VzcEHjHwtEtbXQfeS4T55PfgVPW&f=KXRURfZfK8m6S5HMHktzCB2Gh7SAT88qcp25b&c=300&d=50&e=&g=2e75643854e1e629df1242c45af7d972%2F18026590647324241718&i=21596&j=16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1704758695708&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1knb2z6rx3b5fpp5133929qty82ywnfz7sbj2em3nyh5qfnzhk1yyjzjjp4hks5exrb96c4ymzstysnfphrzb54q97znwch4n5rn300ffxb6zk7mxygrrb0bgtke7mrkhcp31nf2knfx1mwkq8q7jwmzda9savdx1evd7ag94w8cay585pz3dxp4vtgjqypjg7nbbjg6gnkntbxhftwxh6p4npns7q7j4pt92t0qrseww8c75t3czy43p8mda9r90jtc5qx10ej2mj4stf0c1zx2%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCKlsXpo2cZb6MFqj01PIP3IeCyAeQ4YGEXLaoworwAsCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi02MTIwODA1OTE3NjU1MTAwyAEJqQKHoCQ3TGKyPuACAKgDAcgDAqoEwgJP0JrNHWABItPN-wmKp0sjgVs4Y2iFXwya43DSK2NwRFJj70TllDapgqsRTQfUM0Oc6m4AeKCC783S-GHblV_71SwqYjlQ00ATw6wmwqMAS0TSgcy0pD98-cn80OBe22mcuMcJSRO5y3RZ6IhDobLsoBs5-_cdlZMfLJLzymzWdRbI5oR0DUh3AIaSI1n4kiTn8sRj05DBeqt_4T9xGmWVZJsLUewZhletNrcQ8W2cGhPDlLtpdlGld6NRgKQZfxghlxNyriqZqW4lRhAPOWsj8-I3PNqj4xMbVDlvxa4aGMmT5D_4AXTSUI6gUQqjdP_ULGUpr0ynsVzZaxCauY6RVqK8nKJYkC6USJmAUL1EOBv0KK17EaAbTJhRC2CczTY-dAWTUVJQL43_hGd4bmBJY_4HGByXx24lYdzMSuACtF2q4AQBgAaalv6x-5b39cgBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WLGvnYOBz4MD-gsCCAGADAHiDRMI3eedg4HPgwMVKDpVCB3cgwB50BUBgBcB%2526num%253D1%2526sig%253DAOD64_2FGGt69vZhY-aSs-IfNwungNBNSQ%2526client%253Dca-pub-6120805917655100%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=537178&b=dk8aEfkf47VzcEHjHwtEtbXQfeS4T55PfgVPW&f=KXRURfZfK8m6S5HMHktzCB2Gh7SAT88qcp25b&c=300&d=50&e=&g=2e75643854e1e629df1242c45af7d972%2F18026590647324241718&i=21596&j=16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1704758695708&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1knb2z6rx3b5fpp5133929qty82ywnfz7sbj2em3nyh5qfnzhk1yyjzjjp4hks5exrb96c4ymzstysnfphrzb54q97znwch4n5rn300ffxb6zk7mxygrrb0bgtke7mrkhcp31nf2knfx1mwkq8q7jwmzda9savdx1evd7ag94w8cay585pz3dxp4vtgjqypjg7nbbjg6gnkntbxhftwxh6p4npns7q7j4pt92t0qrseww8c75t3czy43p8mda9r90jtc5qx10ej2mj4stf0c1zx2%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCKlsXpo2cZb6MFqj01PIP3IeCyAeQ4YGEXLaoworwAsCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi02MTIwODA1OTE3NjU1MTAwyAEJqQKHoCQ3TGKyPuACAKgDAcgDAqoEwgJP0JrNHWABItPN-wmKp0sjgVs4Y2iFXwya43DSK2NwRFJj70TllDapgqsRTQfUM0Oc6m4AeKCC783S-GHblV_71SwqYjlQ00ATw6wmwqMAS0TSgcy0pD98-cn80OBe22mcuMcJSRO5y3RZ6IhDobLsoBs5-_cdlZMfLJLzymzWdRbI5oR0DUh3AIaSI1n4kiTn8sRj05DBeqt_4T9xGmWVZJsLUewZhletNrcQ8W2cGhPDlLtpdlGld6NRgKQZfxghlxNyriqZqW4lRhAPOWsj8-I3PNqj4xMbVDlvxa4aGMmT5D_4AXTSUI6gUQqjdP_ULGUpr0ynsVzZaxCauY6RVqK8nKJYkC6USJmAUL1EOBv0KK17EaAbTJhRC2CczTY-dAWTUVJQL43_hGd4bmBJY_4HGByXx24lYdzMSuACtF2q4AQBgAaalv6x-5b39cgBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WLGvnYOBz4MD-gsCCAGADAHiDRMI3eedg4HPgwMVKDpVCB3cgwB50BUBgBcB%2526num%253D1%2526sig%253DAOD64_2FGGt69vZhY-aSs-IfNwungNBNSQ%2526client%253Dca-pub-6120805917655100%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 00:04:55 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2326514
cf-polished: origSize=118430
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 02 Nov 2023 10:26:17 GMT
server: cloudflare
etag: W/"486507ccce9ac587d11c0ef3f32a109a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k3tA8cD2E02D%2FQiVqZ%2FHo%2BBY5GzPa%2FKz6sXAU5pDtL9xGzLfYyajLAr5aQQq1bqhEY4NK2eYDnE7t%2BmO0pbzeEhvrVGE3YDAZqJnNEuMzPt2GEZtSRG7%2FDKTWRa%2FaoYV8vrhKvr2c4A%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=86400
cf-ray: 84286cf8adcf9b1f-FRA
expires: Wed, 10 Jan 2024 00:04:55 GMT

GET
H3 200 762E992A001272DDC355514B76DC4960DDF6238B0F54854C0B29BE64A7E78BA5693E54C1A602322E523834805FE15471ECC3FEB06D9A02796A930A4085F71F84
assets.ad4m.at/logo/ Frame 19D0 7 KB
7 KB 49ms
49ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/762E992A001272DDC355514B76DC4960DDF6238B0F54854C0B29BE64A7E78BA5693E54C1A602322E523834805FE15471ECC3FEB06D9A02796A930A4085F71F84
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=537178&b=dk8aEfkf47VzcEHjHwtEtbXQfeS4T55PfgVPW&f=KXRURfZfK8m6S5HMHktzCB2Gh7SAT88qcp25b&c=300&d=50&e=&g=2e75643854e1e629df1242c45af7d972%2F18026590647324241718&i=21596&j=16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1704758695708&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1knb2z6rx3b5fpp5133929qty82ywnfz7sbj2em3nyh5qfnzhk1yyjzjjp4hks5exrb96c4ymzstysnfphrzb54q97znwch4n5rn300ffxb6zk7mxygrrb0bgtke7mrkhcp31nf2knfx1mwkq8q7jwmzda9savdx1evd7ag94w8cay585pz3dxp4vtgjqypjg7nbbjg6gnkntbxhftwxh6p4npns7q7j4pt92t0qrseww8c75t3czy43p8mda9r90jtc5qx10ej2mj4stf0c1zx2%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCKlsXpo2cZb6MFqj01PIP3IeCyAeQ4YGEXLaoworwAsCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi02MTIwODA1OTE3NjU1MTAwyAEJqQKHoCQ3TGKyPuACAKgDAcgDAqoEwgJP0JrNHWABItPN-wmKp0sjgVs4Y2iFXwya43DSK2NwRFJj70TllDapgqsRTQfUM0Oc6m4AeKCC783S-GHblV_71SwqYjlQ00ATw6wmwqMAS0TSgcy0pD98-cn80OBe22mcuMcJSRO5y3RZ6IhDobLsoBs5-_cdlZMfLJLzymzWdRbI5oR0DUh3AIaSI1n4kiTn8sRj05DBeqt_4T9xGmWVZJsLUewZhletNrcQ8W2cGhPDlLtpdlGld6NRgKQZfxghlxNyriqZqW4lRhAPOWsj8-I3PNqj4xMbVDlvxa4aGMmT5D_4AXTSUI6gUQqjdP_ULGUpr0ynsVzZaxCauY6RVqK8nKJYkC6USJmAUL1EOBv0KK17EaAbTJhRC2CczTY-dAWTUVJQL43_hGd4bmBJY_4HGByXx24lYdzMSuACtF2q4AQBgAaalv6x-5b39cgBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WLGvnYOBz4MD-gsCCAGADAHiDRMI3eedg4HPgwMVKDpVCB3cgwB50BUBgBcB%2526num%253D1%2526sig%253DAOD64_2FGGt69vZhY-aSs-IfNwungNBNSQ%2526client%253Dca-pub-6120805917655100%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e81e6b638202bbdf9e2ebe46b4137db06f58c43baa9f35b3e79d98108001a212

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 00:04:55 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 271936
cf-polished: qual=85, origFmt=jpeg, origSize=8714
alt-svc: h3=":443"; ma=86400
content-length: 6672
cf-bgj: imgq:85,h2pri
last-modified: Wed, 01 Nov 2023 08:50:26 GMT
server: cloudflare
etag: "52953af169f970e1ac17ba40d8c26548"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=khuygRypdqA1KQ%2BN4rJb0neQmJtLXnFSyjEeSAq60ZONGZ%2F20Xe6ErkMwv5nEtKp0lmXYgVJ9GBb0gM0GskQm6QN41OZGSLnZ6bSnifTynXG2mTvvdZh%2BjpoUwKiYFqDruk1GrHoH1TaF0kF"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 84286cf8bdd99b1f-FRA

GET
H3 200 E1613AB51B8289501DC4E750FD05DAF49FBB0AEAEF6155FD81001404C0F388525557C80572BA5C3D895730DA3957A6D15AF6D079DFB5F55ED0C22B8402FC82AE
assets.ad4m.at/ Frame 19D0 25 KB
25 KB 33ms
33ms Image
image/jpeg 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/E1613AB51B8289501DC4E750FD05DAF49FBB0AEAEF6155FD81001404C0F388525557C80572BA5C3D895730DA3957A6D15AF6D079DFB5F55ED0C22B8402FC82AE
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=537178&b=dk8aEfkf47VzcEHjHwtEtbXQfeS4T55PfgVPW&f=KXRURfZfK8m6S5HMHktzCB2Gh7SAT88qcp25b&c=300&d=50&e=&g=2e75643854e1e629df1242c45af7d972%2F18026590647324241718&i=21596&j=16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1704758695708&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1knb2z6rx3b5fpp5133929qty82ywnfz7sbj2em3nyh5qfnzhk1yyjzjjp4hks5exrb96c4ymzstysnfphrzb54q97znwch4n5rn300ffxb6zk7mxygrrb0bgtke7mrkhcp31nf2knfx1mwkq8q7jwmzda9savdx1evd7ag94w8cay585pz3dxp4vtgjqypjg7nbbjg6gnkntbxhftwxh6p4npns7q7j4pt92t0qrseww8c75t3czy43p8mda9r90jtc5qx10ej2mj4stf0c1zx2%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCKlsXpo2cZb6MFqj01PIP3IeCyAeQ4YGEXLaoworwAsCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi02MTIwODA1OTE3NjU1MTAwyAEJqQKHoCQ3TGKyPuACAKgDAcgDAqoEwgJP0JrNHWABItPN-wmKp0sjgVs4Y2iFXwya43DSK2NwRFJj70TllDapgqsRTQfUM0Oc6m4AeKCC783S-GHblV_71SwqYjlQ00ATw6wmwqMAS0TSgcy0pD98-cn80OBe22mcuMcJSRO5y3RZ6IhDobLsoBs5-_cdlZMfLJLzymzWdRbI5oR0DUh3AIaSI1n4kiTn8sRj05DBeqt_4T9xGmWVZJsLUewZhletNrcQ8W2cGhPDlLtpdlGld6NRgKQZfxghlxNyriqZqW4lRhAPOWsj8-I3PNqj4xMbVDlvxa4aGMmT5D_4AXTSUI6gUQqjdP_ULGUpr0ynsVzZaxCauY6RVqK8nKJYkC6USJmAUL1EOBv0KK17EaAbTJhRC2CczTY-dAWTUVJQL43_hGd4bmBJY_4HGByXx24lYdzMSuACtF2q4AQBgAaalv6x-5b39cgBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WLGvnYOBz4MD-gsCCAGADAHiDRMI3eedg4HPgwMVKDpVCB3cgwB50BUBgBcB%2526num%253D1%2526sig%253DAOD64_2FGGt69vZhY-aSs-IfNwungNBNSQ%2526client%253Dca-pub-6120805917655100%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d276da068fea1049fbb29d0aaeda5b9fa8a38e50b3f55741ffe2899cd52e6d5d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 00:04:55 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2907638
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400
content-length: 25413
cf-bgj: imgq:85,h2pri
last-modified: Wed, 06 Dec 2023 08:24:17 GMT
server: cloudflare
etag: "7e811696e8763f5dce86bbb648013620"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ge75Q9fp1kN8whOgsZL9194%2BdRqmXppMcnyuH6SiZISZvRRSghk7u1UNYzlmYZvNWT%2BZ9ME3%2F9OLnev1zDzGR4mtJ4AiZ78JlvoTNLMu92ZMHzew1ISeiSImF1tUs6ggakb82z1HxfjMXumN"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 84286cf8bddb9b1f-FRA

GET
H2

200

ztpv.php
www.conrad.de/ Frame 19D0
Redirect Chain

https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneiddk8aEfkf47VzcEHjHwtEtbXQfeS4T55PfgVPWoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0
https://www.conrad.de/ztpv.php?awc=11354_412871_1704758695_b86c9790-ae82-11ee-8694-226555b1c0ac&insert=AW&&gdpr=0&gdpr_consent=

0
494 B

102ms
36ms

Image
text/html

2606:4700::6813:afbe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.conrad.de/ztpv.php?awc=11354_412871_1704758695_b86c9790-ae82-11ee-8694-226555b1c0ac&insert=AW&&gdpr=0&gdpr_consent=

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=537178&b=dk8aEfkf47VzcEHjHwtEtbXQfeS4T55PfgVPW&f=KXRURfZfK8m6S5HMHktzCB2Gh7SAT88qcp25b&c=300&d=50&e=&g=2e75643854e1e629df1242c45af7d972%2F18026590647324241718&i=21596&j=16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1704758695708&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1knb2z6rx3b5fpp5133929qty82ywnfz7sbj2em3nyh5qfnzhk1yyjzjjp4hks5exrb96c4ymzstysnfphrzb54q97znwch4n5rn300ffxb6zk7mxygrrb0bgtke7mrkhcp31nf2knfx1mwkq8q7jwmzda9savdx1evd7ag94w8cay585pz3dxp4vtgjqypjg7nbbjg6gnkntbxhftwxh6p4npns7q7j4pt92t0qrseww8c75t3czy43p8mda9r90jtc5qx10ej2mj4stf0c1zx2%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCKlsXpo2cZb6MFqj01PIP3IeCyAeQ4YGEXLaoworwAsCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi02MTIwODA1OTE3NjU1MTAwyAEJqQKHoCQ3TGKyPuACAKgDAcgDAqoEwgJP0JrNHWABItPN-wmKp0sjgVs4Y2iFXwya43DSK2NwRFJj70TllDapgqsRTQfUM0Oc6m4AeKCC783S-GHblV_71SwqYjlQ00ATw6wmwqMAS0TSgcy0pD98-cn80OBe22mcuMcJSRO5y3RZ6IhDobLsoBs5-_cdlZMfLJLzymzWdRbI5oR0DUh3AIaSI1n4kiTn8sRj05DBeqt_4T9xGmWVZJsLUewZhletNrcQ8W2cGhPDlLtpdlGld6NRgKQZfxghlxNyriqZqW4lRhAPOWsj8-I3PNqj4xMbVDlvxa4aGMmT5D_4AXTSUI6gUQqjdP_ULGUpr0ynsVzZaxCauY6RVqK8nKJYkC6USJmAUL1EOBv0KK17EaAbTJhRC2CczTY-dAWTUVJQL43_hGd4bmBJY_4HGByXx24lYdzMSuACtF2q4AQBgAaalv6x-5b39cgBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WLGvnYOBz4MD-gsCCAGADAHiDRMI3eedg4HPgwMVKDpVCB3cgwB50BUBgBcB%2526num%253D1%2526sig%253DAOD64_2FGGt69vZhY-aSs-IfNwungNBNSQ%2526client%253Dca-pub-6120805917655100%2526adurl%253D&y=1&s=&z=0

Protocol

Server

2606:4700::6813:afbe , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 00:04:55 GMT
strict-transport-security: max-age=15552000
cf-ccp-worker: HTLPHandler-v1
server: cloudflare
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: no-cache
cf-ray: 84286cf988356949-FRA
content-length: 0
expires: -1

Redirect headers

Date: Tue, 09 Jan 2024 00:04:55 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location: https://www.conrad.de/ztpv.php?awc=11354_412871_1704758695_b86c9790-ae82-11ee-8694-226555b1c0ac&insert=AW&&gdpr=0&gdpr_consent=
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 0

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame A001 54 KB
19 KB 117ms
28ms Script
application/javascript 108.157.4.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=3641431&wgcampaignid=1384975&wgprogramid=286305&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1j411y9tk6a1c1ksvq6r4ven8e4pg5d06wwkeywekfk7cyjs9n7pxn10ftd7vkdj0b13e4fakbypa95mkzp31zfz4egbj6966ytjpg4dvja2vp1wg0jh8a1j7wrqwamb80fmp39chxkstv4g6q4sgfywhd5zg3z4a3xqtf7xbtsn1ffm1nqk24kkw67e1kcnrkesbn5x8q634ytkrs2a8pd0kc01vwvbdh5fd4etqgt2p3cktffzhbka9e89672347hg%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1kt46gd71yv7k4t1g4sxj9t8dv7gwtvyefckaynd2051dkevz8bq76jty6j2gb963tj8gtgpvp4e4yeymvsn0adg9zjgs32df1vs3ke6h03twbvtphyc9e7wg8xa9cb0hbvnt98adwvttb2b4azj0wb0968qfh66g98ct1qpcvm0sjm7rada544hegpvye66s0hydvmnnmfxfwz2q8t5p4n1y6cnv5r6m8ys59243mwjywy9arksdd0e0fsd7r3h36t0hjav8mtbrgksmzg77vjx%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCyWjypo2cZbyMFqj01PIP3IeCyAeQ4YGEXLaoworwAsCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi02MTIwODA1OTE3NjU1MTAwyAEJqQKHoCQ3TGKyPuACAKgDAcgDAqoEwQJP0DO2FEWyVTMkjpPTxxOp0BrqvcosurZiN1JsFAA0JOtxAlbG7Ept6tsQydxRhH-Sdc6Xu5vd_vj-XEcr-wroylCTe3LwXD1NDECygw2P_EtIXbgeDXbQ90bedK29vf9v3DDbsdQ6EIydeXkoAx47DmwxIcEUWHH8_AOtk50Pybs93Ha32ilHw7fRswvVcvukxNxsGnvFWChZthho6SRsB-ab3mZYgLL18fWlHCtjsq_mU39ec-Ryqv-H3GQEjnP31WBJdXoKwMmOv-NibH8kefOKyWZzGKiw_sjXbTnNm0wEztKA_-kmjUYnvRQAlXlptqAr2TCk8t9_4sm8spkpzPhOTBaK8G3bT2YljEw8pLH6SuA80EXv2NZ2kbivD2fhOZDmrGSYnqDMnqH3jTIrMIoSyX6WMh8KFrDAEyW3jI3gBAGABrnqssHX0466vgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYsa-dg4HPgwP6CwIIAYAMAeINEwjb552Dgc-DAxUoOlUIHdyDAHnQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_3K4XSIv_PnvURJgKjQ-rhqoh_Nnw%252526client%25253Dca-pub-6120805917655100%252526adurl%25253D&clickref=oneidWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8Woneid__suite_Netmix_Reach121_BESTPERFORMER&viewref=oneid3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3oneid__suite_Netmix_Reach121_BESTPERFORMER
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-70.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1ad467d0d2ceeb88d150d04d88dab155ead3a4e12dd80982ef45ed605842b552

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 06:33:50 GMT
content-encoding: gzip
via: 1.1 6eb77e673c2aa566dbadbc817458b976.cloudfront.net (CloudFront)
last-modified: Fri, 05 Jan 2024 10:01:16 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-P2
age: 63067
x-amz-server-side-encryption: AES256
etag: W/"624072fcf9e7c9c12da505b4794801fc"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: RAfB9s_m7M3XPrkVoOnC83KON11EusqLJPHL8f85q7SSB3r7AZSMkQ==

GET
H2 200 1619604937_fPkEZHu3MNy3GC7XuV3lA1s9E5XlSAcF.png
cdn.track.production.webgains.team/286305/ Frame A001 15 KB
15 KB 92ms
28ms Image
image/png 18.154.63.65
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.track.production.webgains.team/286305/1619604937_fPkEZHu3MNy3GC7XuV3lA1s9E5XlSAcF.png?Expires=1704758995&Signature=o4JHEloo3BspDxBnwaMEdCDqp-8Z~wySZeKbO-A4WDpCW4uChlQtvKWsRFMj8za9LR300ISjn9CyL~ojz8EsNW6fCzk0xiYXAAD3oS2IiNNIGtBLhoVx4ZF7qxxmEIj7WHW~l2j4QjWHNRMDxC5r1QzConC-oFGOHroBHTWcOM-agZzPTbPmBRw6V8JHIsN51MHcVrqk3oZ2K~8qeSen6x0OtLsZIkpqMqpV1jIboBGHJsarn5O1IusYbKh0iJlT3osWGsTvjyTFOTgTqvd8kbxorw1RRsrO0dNgKmy2WkzzSnSmzABLmgOfKwXly3IcR6Cl~OhaucUy~IZVnNTLAA__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43766%2C19769%2C197862&b=791CqfzfGk6urHXHgtAtWJBH4S1TQQ2f2kBW%2Cjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2C3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3&f=EDbhDfEfRDqFzHAHjt6C3BqfKSVTYYgSBgdP%2CxmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W&c=728&d=90&e=&g=c5fa743b39a02594cbcc60731a801ec0%2F8878562932021235608&i=24891%2C21630%2C71725&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1704758695597&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kt46gd71yv7k4t1g4sxj9t8dv7gwtvyefckaynd2051dkevz8bq76jty6j2gb963tj8gtgpvp4e4yeymvsn0adg9zjgs32df1vs3ke6h03twbvtphyc9e7wg8xa9cb0hbvnt98adwvttb2b4azj0wb0968qfh66g98ct1qpcvm0sjm7rada544hegpvye66s0hydvmnnmfxfwz2q8t5p4n1y6cnv5r6m8ys59243mwjywy9arksdd0e0fsd7r3h36t0hjav8mtbrgksmzg77vjx%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCyWjypo2cZbyMFqj01PIP3IeCyAeQ4YGEXLaoworwAsCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi02MTIwODA1OTE3NjU1MTAwyAEJqQKHoCQ3TGKyPuACAKgDAcgDAqoEwQJP0DO2FEWyVTMkjpPTxxOp0BrqvcosurZiN1JsFAA0JOtxAlbG7Ept6tsQydxRhH-Sdc6Xu5vd_vj-XEcr-wroylCTe3LwXD1NDECygw2P_EtIXbgeDXbQ90bedK29vf9v3DDbsdQ6EIydeXkoAx47DmwxIcEUWHH8_AOtk50Pybs93Ha32ilHw7fRswvVcvukxNxsGnvFWChZthho6SRsB-ab3mZYgLL18fWlHCtjsq_mU39ec-Ryqv-H3GQEjnP31WBJdXoKwMmOv-NibH8kefOKyWZzGKiw_sjXbTnNm0wEztKA_-kmjUYnvRQAlXlptqAr2TCk8t9_4sm8spkpzPhOTBaK8G3bT2YljEw8pLH6SuA80EXv2NZ2kbivD2fhOZDmrGSYnqDMnqH3jTIrMIoSyX6WMh8KFrDAEyW3jI3gBAGABrnqssHX0466vgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYsa-dg4HPgwP6CwIIAYAMAeINEwjb552Dgc-DAxUoOlUIHdyDAHnQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3K4XSIv_PnvURJgKjQ-rhqoh_Nnw%2526client%253Dca-pub-6120805917655100%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.154.63.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-154-63-65.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 60bf02832688d14251ec1c7b8acfda233a91f927f26c7202bdaba781a1f0fcdf

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id: null
date: Mon, 08 Jan 2024 08:06:07 GMT
via: 1.1 ea3d06e94081b5e61e2cf220951142d0.cloudfront.net (CloudFront)
last-modified: Fri, 06 May 2022 10:41:35 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-P4
age: 70266
etag: "d4e8f970f24f6d19b53aa92b1907c1ef"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 15054
x-amz-cf-id: c_T_eH7fle_jZ3SoP7-P1LnPBtc3vPk4WRoR52GutLKAMvazGhrboQ==

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 80ms
59ms XHR
application/json 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202401020101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ad4c17d0bd42984c54bc81a472770359a0e7719ae9b6db0a7aa92155a66bd47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.melhoresdestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 00:04:56 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12296
x-xss-protection: 0

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame A001 16 B
209 B 77ms
76ms Fetch
application/json 3.9.60.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.9.60.26 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-9-60-26.eu-west-2.compute.amazonaws.com

Software

nginx / PHP/8.1.14

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 09 Jan 2024 00:04:57 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/8.1.14
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 180ms
39ms Preflight 3.9.60.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.9.60.26 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-9-60-26.eu-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Tue, 09 Jan 2024 00:04:56 GMT
server: nginx

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.melhoresdestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 00:04:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 09 Jan 2024 00:04:56 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 2696 13 KB
5 KB 21ms
20ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.melhoresdestinos.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 6294
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 08 Jan 2024 22:20:02 GMT
expires: Tue, 07 Jan 2025 22:20:02 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 9E3E 829 B
560 B 33ms
32ms Document
text/html 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

34fe85d9d8b594ccc87bf566b188442fd7261fa3798ef5f2432a7aaeff16ed2a

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-NecyDmHX6oJLbPbhlMwDZA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.melhoresdestinos.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-NecyDmHX6oJLbPbhlMwDZA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 09 Jan 2024 00:04:56 GMT
expires: Tue, 09 Jan 2024 00:04:56 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js Show response
pagead2.googlesyndication.com/bg/ Frame 2696 39 KB
15 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30216b447644d7908a8ef33a44bc268e0b88ee6aa1d379b9e80ee803d189362f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 19:52:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15136
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15229
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 11:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 07 Jan 2025 19:52:41 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 9E3E 0
0 56ms
56ms Image
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202401020101&jk=3553409751408144&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 2696 0
10 B 20ms
20ms Image
text/plain 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?uWexxw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 00:04:57 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 56ms
55ms Image
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202401020101&jk=3553409751408144&bg=!qKulq-TNAAaumcC-jpk7ADQBe5WfOIlsvW2uiwEsFBXE7b8GECDcs8TVUrGUU0vEKTUJBRNPDlaCW3Z-b0WmF_7CN4_TAgAAADNSAAAAAmgBBwoAvffk4giDDkuKTDxB-AY_03We4oe-wF9MD0qR7rJCZS5uoiIv3AWSUAqCNGmMJcDwsyGJ6TK5lIjSOH5-wiY4f75f8Kt7JneOt66RmtrE4ePntJdMfjQfnMv-HN2XvQ6q5Wua9FbWnLd3f_w_Xf1qh-Yzd706cwAkCNKJpJSgmgYijgbgvCpMalFucn8Buzs1cpCIEmNr6y24UisWepbzHYOLG1WawhjUC7qf4SdvEx0eaQ5gITastTG-F_1jiZkCx1r4c2MwnXKtO2FluNT43aH1LB0wu8e-tqJIdMda0KgB9wzIBN21kEpwRzFodkmOr-5Sni_jvrUgHdGwMS4nmXAJePcSir51M09iZpM9P678IPSxiHv1GfAKCTHhig96S14FH_rrbW8oXZmzc3lEJ_Mqx2RJCrapzRAhrSV_nVHRYt78bm0RcJkTewL0uU3oOeg50x1pW8vqXGCaw16AsF-VjzesJMYMrbn9QbsuJMimjvgvp5SkLw-0syYc-MFvvJg488f4HIxhwHd32q_bnvv9UdhxVAITv6F2ag8uuui0w5xPdg98VbAP95wV_Y7eSpc9Yzn6RxEzAFl5Zu80zrRd61BHbeA7ehg0TSmFdbE0-UvpkSr32RppCE8ZSwvkHJmFR6uakN4y4LUAsG6ugAO04tva7TxV9TbltsLiXv_ffKNu-98jukhPLgQsbM07bUDI9PNu9Tulp1Ey3PL7UrZghXb0fWZYsJ-BstWCxkCbuhmhuXIYnJyUi2q8XBMdtYkDOF5yDkIfKC9o9CF1jSLYvA_u_YtHDJ15jRvq8_YSr-GcgHT-vY7Qq2E5QuMfMkYW7KEwNmv8hB4_1yySZX_rZH9Mwer6kEsRkrynDYTjGLrAh27QSVNmEhBJGaJO3JAFzOasFvs3yh7sNxCWt0BGd5bb2irD0dK6nYpVrmLZ1_A8SqDLoP4N6klj3hSfQP1lwBmR7F6VFCJCXR4u49GyZj2VnFt47x6aLRMb0qFnVZMBlJznZ69ysdKynzz-mzuOqNZoJ-T2hqu1a-9lt2YNNcns4TPBwQE1yYJzfVyPjRruliEQpEmJ6w6-FGbJDNfXFIBN0zp6EzhPhBhTVj4-brua855DN4-4jnnOf0FtEO7AoUvDu5DxESk6Z9eg6wJgOgpfQnjOu1YBk70gTelOkMVzyyHKEZis7v1CenIgDaJoTKqgnQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.melhoresdestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

GET
H2 200 css2
fonts.googleapis.com/ 23 KB
2 KB 22ms
22ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Open+Sans%3Aital%2Cwght%400%2C400%3B0%2C500%3B0%2C600%3B0%2C700&display=swap

Requested by

Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/4.1dae6b4d.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

99bdc3030ab24bec7fc060cd879c6239fff557d3c3bc9e1d170e05f1b5e8e46b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.melhoresdestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 09 Jan 2024 00:05:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 09 Jan 2024 00:05:00 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 09 Jan 2024 00:05:00 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 47 KB
47 KB 17ms
16ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans%3Aital%2Cwght%400%2C400%3B0%2C500%3B0%2C600%3B0%2C700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.melhoresdestinos.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 06:01:29 GMT
x-content-type-options: nosniff
age: 410611
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48236
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 03 Jan 2025 06:01:29 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 47 KB
47 KB 34ms
33ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans%3Aital%2Cwght%400%2C400%3B0%2C500%3B0%2C600%3B0%2C700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.melhoresdestinos.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 06:01:29 GMT
x-content-type-options: nosniff
age: 410611
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48236
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 03 Jan 2025 06:01:29 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 47 KB
47 KB 63ms
62ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans%3Aital%2Cwght%400%2C400%3B0%2C500%3B0%2C600%3B0%2C700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.melhoresdestinos.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 06:01:29 GMT
x-content-type-options: nosniff
age: 410611
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48236
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 03 Jan 2025 06:01:29 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 47 KB
47 KB 70ms
70ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans%3Aital%2Cwght%400%2C400%3B0%2C500%3B0%2C600%3B0%2C700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.melhoresdestinos.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 06:01:29 GMT
x-content-type-options: nosniff
age: 410611
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48236
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 03 Jan 2025 06:01:29 GMT

GET
H2 200 cb0a60e71bb3c778438b4cda988e3569-yesno.json Show response
a.omappapi.com/app/campaign-views/878e4756ab9c/rlrkk9crwkdbltpbisrj/ 31 KB
6 KB 63ms
19ms XHR
application/json 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/campaign-views/878e4756ab9c/rlrkk9crwkdbltpbisrj/cb0a60e71bb3c778438b4cda988e3569-yesno.json
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1081 /
Resource Hash: 79aef46dd26db1623d14b458567d910fbf231f433466f4895e82b818449e55cf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.melhoresdestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 00:05:01 GMT
content-encoding: br
cdn-edgestorageid: 1080
perma-cache: HIT
cdn-storageserver: DE-680
cdn-cachedat: 01/08/2024 14:08:07
cdn-pullzone: 293267
last-modified: Wed, 09 Aug 2023 17:06:59 GMT
server: BunnyCDN-DE1-1081
cdn-fileserver: 588
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"64d3c7b3-7c12"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: 8585fbb9a66696fbb3aff82491e9e2b4
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 9b124e3998e41626204047-grow-email-icon.png
a.omappapi.com/users/48de4f9d6140/images/ 3 KB
3 KB 16ms
16ms Image
image/webp 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.omappapi.com/users/48de4f9d6140/images/9b124e3998e41626204047-grow-email-icon.png?width=127
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1081 /
Resource Hash: e0466ae1a6776d9fb9f0256a9d6813c1f10ab2eda313884c401f72fb03fce25d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.melhoresdestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 00:05:01 GMT
cdn-edgestorageid: 1082
perma-cache: HIT
cdn-storageserver: DE-588
cdn-cachedat: 01/08/2024 14:08:07
cdn-pullzone: 293267
content-length: 2702
last-modified: Fri, 19 May 2023 21:17:59 GMT
server: BunnyCDN-DE1-1081
cdn-fileserver: 382
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: "6467e787-a8e"
content-type: image/webp
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: 7b72b1a32ec59c16f5c8dcd9cd21b4e7
accept-ranges: bytes
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 9b124e3998e41626204047-grow-email-icon.png
a.omappapi.com/users/48de4f9d6140/images/ 3 KB
3 KB 10ms
10ms Image
image/webp 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.omappapi.com/users/48de4f9d6140/images/9b124e3998e41626204047-grow-email-icon.png?width=127
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/4.1dae6b4d.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1081 /
Resource Hash: e0466ae1a6776d9fb9f0256a9d6813c1f10ab2eda313884c401f72fb03fce25d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.melhoresdestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 00:05:01 GMT
cdn-edgestorageid: 1082
perma-cache: HIT
cdn-storageserver: DE-588
cdn-cachedat: 01/08/2024 14:08:07
cdn-pullzone: 293267
content-length: 2702
last-modified: Fri, 19 May 2023 21:17:59 GMT
server: BunnyCDN-DE1-1081
cdn-fileserver: 382
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: "6467e787-a8e"
content-type: image/webp
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: cca9ab49fa430c916ab869a408c0775e
accept-ranges: bytes
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET i
z.omappapi.com/v3/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: z.omappapi.com
URL: https://z.omappapi.com/v3/i?aid=24907&cid=rlrkk9crwkdbltpbisrj&sid=582061345ceb3&rt=false&dv=desktop&cty=popup&url=&v=5

Verdicts & Comments Add Verdict or Comment

100 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

37 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.ad4m.at/cookie-frame.html	1970-01-20 18:15:50	Name: userId Value: 0eZ7rqYSEuTniVN6qElPRaLtxI8rzJlg
www.melhoresdestinos.com.br/	1970-01-20 17:42:43	Name: __goc_session__ Value: tdoqrisuhdrepjsdwnqcosjbherxcplu
.melhoresdestinos.com.br/	1970-01-20 19:42:14	Name: _gcl_au Value: 1.1.1643858780.1704758694
.melhoresdestinos.com.br/	1970-01-21 03:08:38	Name: _ga_D82YD414R1 Value: GS1.1.1704758694.1.0.1704758694.60.0.0
.melhoresdestinos.com.br/	1970-01-21 03:08:38	Name: _ga Value: GA1.1.1913333112.1704758694
.doubleclick.net/	1970-01-21 02:54:14	Name: IDE Value: AHWqTUlRHixrBtzx-eGmtUegQfYHdRLLC17ERZnweAMcXWzJu866i7kXhNOM_N4ZxHc
.melhoresdestinos.com.br/	1970-01-21 02:54:14	Name: __gads Value: ID=ecb968a085d7ec2c:T=1704758694:RT=1704758694:S=ALNI_MZ7IJCz4f_XWtLMALFFkE4szBjJhQ
.melhoresdestinos.com.br/	1970-01-21 02:54:14	Name: __gpi Value: UID=00000d3d982817f0:T=1704758694:RT=1704758694:S=ALNI_MYClkY8hJ_-WMurIyI6OK-Carh45Q
.3lift.com/	1970-01-20 19:42:14	Name: tluid Value: 3052389932564082064261
.blismedia.com/	1970-01-21 02:18:18	Name: b Value: 659C8DA7E0C6D0E0F3BF6569BLIS
.simpli.fi/	1970-01-21 02:19:41	Name: suid Value: F9D91BD4AC174CAB98BE824B1E6736E2
.turn.com/	1970-01-20 21:51:50	Name: uid Value: 8542940437808847841
.adfarm1.adition.com/	1970-01-20 19:42:14	Name: UserID1 Value: 7321882842606073998
.travelaudience.com/	1970-01-21 03:04:19	Name: _tracker Value: %7B%22UUID%22%3A%22C2CFAD88-DCF6-4F08-299A-6C8F970546A0%22%7D
.awin1.com/	1970-01-20 17:35:31	Name: awpv20044 Value: 412871\|1704758695\|b8316350-ae82-11ee-8694-226555b1c0ac
www.melhoresdestinos.com.br/	1970-01-21 03:08:38	Name: _omappvp Value: 5A0QbnFUKEC6HRjcsYCGLA37wfaLCQOB8Cem3TUxfFXA9P8waxkXEl7SQn7gkZ9OxC6Xn6KezBic7FQB5ssfcrHcbnMQwZJk
www.melhoresdestinos.com.br/	1970-01-20 17:32:39	Name: _omappvs Value: 1704758695455
.w55c.net/	1970-01-21 03:04:19	Name: wfivefivec Value: mDutvPm91RmZBZ5
.melhoresdestinos.com.br/	1969-12-31 23:59:59	Name: _ce.irv Value: new
.melhoresdestinos.com.br/	1969-12-31 23:59:59	Name: cebs Value: 1
.1rx.io/	1970-01-21 02:18:14	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-75528251-5580-4c5c-ad72-008d2bfc7d89-003%22%7D
.doubleclick.net/	1970-01-20 21:51:50	Name: APC Value: AfxxVi5QMz-9LQP7Ty9b_8eZQRqLP-4HaEzXBdo5B739XaG4u0oIGw
.yahoo.com/	1970-01-21 02:18:36	Name: A3 Value: d=AQABBKeNnGUCEBWi5Fmb5fwzMPUM1YhKY3IFEgEBAQHfnWWmZQAAAAAA_eMAAA&S=AQAAAqSNB5RTVBn4cFIfWTW5RO4
.w55c.net/	1970-01-20 18:15:50	Name: matchgoogle Value: 5
.awin1.com/	1970-01-20 17:42:43	Name: awpv11938 Value: 412871\|1704758695\|b83ed0d0-ae82-11ee-86b5-22356fe9f584
.melhoresdestinos.com.br/	1970-01-20 17:34:05	Name: _ce.clock_event Value: 1
.targeting.unrulymedia.com/	1970-01-21 02:18:14	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-75528251-5580-4c5c-ad72-008d2bfc7d89-003%22%7D
.congstar.de/	1970-01-20 17:42:47	Name: staticentry Value: %7B%22spfr%22%3A%22412871%22%2C%22awc%22%3A%2211938_412871_1704758695_b83ed0d0-ae82-11ee-86b5-22356fe9f584%22%2C%22sp%22%3A%22awin%22%7D
.melhoresdestinos.com.br/	1970-01-20 17:34:05	Name: _ce.clock_data Value: 24%2C81.95.5.40%2C1%2C746ded226cc656dc46dc973a01bf1b48
.melhoresdestinos.com.br/	1969-12-31 23:59:59	Name: cebsp_ Value: 1
.melhoresdestinos.com.br/	1970-01-21 02:18:14	Name: _ce.s Value: v~3150712bdab9b9d5eeea47a27c3866a2c22f0954~lcw~1704758695705~lva~1704758695467~vpv~0~v11.cs~276365~v11.s~b85b8090-ae82-11ee-8506-adb1b2a12669~lcw~1704758695706
.awin1.com/	1970-01-20 17:35:31	Name: awpv14702 Value: 412871\|1704758695\|b85ba7a1-ae82-11ee-86b5-22356fe9f584
.awin1.com/	1970-01-20 17:36:57	Name: awpv11354 Value: 412871\|1704758695\|b86c9790-ae82-11ee-8694-226555b1c0ac
.awin1.com/	1969-12-31 23:59:59	Name: AWSESS Value: 377129:2470185
www.conrad.de/	1970-01-20 17:36:57	Name: HTLP_timestamp Value: 1704758695934
www.conrad.de/	1970-01-20 17:36:57	Name: CEAffHA Value: YD
.www.conrad.de/	1970-01-20 17:32:40	Name: __cf_bm Value: BahrmUq6zq4SebteKYCraU3nnlSYMMXb2_wUuvky3BQ-1704758695-1-Ab3L0F/XMYxRGK5LWJVxqU8wgeN8OLvHOq9ciYcBlW9hFAeWD6bdcjqCu3o4+831HGxlaPeoiIX8YCwVqmq+Nus=

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
network	error	URL: https://track.webgains.com/link.html?wglinkid=3118461&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1hk50bmtbwfkje3hetbmtg16h0adnmw9gbkmt63bbzf7p2ja6ckf6ed2q7hxgrbk0027kn0z6f03hvhtj8p3ey50c4hk3twwr1z4qsa5gz3z829v9w1py25vm81br0he3vazn0553nwczbfm1mwpsxn8a0bfdmrb7pnwf8f3en42g5ftc4gzqwb42774w0ay5q8b88mpznqv0h00jj4jxt8xj4aez2x156vy6cf1110kamdghys7v9y4jbfa8mktem%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1kt46gd71yv7k4t1g4sxj9t8dv7gwtvyefckaynd2051dkevz8bq76jty6j2gb963tj8gtgpvp4e4yeymvsn0adg9zjgs32df1vs3ke6h03twbvtphyc9e7wg8xa9cb0hbvnt98adwvttb2b4azj0wb0968qfh66g98ct1qpcvm0sjm7rada544hegpvye66s0hydvmnnmfxfwz2q8t5p4n1y6cnv5r6m8ys59243mwjywy9arksdd0e0fsd7r3h36t0hjav8mtbrgksmzg77vjx%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCyWjypo2cZbyMFqj01PIP3IeCyAeQ4YGEXLaoworwAsCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi02MTIwODA1OTE3NjU1MTAwyAEJqQKHoCQ3TGKyPuACAKgDAcgDAqoEwQJP0DO2FEWyVTMkjpPTxxOp0BrqvcosurZiN1JsFAA0JOtxAlbG7Ept6tsQydxRhH-Sdc6Xu5vd_vj-XEcr-wroylCTe3LwXD1NDECygw2P_EtIXbgeDXbQ90bedK29vf9v3DDbsdQ6EIydeXkoAx47DmwxIcEUWHH8_AOtk50Pybs93Ha32ilHw7fRswvVcvukxNxsGnvFWChZthho6SRsB-ab3mZYgLL18fWlHCtjsq_mU39ec-Ryqv-H3GQEjnP31WBJdXoKwMmOv-NibH8kefOKyWZzGKiw_sjXbTnNm0wEztKA_-kmjUYnvRQAlXlptqAr2TCk8t9_4sm8spkpzPhOTBaK8G3bT2YljEw8pLH6SuA80EXv2NZ2kbivD2fhOZDmrGSYnqDMnqH3jTIrMIoSyX6WMh8KFrDAEyW3jI3gBAGABrnqssHX0466vgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYsa-dg4HPgwP6CwIIAYAMAeINEwjb552Dgc-DAxUoOlUIHdyDAHnQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_3K4XSIv_PnvURJgKjQ-rhqoh_Nnw%252526client%25253Dca-pub-6120805917655100%252526adurl%25253D&clickref=oneidEDbhDfEfRDqFzHAHjt6C3BqfKSVTYYgSBgdPoneid__suite_Netmix_Reach121_BESTPERFORMER&viewref=oneid791CqfzfGk6urHXHgtAtWJBH4S1TQQ2f2kBWoneid__suite_Netmix_Reach121_BESTPERFORMER Message: Failed to load resource: the server responded with a status of 429 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5bfac1e78d50b6cac8dac9b8d2dd593c.safeframe.googlesyndication.com
a.omappapi.com
ad.doubleclick.net
ad.turn.com
ad4m.at
ads.travelaudience.com
analytics.webgains.io
api.omappapi.com
api.webgains.io
as.ad4m.at
assets-tracking.crazyegg.com
assets.ad4m.at
banner.congstar.de
cdn.ampproject.org
cdn.track.production.webgains.team
cm.g.doubleclick.net
dis.criteo.com
dsp.adfarm1.adition.com
eb2.3lift.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
image6.pubmatic.com
imgmd.net
in.getclicky.com
melhoresdestinos.disqus.com
onetag-sys.com
pagead2.googlesyndication.com
pagestates-tracking.crazyegg.com
passagensaereas.melhoresdestinos.com.br
pm.w55c.net
pr-bh.ybp.yahoo.com
prod-rtb.ad4mat.net
pv.medialead.de
r.turn.com
region1.analytics.google.com
s.ad.smaato.net
s.w.org
sb.scorecardresearch.com
script.crazyegg.com
securepubads.g.doubleclick.net
static-de.ad4mat.net
static.getclicky.com
stats.g.doubleclick.net
sync.1rx.io
sync.targeting.unrulymedia.com
tpc.googlesyndication.com
tr.blismedia.com
track.webgains.com
tracking.crazyegg.com
um.simpli.fi
www.awin1.com
www.conrad.de
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.melhoresdestinos.com.br
x.bidswitch.net
z.omappapi.com
z.omappapi.com
108.157.4.70
13.40.252.97
142.250.184.198
170.82.173.15
170.82.174.10
170.82.174.15
172.217.18.2
178.250.1.9
18.154.63.65
18.245.60.72
18.66.248.28
18.66.248.37
18.66.248.83
192.0.77.48
198.47.127.19
199.232.192.134
2001:4860:4802:32::36
2001:4860:4802:36::15
2001:678:cb4:bbbb::11
23.199.221.167
2400:52e0:1e00::1081:1
2600:1901:0:76b9::
2600:9000:224a:ce00:1b:5138:8a40:93a1
2606:4700:20::681a:61b
2606:4700:20::681a:ad1
2606:4700:20::ac43:4a81
2606:4700::6811:626c
2606:4700::6813:9408
2606:4700::6813:afbe
2a00:1450:4001:801::2001
2a00:1450:4001:806::2004
2a00:1450:4001:806::200a
2a00:1450:4001:80f::200e
2a00:1450:4001:813::2003
2a00:1450:4001:81c::2001
2a00:1450:4001:828::2002
2a00:1450:4001:82b::2008
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2001
2a00:1450:4001:830::2002
2a00:1450:400c:c0c::9c
2a05:d018:d29:3605:e2f5:bbf4:bb4e:a1d2
3.76.149.124
3.9.60.26
34.253.106.93
34.96.105.8
35.157.107.95
35.190.0.66
35.204.158.49
46.228.174.117
51.89.9.252
76.223.111.18
85.114.159.93
87.118.116.9
91.121.248.44
0241f000f7b3a725165ba6e53d133cd14708b3697f7d6d54b697b310a2288efd
041b18b7599ef1518a03208fc411d23fb51ae9fb07e88dc07a77def6417f44b6
0423b55445020d5ff4daba96c2b325caac0bf64e68cf7087977e8488cf2bb3d5
0604df2f4dcbfce787d161cdec2104507c723ebcc97e9767d2fd373e716a02f0
07bd2e868d32456709e646d24236c7e8bd3c1a453258c89597772a53eae52799
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
0a5bff4a8a01dfc05f33cb289e65dc7e09d86ccccd605bf9ec9fed6295417cc1
0ad4c17d0bd42984c54bc81a472770359a0e7719ae9b6db0a7aa92155a66bd47
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d6c2aa0a446364169fba9251e31da41e2f618a09e3cceae2fccd617508e372f
0db16c25165bfd35ea9114187f3e97d7084a33135cb56fe276f6cdd2ab675647
111b8c7024b5083e1a74f8664d2bbc73719c5ff90e5facb30551a18148c4fbbe
1126261762db36bce53560ac36f5ede1954662d33a6d6eeb62d84b715070e7bc
1402250a32876b715644be2ff7bb1562bf73c0fdc0c8a53754fe4fbfc425762a
18ebc36644e10f87e20812c15e329c1b25848c62cd6cdfe74427cdf8995bc3a9
19993270973a1eb5c2d0c24d930480d169e55924fbf99dee40e774ecb80cd887
1ad467d0d2ceeb88d150d04d88dab155ead3a4e12dd80982ef45ed605842b552
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432
21111013521ce045115ade20ed1b0ac09b102688f010ecf84bb7f3f53574456c
222c06840cfe4613f269ce596f50ab918f5ec2f14d8d39e5e857e955722dbd01
23fc33aba2893547f5de3696974d9a00debef206f738a3f8ff3e81caad3dce16
242f284b8dc10f2076ad6f016fea39fa9213b53e00a548a32fe5f0b60b8ed1b9
263c3a799ea39e2db3c3347bab23a9f98990d9d9633d2d8b833d8766c3dc2b36
29bb0bbe4b14408e5e75fe0ca47af57beab8f3baabde7b74646bdd216edfe3a7
2a6a517e5a00a172a46f4949d3176e148657c2205da99e98533cb60f4cb62e63
2a9e1eedba53e281f772796dd83eb2280b1a1c1c1c9ebd114d5bb7499fde7bdc
2bb98b92ff1f00dc7e58f86b35993849ac27f95351a9f7cc561df24c916da282
2bc8ef30f6d402126a93f7f2f36753e90c569a1a356905952d0e8e2a4935adbd
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f764c969a82705ba7838239087f5ff9b33e978b6bae2657e299b6b14c30ad7f
30216b447644d7908a8ef33a44bc268e0b88ee6aa1d379b9e80ee803d189362f
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875
34fe85d9d8b594ccc87bf566b188442fd7261fa3798ef5f2432a7aaeff16ed2a
35d0e4d7124d5f988da2c19707b2c5bf73b40f1aec7802a9b532c39a2d23f787
3907cc5ed9d4a0cdb316d069614220b55fccd5624ac173592a7a4c2c3aae0636
39114c025a3e271277ce33529d0d1329690c44e2247460809109dbb1492bb0b6
3a58de8d9c7b24b39cfd318f36cf8ac8e2eb491829df30979155028a448fa254
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
3dd5bb9fda081a3cb1bd6d513edb1a71746031bec07d8c646abe5813ba9dd4c4
3e8f163d5037ff5c937e1e211ec4e7668b365c0ba4d408d1d6c7a3bebcaddbb4
428f350bd53281aeb92b949ccc048356f66823858401537ef57c712bf179fe3e
44cb18486c627b7e38f3d6fd9bb5c3609ef8193d66046933230ec104420bf314
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4adfe4ec2503e63e6c2272bccecfcb813579ae261765f93a32a7edc7ab7914f7
4cc96468621acfdc7ff7744414fa46a1f1b0f4acbfdbdb06c03cd035f53a2600
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
516f5e4c2dc5c69f3e1707e76695f866f8e62468aca15c1a9ddb165eb684f6f0
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
5405f21fd05a73a76a85b2021b366df4dcd00dd93ad956d671776622ea5e1ffc
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54e6e8bbe43012e803c5a20496abbe9ab8f670076b49a9bbdc3940e53e3a45fc
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55b0facbbd33cdcaec7bf4b9581c54b17dce86b509d3bec0d62cf495d8389d55
574f09eef32236ecab7df1b0321e48ac73438105c06cc10fa909e6e3fc7f1e6c
585d4cbba6fbfd975e2e8bb35ca15af345b9e68bfb6ad54d0dd3b0eb58a04b84
5bfaa69a85765333493cbb461e93053e387089835ab111e00a82447fc5961eb4
5c756ba00bc22ff5690e08fc74aa2c70cde9b692a4acb7ca813a9dc7168c27d5
5c8aaf3a0a4a9840eef8109904bf9d8ca3cf0933567fc63c82f239b7bd344ce3
5d1f34f036a2ecabf25f8fa9b21215f08120283353f3b7d604b12faebde4d728
5d802eb06232195d9320d35faad7f61141e7ef0c773eacd029f761d64967a938
5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393
60bf02832688d14251ec1c7b8acfda233a91f927f26c7202bdaba781a1f0fcdf
6150b7f1f2b4e52b25a34140eb1752b1cfe19a7bb05edff4a361f403208d1df9
617175475dd7762c2557066f330446636c982b371b142462cf7b4cd7c395f79a
6181ecb856d3ae3ec3172cce0780474ff47156fc6e82367f569662facf351e22
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6507a044d207a767ec2971e891b149b58d6d32a6ee1b18068a6d6dd36bc5fa9a
652149336fb77614fab10c0d82de895a08f12f286f9e27913f4e5bf63b2c04d6
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
66f9d950743622451df5970b7aaa9e9307c036c5616581250558b8c600956b4b
69ccdd447bc1d155946f97677fe8eae7b918cbc5da19ca3be25703008c4896e8
705ee29a691cf7c27076f9f7d2115a820f537ef83bb852a7894134b2c73e4af4
71a3c2fff169fa7423b679691f2b103dd20446b1384852e1c8b2481c1d15fcfb
73de04e024e0e8d40f62ee75e433b7906f23094ece20aacbd2015c0c000d5a62
744b436600cd35e7898be8843c04c1115c45bf08143d085ac149e8c4f8151e3d
745b79544835c8ee16198c039bdde0b6ec42333c0f830df5770bd4dcd60a6ac6
761568e43b7654d306e7fb7a1edbe1ba6336b0e20f68c14eb9dc74b104838142
775756b9835fbe95c96fdb3ac527b7a4142efeb50d97842c25b1444409dce482
78d3c2876aac4b579ee6f4342257b98eed49dab231dd3400ee199eb6b31d6084
7926afc46adb0fc7f96fefcb624f9fef65b163cbb70e289755785c133fc5c1a5
79aef46dd26db1623d14b458567d910fbf231f433466f4895e82b818449e55cf
7bb2a9b0b57103bb573bb91e43ef305d3b9fe7bf80a61adf26234f17bc32c5f5
7df956c080a1bb3ed36decdc5b978505ddf07aa8d4b1b69e6ded3a9773464a2b
823e092e7558a171e4799ef9e8aa1d42a523a581d8cfa246c5d611cfc188cb85
830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83c03c13ae512aeaf45b9a54c62dad09b5d833edae4f2459d3f71f2a3f2744aa
8538fa1e11fa1334100b86b0c251b8ffa0b51f5db3e732c23963053686a93dc7
86551808dbfbf8bc9b23ab3d0725794c2e1f2b4265c96715f2945638160edc2b
873e5c46cc8ce0b17fbe1f11dd95e9f15dbfa715e3e407d97f31611b5a460d8d
8ad9a6bcdc20b0bb29576b861332e7b11719bd11af68024d7676724574070f05
8d7293476de0d15a9417a6f896f642845e90a174c74455e095f5f9a69768b51c
8dd79b81222f1ab95a34a5e4ab4dd0c0bd6364038ca0c0ed2b90547f4c1d032f
8f927cd54d7ef0ffd667f6537f9a9f3ef56fd8f86b32c8dfd534c29da2f2242a
978277c7385002bbd8eca4f51d7bdac7424ef8c6d267066e36b018b25bf88f7a
99bdc3030ab24bec7fc060cd879c6239fff557d3c3bc9e1d170e05f1b5e8e46b
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9ee6d0fbf3e9c4e3fcf901eb693b20a19ce0f26cac736921a15e8423b91bda82
a0746aee5a2b0032d3d664b8383d97bb3e1f0dce11ececfa1258072a704b1a72
a93653f7ddd0ae1176ac8871a71881b7c7118f5204b9023b7600be8095fd5607
a9e1acfa4849788483f1c004dbb01378a5a163076dc0d9ce939528b14e010006
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
ab31f0c52d39ade8f507820b55c06fdadd288290829a359e75993c81748d2b36
abef335c19de776a01ce823a7e494e946d0c0368529057b25b943cc5a711e1d6
af1033f7c8076dcb04c18587d17ed521ec442d135fe53609b476d06ba26add0c
b167caf7fe75f3e181f2887c0153c517bef84d11c96bdb29d7ce5550dcaa9a6c
b255fdb1b9a2000d3f3757257e7c068a5abdd995738d0c68b5a377ffbfe5ed67
b53b6ad23b258ce11eed97786741510819a369348afcf1260856fe3041fc33de
b6a6b0e8881ca010843433eb6e650353f93672a522fecea39168b6c817d18fca
b8f45e511cad59d2b012be1c2bb3b762c4d66b919d732be3a935ddd76325903c
bb9d01c107e3e112dd88b6996d0767503b0be11b76254749cc2e97992e7243c4
bd41bcb64339dafed9f5d2864f6195cb2939f54f3bc55e511d9aa3b4b6072ed5
bee2308613e447e2fc46fa24cd2826eabbf9731ed9eaccbdbc6eabf961f417c9
bfe58c3e4f67928f320950cb05524dc012abf7ab1096958560101be80f83d447
c110d3e795d9bcb956d5c9ef500d23c7e480a259519d383d5c626293ee413815
c19742cd5bd579c79780439356b4237f0a35453c3de08f0272b99d00a4ea9bb7
c4fbf61bcc8a017d5d9cd2d95105bf88005bc0a3b6c18be6bfee8fc94d0adf52
c6077711ce3174050ccebe6559eb5f0e251942c2cad21900d1c3ef316065565b
c6fd60d4ecfcac36ecdcb7456ecf170d8eef75c883a1e34a4dd7855d23966cd2
c7f7f5265aeb0202ce88e8a6dfcc0ca25a7b990bb9ffac2f9e430ae6af2b6154
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
c9d7ae7860e67c0a1153a48d8e59afc2b7b867f268ad5e7f0ef1573698e3e700
ca01acd2bad92eaa08558471b364d797c40be660e98b54e7b47cefb7558c4b47
cea0a05c5af6e21a409875328ed2e3dba79131b7c41f8ea07d0e0e02c7b7b59e
d276da068fea1049fbb29d0aaeda5b9fa8a38e50b3f55741ffe2899cd52e6d5d
d41dc07aed30cb54de661289691254b1288a52bcf4d121cec3acb89d4aa872a8
d4891d555d3e2614743bcaf3d18c1cf1c318dc141591da1fba60602d2786648c
d494f38c0b8a6df4239ed1f71c5b4e5da2f65dc160403e26c1587d0754c860ce
d4b266e5a0731ac28468e3c505c0cd251c3b799a5954f212edc7ecb8075cdea0
d4e0293faeffa17a2ad6181b7a05e45a36f4c1d0a004d34cf4d5e289a8197cd5
d653f1b06327b82fc8e17923f289ca268b8c3a19a62f64c761e888a8be375988
d6d0824c232f1be9cf8778e2f91360b3562ac7464795f81882f95d22defbd146
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d83245ccaecdf979547f528f38c90b30dff15f7b95d5e8ce4520df844c57f3e6
daab8a66fad84e54d32b62c10a996179c4d17efc15fc7aa77a5927dbb6cd10a8
db2e4e6461e2031165b8e5e9c11a58bdc3eb90876cb1bf9a660a96220ff103ab
dbcdee701e2b6c28831c62f077f9f8a10a7cf95763de0b1e6898d163e7f6730a
de17ed538010ea04288a5edcd919e706bd4b72f1c43fdff0721c73ba97773f3f
e043996a9801fe2e7d0887608fd2f7cc439fa907e44010f6b01769bc392bef81
e0466ae1a6776d9fb9f0256a9d6813c1f10ab2eda313884c401f72fb03fce25d
e1b149f9dffc3130750034a65c4a1d2cbefe7ffcef67fcb368f292a065aabeef
e23b6f4539643a37f0d615a630a76fc48571ebb8b0a9219ad38b4827a60ee18c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e688c863b85a28f75e5c1c7f21092f1f419649e10496f9f1fc36826112bbd348
e81e6b638202bbdf9e2ebe46b4137db06f58c43baa9f35b3e79d98108001a212
e841451c101f47b681c1dd0469a82c4bef323a5c771ef5723d7889e11c1c77cd
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1cfd6824c92dead5736035fedeb93fe0a7d0d414dfa5e4ba20a4b84b498919c
f4d3116590fe12f997a9a11ac10911517ee0a468ac563444edc374f16010158e
f51cadaea6718afce1c56d01c71dcc28fe2dc2c88600a6fe280f1a2a6015a899
f6d557e9212aa657a54ff5da7b10ea0fd2c8f6268c34481b911b0547a6b08507
f7504f7d591839633084ef2b9d3307b712c057ac3f5ed26d6947c9cda3e7b400
fac3b9e36ffcc9793a5f6bccf70784d4b7b2e0bcf81da427e448e758b67e81c5
fb1dcc6fe4c18e8e77ba87832e73084f94d8239d485a232093be12b51e8e5a82
fccf6d5c132d780bdf2205a2d84c9767c18eb557cdd1aeda57b4adcded376c3c

www.melhoresdestinos.com.br Open in urlscan Pro 170.82.174.15 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

233 Requests

91 %HTTPS

45 %IPv6

42 Domains

61 Subdomains

47 IPs

8 Countries

4012 kBTransfer

6843 kBSize

37 Cookies

20 Outgoing links

Page URL History

Redirected requests

233 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.melhoresdestinos.com.br Open in urlscan Pro
170.82.174.15 Public Scan

Screenshot
Live screenshot

Full Image

233
Requests

91 %
HTTPS

45 %
IPv6

42
Domains

61
Subdomains

47
IPs

8
Countries

4012 kB
Transfer

6843 kB
Size

37
Cookies

233 HTTP transactions
4 data transactions