urlscan.io logo urlscan.io
SecurityTrails logo

istoe.com.br Open in urlscan Pro
35.201.85.150  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://istoe.com.br/
Effective URL: https://istoe.com.br/
Submission: On March 16 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 98 IPs in 12 countries across 85 domains to perform 608 HTTP transactions. The main IP is 35.201.85.150, located in Kansas City, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is istoe.com.br. The Cisco Umbrella rank of the primary domain is 160690.
TLS certificate: Issued by GTS CA 1D4 on January 26th 2023. Valid for: 3 months.
This is the only time istoe.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 23 35.201.85.150 396982 (GOOGLE-CL...)
2 2a00:1450:400... 15169 (GOOGLE)
3 2606:4700::68... 13335 (CLOUDFLAR...)
12 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
4 2606:4700:e0:... 13335 (CLOUDFLAR...)
2 2620:1ec:4e:1... 8075 (MICROSOFT...)
1 7 13.32.99.105 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
15 151.101.1.44 54113 (FASTLY)
14 151.101.65.44 54113 (FASTLY)
1 2a00:1450:400... 15169 (GOOGLE)
25 2a00:1450:400... 15169 (GOOGLE)
1 2a02:2638::1c 44788 (ASN-CRITE...)
2 2a00:1450:400... 15169 (GOOGLE)
2 2001:4860:480... 15169 (GOOGLE)
1 40.121.178.25 8075 (MICROSOFT...)
11 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
10 141.226.228.48 200478 (TABOOLA-AS)
1 2 54.183.1.6 16509 (AMAZON-02)
1 34.149.12.213 396982 (GOOGLE-CL...)
9 10 142.250.186.166 15169 (GOOGLE)
4 20.122.63.128 8075 (MICROSOFT...)
3 2600:1f18:612... 14618 (AMAZON-AES)
9 52.223.40.198 16509 (AMAZON-02)
4 4 3.75.62.37 16509 (AMAZON-02)
5 6 52.59.122.232 16509 (AMAZON-02)
2 104.109.78.125 16625 (AKAMAI-AS)
1 2 69.173.144.165 26667 (RUBICONPR...)
1 2 68.219.88.97 8075 (MICROSOFT...)
1 1 2620:1ec:c11:... 8068 (MICROSOFT...)
15 52.1.252.251 14618 (AMAZON-AES)
1 141.226.224.32 200478 (TABOOLA-AS)
13 34.192.67.210 14618 (AMAZON-AES)
4 9 2620:116:800d... 16509 (AMAZON-02)
1 2600:9000:223... 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
17 2a00:1450:400... 15169 (GOOGLE)
12 2a00:1450:400... 15169 (GOOGLE)
36 2a00:1450:400... 15169 (GOOGLE)
5 187.72.39.252 16735 (ALGAR TEL...)
2 2a02:2638:3::9 44788 (ASN-CRITE...)
3 2a02:2638:3::12 44788 (ASN-CRITE...)
4 61 172.217.18.98 15169 (GOOGLE)
3 35.227.252.103 15169 (GOOGLE)
1 1 2600:9000:211... 16509 (AMAZON-02)
5 8 51.89.9.254 16276 (OVH)
5 5 76.223.111.18 16509 (AMAZON-02)
4 4 37.252.171.149 29990 (ASN-APPNEX)
26 2a02:2638::3 44788 (ASN-CRITE...)
3 178.250.1.6 44788 (ASN-CRITE...)
3 2606:4700::68... 13335 (CLOUDFLAR...)
15 2a02:2638::c 44788 (ASN-CRITE...)
4 2a02:2638::21 44788 (ASN-CRITE...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a02:fa8:8806... 41041 (VCLK-EU-SE)
3 3 35.204.74.118 396982 (GOOGLE-CL...)
3 3 35.190.0.66 15169 (GOOGLE)
3 3 37.157.2.234 198622 (ADFORM)
5 5 185.64.189.115 62713 (AS-PUBMATIC)
8 2600:1901:0:7... 15169 (GOOGLE)
88 2606:4700:20:... 13335 (CLOUDFLAR...)
1 34.234.139.177 14618 (AMAZON-AES)
1 1 151.101.2.49 54113 (FASTLY)
3 3 216.52.2.30 30282 (AS-INAPCD...)
1 9 2606:4700:10:... 13335 (CLOUDFLAR...)
1 35.244.174.68 15169 (GOOGLE)
3 3 185.80.39.216 27381 (CASALE-MEDIA)
1 2a05:d01c:1d8... 16509 (AMAZON-02)
6 2606:4700:20:... 13335 (CLOUDFLAR...)
16 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
2 52.0.154.92 14618 (AMAZON-AES)
5 10 2.19.44.80 16625 (AKAMAI-AS)
6 6 84.200.5.215 44066 (DE-FIRSTC...)
3 167.233.13.224 24940 (HETZNER-AS)
3 2606:4700::68... 13335 (CLOUDFLAR...)
2 2 18.157.107.92 16509 (AMAZON-02)
1 3 2606:4700::68... 13335 (CLOUDFLAR...)
2 2 85.114.159.93 24961 (MYLOC-AS ...)
1 2606:4700:1::... 13335 (CLOUDFLAR...)
6 2.18.233.201 16625 (AKAMAI-AS)
1 2 34.111.113.62 396982 (GOOGLE-CL...)
1 104.111.217.14 16625 (AKAMAI-AS)
1 98.98.134.241 21859 (ZEN-ECN)
1 1 212.82.100.182 34010 (YAHOO-IRD)
1 52.49.217.141 16509 (AMAZON-02)
1 3 104.111.217.42 16625 (AKAMAI-AS)
3 4 185.86.139.102 201081 (SMARTADSE...)
1 1 185.29.132.241 30419 (MEDIAMATH...)
4 4 2a05:d018:d29... 16509 (AMAZON-02)
2 2 213.155.156.164 1299 (TWELVE99 ...)
3 3 213.19.147.45 26120 (RHYTHMONE)
5 18.132.110.241 16509 (AMAZON-02)
4 18.66.147.120 16509 (AMAZON-02)
3 99.86.4.94 16509 (AMAZON-02)
1 1 35.186.193.173 15169 (GOOGLE)
1 1 193.0.160.130 54312 (ROCKETFUEL)
1 2a02:2638::2 ()
8 2a02:2638:3::10 ()
1 1 145.239.193.130 ()
1 88.198.250.30 ()
1 87.118.116.9 ()
4 2606:4700::68... ()
3 13.224.195.78 ()
6 13.41.33.70 ()
1 35.187.21.229 ()
1 2606:4700:440... ()
2 51.83.212.112 ()
1 54.37.204.178 ()
1 108.138.4.150 ()
1 2602:803:c003... ()
2 52.28.203.152 ()
1 77.245.57.72 ()
2 37.252.172.123 ()
1 185.184.10.30 ()
1 185.86.138.123 ()
1 2a00:1450:400... ()
608 98
23    35.201.85.150 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 150.85.201.35.bc.googleusercontent.com
istoe.com.br
2    2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
12    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
2    2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
4    2606:4700:e0::ac40:6c22 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.pn.vg
osp-assets.pn.vg
2    2620:1ec:4e:1::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.clarity.ms
7    13.32.99.105 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-105.fra60.r.cloudfront.net
sb.scorecardresearch.com
3    2a00:1450:4001:802::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
15    151.101.1.44 (United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
nr-events.taboola.com
imprammp.taboola.com
wf.taboola.com
vidstatb.taboola.com
14    151.101.65.44 (United States)

ASN54113 (FASTLY, US)
c2.taboola.com
widget.perfectmarket.com
trc.taboola.com
vidstat.taboola.com
pips.taboola.com
1    2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
25    2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
1    2a02:2638::1c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
2    2a00:1450:400c:c0c::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    40.121.178.25 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
b.smrk.io
11    2a00:1450:4001:829::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
10    141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)
am-trc-events.taboola.com
am-match.taboola.com
am-vid-events.taboola.com
sync.taboola.com
am-wf.taboola.com
2    54.183.1.6 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-183-1-6.us-west-1.compute.amazonaws.com
t.myvisualiq.net
1    34.149.12.213 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 213.12.149.34.bc.googleusercontent.com
tps.doubleverify.com
10    142.250.186.166 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f6.1e100.net
ad.doubleclick.net
4    20.122.63.128 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
p.clarity.ms
3    2600:1f18:612b:4280:a5fb:d412:b74d:aafb (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
taboola-supply-partners.tremorhub.com
9    52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
4    3.75.62.37 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
6    52.59.122.232 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-59-122-232.eu-central-1.compute.amazonaws.com
x.bidswitch.net
2    104.109.78.125 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-109-78-125.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
2    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
pixel.rubiconproject.com
2    68.219.88.97 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.clarity.ms
1    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
15    52.1.252.251 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-1-252-251.compute-1.amazonaws.com
wfpscripts.webspectator.com
1    141.226.224.32 (United States)

ASN200478 (TABOOLA-AS, IL)
cds.taboola.com
13    34.192.67.210 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-192-67-210.compute-1.amazonaws.com
webservices.webspectator.com
9    2620:116:800d:21:de2e:c7b3:55c0:d5a0 (United States)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
cms.quantserve.com
1    2600:9000:223c:be00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
2    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
3    2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
17    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
12    2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com
36    2a00:1450:4001:806::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
5    187.72.39.252 (São Paulo, Brazil)

ASN16735 (ALGAR TELECOM SA, BR)
PTR: www.dataunion.com.br
www.dataunion.com.br
2    2a02:2638:3::9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
rtb.nl3.eu.criteo.com
3    2a02:2638:3::12 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
ads.eu.criteo.com
61    172.217.18.98 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s05-in-f98.1e100.net
cm.g.doubleclick.net
3    35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com
rtb.openx.net
1    2600:9000:211e:c400:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)
s.ad.smaato.net
8    51.89.9.254 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip254.ip-51-89-9.eu
onetag-sys.com
5    76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
4    37.252.171.149 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
secure.adnxs.com
26    2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
3    178.250.1.6 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
cat.nl3.eu.criteo.com
3    2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
15    2a02:2638::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
pix.eu.criteo.net
4    2a02:2638::21 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
csm.eu.criteo.net
1    2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
2    2a02:fa8:8806:16::1370 (Singapore)

ASN41041 (VCLK-EU-SE, US)
dclk-match.dotomi.com
retargetly-match.dotomi.com
3    35.204.74.118 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 118.74.204.35.bc.googleusercontent.com
um.simpli.fi
3    35.190.0.66 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com
ads.travelaudience.com
3    37.157.2.234 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
5    185.64.189.115 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
8    2600:1901:0:76b9:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
prod-rtb.ad4mat.net
88    2606:4700:20::681a:bd1 (United States)

ASN13335 (CLOUDFLARENET, US)
as.ad4m.at
ad4m.at
assets.ad4m.at
1    34.234.139.177 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-234-139-177.compute-1.amazonaws.com
msgws.webspectator.com
1    151.101.2.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
3    216.52.2.30 (United States)

ASN30282 (AS-INAPCDN-OCY, US)
ap.lijit.com
9    2606:4700:10::6816:118d (United States)

ASN13335 (CLOUDFLARENET, US)
api.retargetly.com
app.retargetly.com
1    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
id.rlcdn.com
3    185.80.39.216 (Canada)

ASN27381 (CASALE-MEDIA, CA)
ssum-sec.casalemedia.com
1    2a05:d01c:1d8:8102:54e2:82c3:807e:8ba (London, United Kingdom)

ASN16509 (AMAZON-02, US)
ag.innovid.com
6    2606:4700:20::ac43:444e (United States)

ASN13335 (CLOUDFLARENET, US)
static-de.ad4mat.net
16    2606:4700:20::ac43:4a81 (United States)

ASN13335 (CLOUDFLARENET, US)
ad4m.at
2    2606:4700:10::6816:4acb (United States)

ASN13335 (CLOUDFLARENET, US)
resources-rt.idx.lat
2    52.0.154.92 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-0-154-92.compute-1.amazonaws.com
rt.idx.lat
10    2.19.44.80 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-44-80.deploy.static.akamaitechnologies.com
www.awin1.com
6    84.200.5.215 (Germany)

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)
www.telefonica-partner.de
www.lead-alliance.net
3    167.233.13.224 (Hallbergmoos, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.224.13.233.167.clients.your-server.de
partner.o2online.de
3    2606:4700::6812:7f05 (United States)

ASN13335 (CLOUDFLARENET, US)
www.conrad.de
2    18.157.107.92 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-157-107-92.eu-central-1.compute.amazonaws.com
pm.w55c.net
3    2606:4700::6812:18ad (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
2    85.114.159.93 (Bad Durrheim, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
1    2606:4700:1::6813:874e (United States)

ASN13335 (CLOUDFLARENET, US)
cm.mgid.com
6    2.18.233.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-201.deploy.static.akamaitechnologies.com
pixel.mathtag.com
2    34.111.113.62 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com
pixel.tapad.com
1    104.111.217.14 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-217-14.deploy.static.akamaitechnologies.com
tags.bluekai.com
1    98.98.134.241 (United States)

ASN21859 (ZEN-ECN, US)
pixel-sync.sitescout.com
1    212.82.100.182 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spcms.pbp.vip.ir2.yahoo.com
cms.analytics.yahoo.com
1    52.49.217.141 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-217-141.eu-west-1.compute.amazonaws.com
bcp.crwdcntrl.net
3    104.111.217.42 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-217-42.deploy.static.akamaitechnologies.com
sync.teads.tv
4    185.86.139.102 (France)

ASN201081 (SMARTADSERVER, FR)
sync.smartadserver.com
1    185.29.132.241 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
4    2a05:d018:d29:3601:84c0:cef:b29e:4061 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
2    213.155.156.164 (Sweden)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
PTR: 213-155-156-164.teliacarrier-cust.com
d5p.de17a.com
3    213.19.147.45 (Castricum, Netherlands)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
sync.targeting.unrulymedia.com
5    18.132.110.241 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-132-110-241.eu-west-2.compute.amazonaws.com
track.webgains.com
4    18.66.147.120 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-120.fra60.r.cloudfront.net
analytics.webgains.io
3    99.86.4.94 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-94.fra6.r.cloudfront.net
cdn.track.production.webgains.team
1    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
gcm.ctnsnet.com
1    193.0.160.130 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
1    2a02:2638::2 (None, )

ASN- ()
rtb.fr.eu.criteo.com
8    2a02:2638:3::10 (None, )

ASN- ()
imageproxy.eu.criteo.net
1    145.239.193.130 (None, )

ASN- ()
pv.medialead.de
1    88.198.250.30 (None, )

ASN- ()
pb.media01.eu
1    87.118.116.9 (None, )

ASN- ()
banner.congstar.de
4    2606:4700::6812:160e (None, )

ASN- ()
tags.denakop.com
3    13.224.195.78 (None, )

ASN- ()
c.amazon-adsystem.com
6    13.41.33.70 (None, )

ASN- ()
api.webgains.io
1    35.187.21.229 (None, )

ASN- ()
ppwgfd.aladin-shishashop.de
1    2606:4700:4400::6812:20ce (None, )

ASN- ()
pvx.freenet-mobilfunk.de
2    51.83.212.112 (None, )

ASN- ()
trck.trendtours.de
1    54.37.204.178 (None, )

ASN- ()
ht.uppr.de
1    108.138.4.150 (None, )

ASN- ()
aax-dtb-cf.amazon-adsystem.com
1    2602:803:c003:200::21 (None, )

ASN- ()
fastlane.rubiconproject.com
2    52.28.203.152 (None, )

ASN- ()
c2shb.pubgw.yahoo.com
1    77.245.57.72 (None, )

ASN- ()
cpm.denakop.com
2    37.252.172.123 (None, )

ASN- ()
ib.adnxs.com
1    185.184.10.30 (None, )

ASN- ()
prebid-us.creativecdn.com
1    185.86.138.123 (None, )

ASN- ()
prg.smartadserver.com
1    2a00:1450:4001:80e::2002 (None, )

ASN- ()
adservice.google.de
Apex Domain
Subdomains		 Transfer
104 ad4m.at
as.ad4m.at — Cisco Umbrella Rank: 26862
ad4m.at — Cisco Umbrella Rank: 9918
assets.ad4m.at — Cisco Umbrella Rank: 35263
4 MB
98 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 188
stats.g.doubleclick.net — Cisco Umbrella Rank: 76
ad.doubleclick.net — Cisco Umbrella Rank: 168
cm.g.doubleclick.net — Cisco Umbrella Rank: 210
307 KB
65 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 104
3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 134
251 KB
53 criteo.net
static.criteo.net — Cisco Umbrella Rank: 629
pix.eu.criteo.net — Cisco Umbrella Rank: 7820
csm.eu.criteo.net — Cisco Umbrella Rank: 8170
imageproxy.eu.criteo.net
1 MB
38 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 936
c2.taboola.com — Cisco Umbrella Rank: 8548
nr-events.taboola.com — Cisco Umbrella Rank: 10339
trc.taboola.com — Cisco Umbrella Rank: 682
vidstat.taboola.com — Cisco Umbrella Rank: 2809
am-trc-events.taboola.com — Cisco Umbrella Rank: 15237
imprammp.taboola.com — Cisco Umbrella Rank: 14005
am-match.taboola.com — Cisco Umbrella Rank: 13804
wf.taboola.com — Cisco Umbrella Rank: 2847
am-vid-events.taboola.com — Cisco Umbrella Rank: 13167
sync.taboola.com — Cisco Umbrella Rank: 934
vidstatb.taboola.com — Cisco Umbrella Rank: 4715
pips.taboola.com — Cisco Umbrella Rank: 1596
cds.taboola.com — Cisco Umbrella Rank: 1781
am-wf.taboola.com
662 KB
29 webspectator.com
wfpscripts.webspectator.com — Cisco Umbrella Rank: 183168
webservices.webspectator.com — Cisco Umbrella Rank: 182833
msgws.webspectator.com — Cisco Umbrella Rank: 395168
149 KB
23 istoe.com.br
istoe.com.br — Cisco Umbrella Rank: 160690
1 MB
14 ad4mat.net
prod-rtb.ad4mat.net — Cisco Umbrella Rank: 95743
static-de.ad4mat.net — Cisco Umbrella Rank: 124399
24 KB
14 google.com
www.google.com — Cisco Umbrella Rank: 2
adservice.google.com — Cisco Umbrella Rank: 68
2 KB
12 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 185
560 KB
11 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 271
cms.analytics.yahoo.com — Cisco Umbrella Rank: 887
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 439
c2shb.pubgw.yahoo.com
6 KB
10 webgains.io
analytics.webgains.io — Cisco Umbrella Rank: 18328
api.webgains.io
126 KB
10 awin1.com
www.awin1.com — Cisco Umbrella Rank: 15428
7 KB
10 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 386
rtb.nl3.eu.criteo.com — Cisco Umbrella Rank: 12906
ads.eu.criteo.com — Cisco Umbrella Rank: 8089
cat.nl3.eu.criteo.com — Cisco Umbrella Rank: 9593
rtb.fr.eu.criteo.com
145 KB
9 retargetly.com
api.retargetly.com — Cisco Umbrella Rank: 5329
app.retargetly.com — Cisco Umbrella Rank: 26249
9 KB
9 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 980
pixel.quantserve.com — Cisco Umbrella Rank: 786
cms.quantserve.com — Cisco Umbrella Rank: 649
12 KB
9 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 295
2 KB
8 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 706
2 KB
8 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 1002
p.clarity.ms — Cisco Umbrella Rank: 14317
c.clarity.ms — Cisco Umbrella Rank: 1518
27 KB
7 mathtag.com
pixel.mathtag.com — Cisco Umbrella Rank: 975
sync.mathtag.com — Cisco Umbrella Rank: 460
6 KB
7 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 153
8 KB
6 adnxs.com
secure.adnxs.com — Cisco Umbrella Rank: 381
ib.adnxs.com
13 KB
6 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 285
2 KB
5 denakop.com
tags.denakop.com
cpm.denakop.com
135 KB
5 webgains.com
track.webgains.com — Cisco Umbrella Rank: 36521
56 KB
5 smartadserver.com
sync.smartadserver.com — Cisco Umbrella Rank: 1289
prg.smartadserver.com
2 KB
5 pubmatic.com
image6.pubmatic.com — Cisco Umbrella Rank: 717
2 KB
5 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 354
2 KB
5 dataunion.com.br
www.dataunion.com.br — Cisco Umbrella Rank: 456932
19 KB
5 rubiconproject.com
eus.rubiconproject.com — Cisco Umbrella Rank: 526
token.rubiconproject.com — Cisco Umbrella Rank: 531
pixel.rubiconproject.com — Cisco Umbrella Rank: 317
fastlane.rubiconproject.com
12 KB
5 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 25
region1.google-analytics.com — Cisco Umbrella Rank: 2388
20 KB
4 amazon-adsystem.com
c.amazon-adsystem.com
aax-dtb-cf.amazon-adsystem.com
59 KB
4 idx.lat
resources-rt.idx.lat — Cisco Umbrella Rank: 25718
rt.idx.lat — Cisco Umbrella Rank: 25337
9 KB
4 google.de
www.google.de — Cisco Umbrella Rank: 6069
adservice.google.de — Cisco Umbrella Rank: 8720
1 KB
4 pn.vg
cdn.pn.vg — Cisco Umbrella Rank: 122452
osp-assets.pn.vg — Cisco Umbrella Rank: 136636
63 KB
3 webgains.team
cdn.track.production.webgains.team — Cisco Umbrella Rank: 43375
33 KB
3 teads.tv
sync.teads.tv — Cisco Umbrella Rank: 1230
622 B
3 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 752
s.tribalfusion.com — Cisco Umbrella Rank: 1848
2 KB
3 conrad.de
www.conrad.de — Cisco Umbrella Rank: 57294
782 B
3 o2online.de
partner.o2online.de — Cisco Umbrella Rank: 69301
4 KB
3 lead-alliance.net
www.lead-alliance.net — Cisco Umbrella Rank: 62253
1 KB
3 telefonica-partner.de
www.telefonica-partner.de — Cisco Umbrella Rank: 64174
782 B
3 casalemedia.com
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 425
3 KB
3 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 575
2 KB
3 adform.net
c1.adform.net — Cisco Umbrella Rank: 590
2 KB
3 travelaudience.com
ads.travelaudience.com — Cisco Umbrella Rank: 6097
926 B
3 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 736
2 KB
3 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 194
15 KB
3 openx.net
rtb.openx.net — Cisco Umbrella Rank: 1462
550 B
3 tremorhub.com
taboola-supply-partners.tremorhub.com — Cisco Umbrella Rank: 3401
547 B
3 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 337
79 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 34
ajax.googleapis.com — Cisco Umbrella Rank: 305
7 KB
2 trendtours.de
trck.trendtours.de
2 KB
2 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 497
2 KB
2 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 4624
655 B
2 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 414
1 KB
2 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1444
1 KB
2 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 729
2 KB
2 dotomi.com
dclk-match.dotomi.com — Cisco Umbrella Rank: 2706
retargetly-match.dotomi.com — Cisco Umbrella Rank: 30599
207 B
2 myvisualiq.net
t.myvisualiq.net — Cisco Umbrella Rank: 2005
1 KB
2 perfectmarket.com
widget.perfectmarket.com — Cisco Umbrella Rank: 3540
32 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 42
154 KB
1 creativecdn.com
prebid-us.creativecdn.com
175 B
1 uppr.de
ht.uppr.de
206 KB
1 freenet-mobilfunk.de
pvx.freenet-mobilfunk.de
800 B
1 aladin-shishashop.de
ppwgfd.aladin-shishashop.de
279 B
1 congstar.de
banner.congstar.de
549 B
1 media01.eu
pb.media01.eu
629 B
1 medialead.de
pv.medialead.de
642 B
1 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 776
759 B
1 ctnsnet.com
gcm.ctnsnet.com — Cisco Umbrella Rank: 31897
612 B
1 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1068
578 B
1 crwdcntrl.net
bcp.crwdcntrl.net — Cisco Umbrella Rank: 910
265 B
1 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 608
191 B
1 bluekai.com
tags.bluekai.com — Cisco Umbrella Rank: 536
227 B
1 mgid.com
cm.mgid.com — Cisco Umbrella Rank: 1372
452 B
1 innovid.com
ag.innovid.com — Cisco Umbrella Rank: 1716
297 B
1 rlcdn.com
id.rlcdn.com — Cisco Umbrella Rank: 613
98 B
1 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 595
545 B
1 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 708
444 B
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 933
633 B
1 bing.com
c.bing.com — Cisco Umbrella Rank: 240
742 B
1 doubleverify.com
tps.doubleverify.com — Cisco Umbrella Rank: 500
162 B
1 smrk.io
b.smrk.io — Cisco Umbrella Rank: 239357
611 B
1 gstatic.com
fonts.gstatic.com
38 KB
608 85
Domain Requested by
61 cm.g.doubleclick.net 4 redirects 3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com
40 assets.ad4m.at as.ad4m.at
36 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com
istoe.com.br
32 ad4m.at as.ad4m.at
ad4m.at
32 as.ad4m.at istoe.com.br
as.ad4m.at
3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com
ad4m.at
26 static.criteo.net ads.eu.criteo.com
25 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
istoe.com.br
tags.denakop.com
23 istoe.com.br 1 redirects istoe.com.br
17 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com
istoe.com.br
www.googletagservices.com
15 pix.eu.criteo.net ads.eu.criteo.com
15 wfpscripts.webspectator.com istoe.com.br
webservices.webspectator.com
13 webservices.webspectator.com wfpscripts.webspectator.com
webservices.webspectator.com
12 3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com securepubads.g.doubleclick.net
12 www.googletagservices.com istoe.com.br
3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com
11 www.google.com istoe.com.br
tpc.googlesyndication.com
3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com
10 www.awin1.com 5 redirects as.ad4m.at
10 ad.doubleclick.net 9 redirects istoe.com.br
9 match.adsrvr.org imprammp.taboola.com
am-match.taboola.com
3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com
api.retargetly.com
9 cdn.taboola.com istoe.com.br
cdn.taboola.com
8 imageproxy.eu.criteo.net ads.eu.criteo.com
8 prod-rtb.ad4mat.net istoe.com.br
8 onetag-sys.com 5 redirects 3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com
tags.denakop.com
7 cms.quantserve.com 4 redirects 3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com
7 sb.scorecardresearch.com 1 redirects istoe.com.br
widget.perfectmarket.com
wfpscripts.webspectator.com
6 api.webgains.io analytics.webgains.io
6 pixel.mathtag.com api.retargetly.com
pixel.mathtag.com
6 app.retargetly.com api.retargetly.com
6 static-de.ad4mat.net as.ad4m.at
6 x.bidswitch.net 5 redirects am-match.taboola.com
5 track.webgains.com as.ad4m.at
5 image6.pubmatic.com 5 redirects
5 eb2.3lift.com 5 redirects
5 www.dataunion.com.br istoe.com.br
www.dataunion.com.br
5 vidstat.taboola.com cdn.taboola.com
vidstat.taboola.com
5 trc.taboola.com cdn.taboola.com
api.retargetly.com
4 tags.denakop.com istoe.com.br
tags.denakop.com
4 analytics.webgains.io track.webgains.com
4 pr-bh.ybp.yahoo.com 4 redirects
4 sync.smartadserver.com 3 redirects api.retargetly.com
4 csm.eu.criteo.net ads.eu.criteo.com
4 secure.adnxs.com 4 redirects
4 ups.analytics.yahoo.com 4 redirects
4 p.clarity.ms www.clarity.ms
4 am-trc-events.taboola.com istoe.com.br
3 c.amazon-adsystem.com tags.denakop.com
c.amazon-adsystem.com
3 cdn.track.production.webgains.team as.ad4m.at
3 sync.teads.tv 1 redirects api.retargetly.com
3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com
3 www.conrad.de as.ad4m.at
3 partner.o2online.de as.ad4m.at
3 www.lead-alliance.net 3 redirects
3 www.telefonica-partner.de 3 redirects
3 ssum-sec.casalemedia.com 3 redirects
3 api.retargetly.com 1 redirects wfpscripts.webspectator.com
api.retargetly.com
3 ap.lijit.com 3 redirects
3 c1.adform.net 3 redirects
3 ads.travelaudience.com 3 redirects
3 um.simpli.fi 3 redirects
3 cdnjs.cloudflare.com ads.eu.criteo.com
3 cat.nl3.eu.criteo.com ads.eu.criteo.com
3 rtb.openx.net 3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com
3 ads.eu.criteo.com 3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com
3 adservice.google.com securepubads.g.doubleclick.net
3 adservice.google.de securepubads.g.doubleclick.net
3 taboola-supply-partners.tremorhub.com imprammp.taboola.com
am-match.taboola.com
3 www.google-analytics.com istoe.com.br
www.google-analytics.com
3 cdn.pn.vg istoe.com.br
cdn.pn.vg
3 cdn.jsdelivr.net istoe.com.br
2 ib.adnxs.com tags.denakop.com
2 c2shb.pubgw.yahoo.com tags.denakop.com
2 trck.trendtours.de as.ad4m.at
trck.trendtours.de
2 sync.1rx.io 2 redirects
2 d5p.de17a.com 2 redirects
2 pixel.tapad.com 1 redirects api.retargetly.com
2 dsp.adfarm1.adition.com 2 redirects
2 a.tribalfusion.com 1 redirects 3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com
2 pm.w55c.net 2 redirects
2 rt.idx.lat resources-rt.idx.lat
2 resources-rt.idx.lat api.retargetly.com
resources-rt.idx.lat
2 rtb.nl3.eu.criteo.com istoe.com.br
2 c.clarity.ms 1 redirects
2 eus.rubiconproject.com am-match.taboola.com
eus.rubiconproject.com
2 am-vid-events.taboola.com istoe.com.br
2 wf.taboola.com vidstat.taboola.com
2 am-match.taboola.com vidstat.taboola.com
2 t.myvisualiq.net 1 redirects istoe.com.br
2 region1.google-analytics.com www.googletagmanager.com
2 stats.g.doubleclick.net www.google-analytics.com
2 nr-events.taboola.com c2.taboola.com
istoe.com.br
2 widget.perfectmarket.com cdn.taboola.com
widget.perfectmarket.com
2 www.clarity.ms istoe.com.br
www.clarity.ms
2 www.googletagmanager.com istoe.com.br
www.googletagmanager.com
2 fonts.googleapis.com istoe.com.br
1 prg.smartadserver.com tags.denakop.com
1 prebid-us.creativecdn.com tags.denakop.com
1 cpm.denakop.com tags.denakop.com
1 fastlane.rubiconproject.com tags.denakop.com
1 aax-dtb-cf.amazon-adsystem.com c.amazon-adsystem.com
1 ht.uppr.de as.ad4m.at
1 pvx.freenet-mobilfunk.de as.ad4m.at
1 ppwgfd.aladin-shishashop.de as.ad4m.at
1 am-wf.taboola.com vidstat.taboola.com
1 banner.congstar.de as.ad4m.at
1 pb.media01.eu as.ad4m.at
1 pv.medialead.de 1 redirects
1 rtb.fr.eu.criteo.com istoe.com.br
1 p.rfihub.com 1 redirects
1 gcm.ctnsnet.com 1 redirects
1 sync.targeting.unrulymedia.com 1 redirects
1 sync.mathtag.com 1 redirects
1 retargetly-match.dotomi.com api.retargetly.com
1 bcp.crwdcntrl.net api.retargetly.com
1 cms.analytics.yahoo.com 1 redirects
1 pixel-sync.sitescout.com api.retargetly.com
1 tags.bluekai.com api.retargetly.com
1 cm.mgid.com api.retargetly.com
1 s.tribalfusion.com
1 ag.innovid.com 3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com
1 pixel.rubiconproject.com 1 redirects
1 id.rlcdn.com 3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com
1 sync-tm.everesttech.net 1 redirects
1 msgws.webspectator.com wfpscripts.webspectator.com
1 dclk-match.dotomi.com 3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com
1 ajax.googleapis.com webservices.webspectator.com
1 s.ad.smaato.net 1 redirects
1 pixel.quantserve.com
1 rules.quantcount.com secure.quantserve.com
1 secure.quantserve.com wfpscripts.webspectator.com
1 cds.taboola.com cdn.taboola.com
1 pips.taboola.com cdn.taboola.com
1 c.bing.com 1 redirects
1 token.rubiconproject.com eus.rubiconproject.com
1 vidstatb.taboola.com istoe.com.br
1 sync.taboola.com imprammp.taboola.com
1 imprammp.taboola.com vidstat.taboola.com
1 tps.doubleverify.com istoe.com.br
1 www.google.de istoe.com.br
1 b.smrk.io cdn.pn.vg
1 gum.criteo.com cdn.taboola.com
1 osp-assets.pn.vg cdn.pn.vg
1 fonts.gstatic.com fonts.googleapis.com
1 c2.taboola.com istoe.com.br
608 141
Subject Issuer Validity Valid
istoe.com.br
GTS CA 1D4		 2023-01-26 -
2023-04-26		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-03-02 -
2023-05-25		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-02 -
2023-06-01		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-03-02 -
2023-05-25		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-03-02 -
2023-05-25		 3 months crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1		 2022-12-01 -
2023-12-01		 a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-12-08 -
2023-12-31		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-03-02 -
2023-05-25		 3 months crt.sh
widget.perfectmarket.com
GlobalSign Atlas R3 DV TLS CA 2022 Q3		 2022-09-27 -
2023-10-29		 a year crt.sh
*.scorecardresearch.com
Amazon RSA 2048 M02		 2023-03-01 -
2024-01-28		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-03-09 -
2023-06-03		 3 months crt.sh
smrk.io
R3		 2023-01-06 -
2023-04-06		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-03-02 -
2023-05-25		 3 months crt.sh
www.google.de
GTS CA 1C3		 2023-03-02 -
2023-05-25		 3 months crt.sh
*.tps.doubleverify.com
Go Daddy Secure Certificate Authority - G2		 2022-09-28 -
2023-10-30		 a year crt.sh
a.clarity.ms
Microsoft Azure TLS Issuing CA 06		 2023-02-13 -
2024-02-08		 a year crt.sh
*.tremorhub.com
Amazon RSA 2048 M01		 2023-02-22 -
2024-03-23		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2022-04-05 -
2023-05-04		 a year crt.sh
*.rubiconproject.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-03-07 -
2024-04-03		 a year crt.sh
*.webspectator.com
Go Daddy Secure Certificate Authority - G2		 2022-07-11 -
2023-06-13		 a year crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-09 -
2023-09-09		 a year crt.sh
quantserve.com
R3		 2023-02-13 -
2023-05-14		 3 months crt.sh
*.google.de
GTS CA 1C3		 2023-03-02 -
2023-05-25		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-03-02 -
2023-05-25		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-03-02 -
2023-05-25		 3 months crt.sh
www.dataunion.com.br
Go Daddy Secure Certificate Authority - G2		 2023-02-24 -
2024-03-24		 a year crt.sh
*.nl3.eu.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-03-14 -
2023-06-09		 3 months crt.sh
*.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-03-04 -
2023-06-04		 3 months crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-13 -
2023-04-15		 3 months crt.sh
*.eu.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-13 -
2023-04-17		 3 months crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2022-08-09 -
2023-09-10		 a year crt.sh
prod-rtb.ad4mat.net
GTS CA 1D4		 2023-02-11 -
2023-05-12		 3 months crt.sh
*.retargetly.com
Sectigo RSA Domain Validation Secure Server CA		 2022-11-30 -
2023-12-23		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2023-02-02 -
2024-03-03		 a year crt.sh
*.innovid.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2022-03-15 -
2023-04-15		 a year crt.sh
idx.lat
Amazon RSA 2048 M02		 2023-02-28 -
2023-10-29		 8 months crt.sh
www.awin1.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-10 -
2024-03-09		 a year crt.sh
pixel.mathtag.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-07-05 -
2023-07-05		 a year crt.sh
odc-pixel-prod-01.oracle.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-07 -
2024-02-08		 a year crt.sh
*.sitescout.com
GeoTrust Global TLS RSA4096 SHA256 2022 CA1		 2023-01-09 -
2024-02-02		 a year crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2022-05-01 -
2023-06-02		 a year crt.sh
teads.tv
R3		 2023-02-21 -
2023-05-22		 3 months crt.sh
*.webgains.com
Amazon RSA 2048 M01		 2023-02-22 -
2023-07-13		 5 months crt.sh
*.webgains.io
Amazon RSA 2048 M02		 2023-03-02 -
2023-09-21		 7 months crt.sh
cdn.track.production.webgains.team
Amazon RSA 2048 M01		 2023-02-28 -
2023-10-28		 8 months crt.sh
*.fr.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-02-18 -
2023-05-20		 3 months crt.sh
denakop.com
Cloudflare Inc ECC CA-3		 2023-02-17 -
2024-02-16		 a year crt.sh
c.amazon-adsystem.com
Amazon		 2022-05-09 -
2023-04-18		 a year crt.sh
ppwgfd.aladin-shishashop.de
AlphaSSL CA - SHA256 - G2		 2022-05-19 -
2023-06-20		 a year crt.sh
trck.trendtours.de
R3		 2023-02-16 -
2023-05-17		 3 months crt.sh
ht.uppr.de
R3		 2023-03-07 -
2023-06-05		 3 months crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon		 2022-06-15 -
2023-06-15		 a year crt.sh
web.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-12-27 -
2023-06-21		 6 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-28 -
2024-01-28		 a year crt.sh
*.creativecdn.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2022-03-17 -
2023-04-12		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-21 -
2024-01-23		 a year crt.sh

This page contains 75 frames:

Primary Page: https://istoe.com.br/
Frame ID: 946CA1E57A85043B0F475F01828D930B
Requests: 192 HTTP requests in this frame

Frame: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V7VG8CFgPW4ebAeYgwoQTW4ebAeYgwoQUAAAAGBvQHJGbxWCyuicUt8syWa9HMZlxLHJORWzlZ7WaWxcgw8q2MQGIWj8XimljcIs9suRbNbMa1xDEZuZWT1W5mWYwMI9_KChzGcpkMaoGEZfb7DkK-22UQFV1vi93hNHveUIGm0-Fz3euVntPfZdf43XaJ5S8HAAAAgIf___9_CAAAAIAIAAAAAAkAAAAAioCKfwuBCwAAAACM____fw0AKI4Dsrw8J5fdHwAAAAAgAAAAACQAA_a1JQAVa3Un__________8xA_SZNzL_____NwY9AA8-AA9CAAAAH0Mr5SafGw-4bkQFwkWMAAAAAHKrNxuPJnVCZVH1___fbwVwBQAQYIhexGORpTso8RYGAAAAMLZAD4vfb3bYNX63y_7_________zf7P_tGEmHri0oK64EjVfgEBANZ-AQEA2MYNAOBNAC7oCFoxGKwOQZar1WAymcwOAAAA4O7___9fD0R2G49xsVoMRibHZDIaroYTx2hk3MxMjsXI5Nxs71g3-J-zVQSlz0NYZr_vIOS7XQZR0fW22B1Os-cgPmgYlpNBML8JW4xWk8lmOZwtF5PBcDQcjfY3EIvFACdisFxOJovJbjVajTbD3Wg2WKBADCZI0aLBZDUaTRaT4Wo0Wc2Wi91ugxStWs1Gm8FwNZvMdrvVcDBcjkY4YYvRajLZLIez5WIyGI6Go9EQYcY22s1sk9Fa5LLY3KLFaLiWOHybtWbkWEwmy-XGNFisRa-P6WLYGFYjwxYFA0T2InlapBORy2OabVbGmXE3mCw8ruVk5ZyYHMvdcuFZLlyOiViiOVmkE9llX9ltPMbFajEYmRyTyWi4Gk4co5FxMzM5FiOTc7Pv2Ea7mW0yWotcFptbtBgN1xKHb7PWjByLyWS53JgGi7Xo9TFdDBvDamTYN2a74XIzGixn-8ZsN1xuRoPlbN9hMj1Tn7NReNxqPD7FM3aTWW8Og8JlsHh_EtNi2p0dTGff0WnzqZdFndHv9_v9fr_f7_f7DVrPwWxQ-LbRW7Z3DZpL17G5IDYYFLFEcJFOVCan6W95eNZKz-lvEUuUpot0oi_63S7Dw-fyV8QSwekinQj9bpdF_ceHGK7mksVmrlit5orRYpUAAAAAAAAAAJYwZ94EAAAA4DSQ1XI3W63zIEaDzW62Wi5AhJSp7s-xXMhZxi70LqMW-vwET0dQcePHDWVymv6Wh2et9Jz-VgaIkCpl3vyZINZqtawBAAAEsAEAAAK4dfMWmDrF_____8cBAADIyNEDAADQ7wNdwY9eK_TE8RfEYDTbDQ!&cmcv=&pix=undefined&cb=1678934097916&uv=3261&tms=1678934097916&abt=nonrv_vA!prp_vC!prp_vC!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=fbcbb5bb-d369-4ff8-b12d-9257f21d0d7e&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Frame ID: F3929915D77C4CEEDC88AFE9D0A2DCD8
Requests: 4 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V7VG8CFgPW4ebAeYgwoQTW4ebAeYgwoQUAAAAGBvQHJGbxWCyuicUt8syWa9HMZlxLHJORWzlZ7WaWxcgw8q2MQGIWj8XimljcIs9suRbNbMa1xDEZuZWT1W5mWYwMI9_KChzGcpkMaoGEZfb7DkK-22UQFV1vi93hNHveUIGm0-Fz3euVntPfZdf43XaJ5S8HAAAAgIf___9_CAAAAIAIAAAAAAkAAAAAioCKfwuBCwAAAACM____fw0AKI4Dsrw8J5fdHwAAAAAgAAAAACQAA_a1JQAVa3Un__________8xA_SZNzL_____NwY9AA8-AA9CAAAAH0Mr5SafGw-4bkQFwkWMAAAAAHKrNxuPJnVCZVH1___fbwVwBQAQYIhexGORpTso8RYGAAAAMLZAD4vfb3bYNX63y_7_________zf7P_tGEmHri0oK64EjVfgEBANZ-AQEA2MYNAOBNAC7oCFoxGKwOQZar1WAymcwOAAAA4O7___9fD0R2G49xsVoMRibHZDIaroYTx2hk3MxMjsXI5Nxs71g3-J-zVQSlz0NYZr_vIOS7XQZR0fW22B1Os-cgPmgYlpNBML8JW4xWk8lmOZwtF5PBcDQcjfY3EIvFACdisFxOJovJbjVajTbD3Wg2WKBADCZI0aLBZDUaTRaT4Wo0Wc2Wi91ugxStWs1Gm8FwNZvMdrvVcDBcjkY4YYvRajLZLIez5WIyGI6Go9EQYcY22s1sk9Fa5LLY3KLFaLiWOHybtWbkWEwmy-XGNFisRa-P6WLYGFYjwxYFA0T2InlapBORy2OabVbGmXE3mCw8ruVk5ZyYHMvdcuFZLlyOiViiOVmkE9llX9ltPMbFajEYmRyTyWi4Gk4co5FxMzM5FiOTc7Pv2Ea7mW0yWotcFptbtBgN1xKHb7PWjByLyWS53JgGi7Xo9TFdDBvDamTYN2a74XIzGixn-8ZsN1xuRoPlbN9hMj1Tn7NReNxqPD7FM3aTWW8Og8JlsHh_EtNi2p0dTGff0WnzqZdFndHv9_v9fr_f7_f7DVrPwWxQ-LbRW7Z3DZpL17G5IDYYFLFEcJFOVCan6W95eNZKz-lvEUuUpot0oi_63S7Dw-fyV8QSwekinQj9bpdF_ceHGK7mksVmrlit5orRYpUAAAAAAAAAAJYwZ94EAAAA4DSQ1XI3W63zIEaDzW62Wi5AhJSp7s-xXMhZxi70LqMW-vwET0dQcePHDWVymv6Wh2et9Jz-VgaIkCpl3vyZINZqtawBAAAEsAEAAAK4dfMWmDrF_____8cBAADIyNEDAADQ7wNdwY9eK_TE8RfEYDTbDQ!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: BEE829B09AE262A22D1F4145566A2DFB
Requests: 4 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V7VG8CFgPW4ebAeYgwoQTW4ebAeYgwoQUAAAAGBvQHJGbxWCyuicUt8syWa9HMZlxLHJORWzlZ7WaWxcgw8q2MQGIWj8XimljcIs9suRbNbMa1xDEZuZWT1W5mWYwMI9_KChzGcpkMaoGEZfb7DkK-22UQFV1vi93hNHveUIGm0-Fz3euVntPfZdf43XaJ5S8HAAAAgIf___9_CAAAAIAIAAAAAAkAAAAAioCKfwuBCwAAAACM____fw0AKI4Dsrw8J5fdHwAAAAAgAAAAACQAA_a1JQAVa3Un__________8xA_SZNzL_____NwY9AA8-AA9CAAAAH0Mr5SafGw-4bkQFwkWMAAAAAHKrNxuPJnVCZVH1___fbwVwBQAQYIhexGORpTso8RYGAAAAMLZAD4vfb3bYNX63y_7_________zf7P_tGEmHri0oK64EjVfgEBANZ-AQEA2MYNAOBNAC7oCFoxGKwOQZar1WAymcwOAAAA4O7___9fD0R2G49xsVoMRibHZDIaroYTx2hk3MxMjsXI5Nxs71g3-J-zVQSlz0NYZr_vIOS7XQZR0fW22B1Os-cgPmgYlpNBML8JW4xWk8lmOZwtF5PBcDQcjfY3EIvFACdisFxOJovJbjVajTbD3Wg2WKBADCZI0aLBZDUaTRaT4Wo0Wc2Wi91ugxStWs1Gm8FwNZvMdrvVcDBcjkY4YYvRajLZLIez5WIyGI6Go9EQYcY22s1sk9Fa5LLY3KLFaLiWOHybtWbkWEwmy-XGNFisRa-P6WLYGFYjwxYFA0T2InlapBORy2OabVbGmXE3mCw8ruVk5ZyYHMvdcuFZLlyOiViiOVmkE9llX9ltPMbFajEYmRyTyWi4Gk4co5FxMzM5FiOTc7Pv2Ea7mW0yWotcFptbtBgN1xKHb7PWjByLyWS53JgGi7Xo9TFdDBvDamTYN2a74XIzGixn-8ZsN1xuRoPlbN9hMj1Tn7NReNxqPD7FM3aTWW8Og8JlsHh_EtNi2p0dTGff0WnzqZdFndHv9_v9fr_f7_f7DVrPwWxQ-LbRW7Z3DZpL17G5IDYYFLFEcJFOVCan6W95eNZKz-lvEUuUpot0oi_63S7Dw-fyV8QSwekinQj9bpdF_ceHGK7mksVmrlit5orRYpUAAAAAAAAAAJYwZ94EAAAA4DSQ1XI3W63zIEaDzW62Wi5AhJSp7s-xXMhZxi70LqMW-vwET0dQcePHDWVymv6Wh2et9Jz-VgaIkCpl3vyZINZqtawBAAAEsAEAAAK4dfMWmDrF_____8cBAADIyNEDAADQ7wNdwY9eK_TE8RfEYDTbDQ!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: 34544F4D72E226405CA3E00E634AF3DE
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Frame ID: 55A270B66F7C7E5AB6421E7625DA0A84
Requests: 3 HTTP requests in this frame

Frame: https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: D36F9710D624D063E586A2AA842F8B37
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 3F92712BA661A60A48CC42A7045CFCCE
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F0072667DCFFB641FBC805BF1DA7C925
Requests: 2 HTTP requests in this frame

Frame: https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 0E13CF4476023AC417E3409735519DE8
Requests: 10 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZBKAUwANXiAK3qLNAA3gfkwLdVizVn9gd2pzKw&u=%7CuWCZiUy7qD%2FouEjlkhyXhB4%2B9MTr%2FywVV6%2Fl90EPonU%3D%7C&c1=YJ4X_nXZn4MS-Vyc1jpPlV4VTPO6xzWbMW9ePYRMUYXVfUoF4cAXWYg8h5DGKhCYavayMK6vuCSe5-sUe1T5ah415E2MEw3gENqPGRConXrdVx33HLPhrr7NhQkrGZs8bvaE_-cw6AHWJEBL6ruujjnee_mlAbTgMLghQ8fJhyr6Z1TH11uRb-4R8adOPKv6GzGtYYEZ6HRiY0hw6y3yOY3uIXrxh3yqDDp0vSPHHFWddFNJ-_X9tteYhnl1zksxS1rLK2H8x-CrTQ_O0k2dyPc62n9SSVLVPYfXmE6mnf2rpXz-2SEB-UL8cebwdkQCEVUVIJmR2lmxeNxDiBZYFlcF9aeJ70-FPp_uzlDkSYHz6FHmIeT2jf4uMvJd5VuyD1b-3uEfnavcVG0WSjmr1Ru_rNdb9nN86IHpo3fxV__RyvE4yrOgUTdYnDbAglQq5gB8QjM4rswGiBPF2DbuAXL8AaEeL9Y0ovYtzjwJNxaEaCJuI-Q7WC1ULN2Z_b2wtsotqrDdfBbLHv5BpMB4uPcStpdr6nZmyJXFuq56sCzOLSXlBNxnsPMnP9_jlaJBwO1mOhPNq7C1y59m_GKDUmooQZweisbmJEY0cDA8usiN4zlqbiVq186-LmEci8Pd-dLrqYFKTGQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCOcbEU4ASZKC8Nc3F-gb-wLeICMme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNDY2Mzc1MzQ2Nzk5OTU5NMgBCakCAOdnHn-_sT7gAgCoAwGqBPoBT9DQmMnuoq3muaVA4bxM4gfBq7looj0SiKbJ9Q4uAogMtvrWKqP-ao0NsH3WMF58eVExlShXii2vumuD9hgKnjBAfXuPjDCnWuLZ9hFRAa_Ec9R5NT4CGAjaR5VHzKEU5rJiPjooqRlXSpP8b1wI_IqGkcb-6fNoHec-wOqowzcnkPqq0Jqbkx08s6gXwLMfyCpoN9HyLJ0U1LqVNHZMQTZjeuT4-jidd3LiJeBputRTzmU07aqcF7khLAEYoST9aIR7Soy2ex6DhK6BvkBCnrXrPzyH-N4gGEaztCo3YW-MtkMVHxr9hRd9HlVGepQft7aHk3FUHyz57OAEAYAGg5SY49Ss1K1doAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1YaJYZdyHAmD6X_3fOuWJvjivjKw%26client%3Dca-pub-4663753467999594%26adurl%3D
Frame ID: 990D81805F8825C635F0E54072D85118
Requests: 20 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 635D940EDA39C49DB30FAC5C1CA0E512
Requests: 9 HTTP requests in this frame

Frame: https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: B6A1351FEDA4A42F2B8C63B2ED1CE879
Requests: 9 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZBKAVAAD3OAIEfJHAA9-Fl13UQfuy8fbJs0VWg&u=%7CrBqHi6DA9DlhYDPnWGXsCORbq2qKSqNY3Pch%2F0Ow9jE%3D%7C&c1=YJ4X_nXZn4MS-Vyc1jpPlV4VTPO6xzWbMW9ePYRMUYXVfUoF4cAXWYg8h5DGKhCYavayMK6vuCSe5-sUe1T5akJaCqlgW0l1Z8nIARLKiu92QefvKI7HuQ4HHw_rT1jfSENlurgkp1YrCeutHG4sfADuBXC9QTGKhsCgAUwiAzn8mIekejftBO8JQqyu7I3cuENusM8YmpDWFTDNLAhFXkubc8IQuq-xtpTQCX-IMzhed1aKACCWKmxbJXmqfNlEvliIAEW_eTC0laefqUUCwD2vnhWNWi8w_ZU_7OhIj5g7gYRxasctYCKglMRsRaVDy1QU4WqznHLRLOnZQC0A0cvbCQyGJSlVYgaXyB0NGsyY0LIZhuZPa9ewnaUScF8FzOUfyIuHn6SAfamK7qT4jallhsK2N0Xgc-qlw8OC0v7UGMTcECHwP565fbRzyrgmQW5CHtKCcv0BjGh6GfBjSeRIqjQvXNclgIF-cZ4QcYeF8juMn-yNxYrd6BNMeRKTTFiuuUQ3XQrIujPu99IXyrwz9je63LCJ4K73khib62RE93_96eIw3umACwzW-ZA2ZEOngyV19bGjut84cGNDDnPxDzUV1drx_eU3vFjmXj9CWrIfZPVRYtN34z4l49xz9lWRnxy47x0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCSs0GVIASZOC5D8fkx_APlvy9uAPJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2NjM3NTM0Njc5OTk1OTTIAQmpAmUyKe-Vw7E-4AIAqAMByAMCqgSIAk_QHBV5yLa5wqDyMfm-ZjscAXbIm4kbUI_y-WZgy6gFcX4DN25SyJbeFTwEot0Tnria8TolQmj5VR6GJCTAuiDaoKM57HkkYD1V7jTnyccn1YMDl14NsWJK3MnwG4l3F2FEBzzrMGYELG11vu6vwsyOWsvXO4O_sKyHEzU67JVZrEJWrn1SCXpKKxiAjE-ngin4F8JagL86ko9s24O7RyLXUieRa2zvps0y0jm4qBEwGR6hUzY9UN40sxiwVE7e5vJg2FP0SqMYl6YaBeRn5McFq9TEa58HZIaXk7yWQlbQ3aKz-zDqmq9yc3Loo4uk_cxAt-GB-pC8Gm0qpO5JeO_cfuhlqDr_-eAEAYAGg5SY49Ss1K1doAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0DFsJ9t4HclcN4W-y9GcYVadmMkw%26client%3Dca-pub-4663753467999594%26adurl%3D
Frame ID: C441954530DDC3CD9E8EB47AABD29763
Requests: 21 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 250202810825CBD15CC91F9BB445BAD2
Requests: 9 HTTP requests in this frame

Frame: https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 4A1910E0A08FA0BA70F595B3936A3D00
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pagead/adview?ai=CWyfVVIASZN6uItfkx_AP1u6-uAKQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi00NjYzNzUzNDY3OTk5NTk0yAEJqQIA52cef7-xPuACAKgDAaoEgQJP0Ofdx4q8XBq5tJOnYvu7qF4_hkJEYKHfiPk5yQCVoNOY0YQZ2LZjk40MIoTZW9QcTgN0lVJ9Ynl5UEPEc8XPl2UN-kn0mKkHINdiG61ZFCuNEx2TOP1XL5GgmfM3AS0lylUlDYxLRkucklXuc2NzalwG7LpHqXx5pFmFaZqdYI9S1cVvc7mPRwQ41wTg0FGr2uXVxzmv4DMtwChOeM9Giq3IwajQ8jLOZ49Lcr1LxmwMwupkQDv6tx5d0lQK2B3TPScSJyyeIc-8bV6uv6G4JzDJ1Ckdl2YV23wya0TEU-WEHYoFV4yLgK7820XX-3RXOjIMPICFFMhloGv4E-aa8-AEAYAGmpb-sfuW9_XIAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgECACgH6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItNDY2Mzc1MzQ2Nzk5OTU5NBiHsA4&sigh=Q1rl1JNXXvM&uach_m=[UACH]&cid=CAQSOwDUE5ym4KNG9Ia7vc-xWDYI6txPV1iEnf6mi5BSAOiFW_c6zwiVzosonVX0_eTzmdAOjsopTAUqB_5YGAE
Frame ID: 5965BD5E62D9830A7A8EB2FC935E4CC7
Requests: 7 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1ge6p0phj9812vb6rgfs87gz9fkff76m5dtcwvpawzenp68vcacfebk2jhvhd4s10kzwgx2q0es2qks9m3rfp25t4gxq493nrwmydbrk1d93rb8mdf7w37y3edtgsfzk86tejkzq80q2gkmw7f7phks39k2zhjj1e057dg24m9q012aapmzjzhp6ar6xpv5saxns760c3ybkweh4cejxtxqe95ncw6t083byyezqqrk86yp5pak9sqdvhtqemfpgwabh37c803gq3kqpy5qfwd85xyhhe0v9zdb5tsffwarvabr5thxkjkfznrc0t9mns9gdkdc68t4xcdbn5djm7j5p88e618y11d7ww3z2p57ye399vph0w6c3dvx1g2hrmrhpa2fe95pk6ghjk9jyq6dh5j9j7ypsrbgwaqrfdv0skg0b9j9a9t5kaehy0br0nc1g5mh3&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCqRdFVIASZN6uItfkx_AP1u6-uAKQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi00NjYzNzUzNDY3OTk5NTk0yAEJqQIA52cef7-xPuACAKgDAaoEhAJP0Ofdx4q8XBq5tJOnYvu7qF4_hkJEYKHfiPk5yQCVoNOY0YQZ2LZjk40MIoTZW9QcTgN0lVJ9Ynl5UEPEc8XPl2UN-kn0mKkHINdiG61ZFCuNEx2TOP1XL5GgmfM3AS0lylUlDYxLRkucklXuc2NzalwG7LpHqXx5pFmFaZqdYI9S1cVvc7mPRwQ41wTg0FGr2uXVxzmv4DMtwChOeM9Giq3IwajQ8jLOZ49Lcr1LxmwMwupkQDv6tx5d0lQK2B3TPScSJyyeIc-8bV6uv6G4JzDJ1Ckdl2YV23xwaWVWhBwDXUKCHxpRyTwO4lHdVn55Iu-M_skX7Fx7jHMtz3naO4hJs-AEAYAGmpb-sfuW9_XIAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3v7_XTkID9SZOrn-HTnhR28xABcg%26client%3Dca-pub-4663753467999594%26adurl%3D
Frame ID: D7D9AD1512895A06B9E8571AA2C91854
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 09AD9F14BB15B3C2F0CE046D2213B19E
Requests: 9 HTTP requests in this frame

Frame: https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 54AD93A4171B2F0D568DCE6ADC511057
Requests: 9 HTTP requests in this frame

Frame: https://webservices.webspectator.com/adunitMapping?appId=2739&eaup=/22452847/Istoe_Home&eolid=null&eci=null&ct=%7B%7D&w=300&h=250&wsRotSlot=&isda=1
Frame ID: 00B3BE2C4F550BD313F68F42F8B69C66
Requests: 2 HTTP requests in this frame

Frame: https://webservices.webspectator.com/adunitMapping?appId=2739&eaup=/22452847/Istoe_Home&eolid=null&eci=null&ct=%7B%7D&w=300&h=250&wsRotSlot=&isda=1
Frame ID: DE32CD5EF9DD9A5444DA04BB9F79154C
Requests: 2 HTTP requests in this frame

Frame: https://webservices.webspectator.com/adunitMapping?appId=2739&eaup=/22452847/Istoe_Home&eolid=null&eci=null&ct=%7B%22pos%22%3A%5B%222%22%5D%7D&w=728&h=90&wsRotSlot=&isda=1
Frame ID: DD01D4B06DB74691705909102F72FF37
Requests: 2 HTTP requests in this frame

Frame: https://webservices.webspectator.com/adunitMapping?appId=2739&eaup=/22452847/Istoe_Home&eolid=null&eci=null&ct=%7B%22pos%22%3A%5B%22top%22%5D%7D&w=728&h=90&wsRotSlot=&isda=1
Frame ID: F0D55A198AB8991CB28DA58AA3EB54AB
Requests: 2 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1kr6g6ejqyc6a7fr67cemxs8jyjbmtnvq692tqbpsb2khzz7j4rbf3rrxw7s1c2769e87rzb29bdp0c483wp1g10yntensmny0hjvnm96zgfmnezjb7wnzj4wzr565cmvx8rmzynxzagtwy7dg065f50txgne4xkskf8jr424859chj3svprxecr7a1n963rh0vextjksz4z7ywnt2yptsjwxw57b4aa2wb8zdc37grrckfv84jspwvfrbjr9v898fcb768dqtj0g8cfqwsdbj1rraq14tx1cdh31vgr79rryr16j2fksmm0hw80x0jr32my33f44n892e7bdadkf22hsjr3bj52mvchrztpd12tgav4rp3b7s2r9c3bj2bw07znw1d4sdna3c7hcjmyzgcf2ksap54rnpcaa3fa6rw9m3vyvrjy5mfzvc8msph2kfe0p43p58&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCiEQdVIASZP_yLfHHgAeUp4-AC5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2NjM3NTM0Njc5OTk1OTTIAQmpAgDnZx5_v7E-4AIAqAMBqgSEAk_Q7gBQpO7JbEaAFZWRB0w-AEfP81mPmsCp4pOjHh1rQcP8rckbuVsDoLXI8iODWUE2TIpv8QxowbWYYgpCed8kHfWMG736AaY1Mdd3N15owzKRbkis_hU68GN8ol96m_otgE3NL8FAqRWCTcxNTsSMqhxB8c25r5G7Qh1qlyAmHvpjHNQi3lom2ZKWxHnQsjen57_3zlcaBTKnclM72K1yuvNgEeLEUMvTzKV558rbIZuwKsJgASfQhJYM7Sgc3Zf-dL7eGxMAar5jAGLV0e50v7-nRdOhgk7uj36k0q10ceUkiCgPL_R7bfl9sgBPmWR2gi94V3VYvieMmvlKX07Luxq_4AQBgAa1_JHwlYSy7-IBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1EJRfbFprEuTn7cAn6LhfHQw5NlQ%26client%3Dca-pub-4663753467999594%26adurl%3D
Frame ID: 1047CA79FCC7DB26AE8C65AEA1B8F878
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 0920167048EEF94A11A6E09C09EE9A1A
Requests: 9 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 8EB47C4C4DBC99CDDCF8E8E76E38A927
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 6CF5170078145471FBD8749BF2AF5184
Requests: 1 HTTP requests in this frame

Frame: https://api.retargetly.com/api?id=3368&src=0&url=https%3A%2F%2Fistoe.com.br%2F&browserUrl=undefined&ref=&utmz=&n=ISTO%C3%89%20Independente&md=A%20mais%20combativa%20revista%20semanal%20de%20informa%C3%A7%C3%A3o%20e%20interesse%20geral%20do%20Brasil&mk=&il=0&limit_drop=&userid=925d32e2-f5b2-4194-978f-0a1081db4ee1&idx=&fullVersionList=&platform=&_rlid=925d32e2-f5b2-4194-978f-0a1081db4ee1
Frame ID: A8BBAF52C07C79896532F51CF9A74955
Requests: 18 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=117569%2C23576%2C188429&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2C1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQ%2CmD8hefGfWJ6jsmHZHZtztJGjTKSwTeezuGgw2&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2Cw7DHdfjf8V8cEHRH2tEC447HzSATmm3aKJ23%2C791CqfzfjD9JarHXHgtECVdXS4S1TQQ2f2kBW&c=300&d=250&e=&g=25e6c7aeb1b44dbbf8c55b0596511241%2F2691818786668666848&i=29981%2C20774%2C21596&j=16%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1678934101377&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j5gkp344grpf1az49ek8szpjtqymffqs7q44mc3bdg7shr3s98w09eh25ajbta2rj5bm3awpwxh63vzj6e8fp8y882rm3mf4py61h1fesdvqba6w1vsh1jpxb813pvanyka1nd0vwkm34xss9d00dhj2rsth217nzhj4pp5wc3d1nk03gpejbxz9r66ab7hwzq2wrf4d04nbgtgpxedfggytktscsy6zwj7cx769vhx5kj9grr1qt6hqtsbjbhk7j0e1jjc9argefpw8qgtbbbs%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCiEQdVIASZP_yLfHHgAeUp4-AC5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2NjM3NTM0Njc5OTk1OTTIAQmpAgDnZx5_v7E-4AIAqAMBqgSEAk_Q7gBQpO7JbEaAFZWRB0w-AEfP81mPmsCp4pOjHh1rQcP8rckbuVsDoLXI8iODWUE2TIpv8QxowbWYYgpCed8kHfWMG736AaY1Mdd3N15owzKRbkis_hU68GN8ol96m_otgE3NL8FAqRWCTcxNTsSMqhxB8c25r5G7Qh1qlyAmHvpjHNQi3lom2ZKWxHnQsjen57_3zlcaBTKnclM72K1yuvNgEeLEUMvTzKV558rbIZuwKsJgASfQhJYM7Sgc3Zf-dL7eGxMAar5jAGLV0e50v7-nRdOhgk7uj36k0q10ceUkiCgPL_R7bfl9sgBPmWR2gi94V3VYvieMmvlKX07Luxq_4AQBgAa1_JHwlYSy7-IBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1EJRfbFprEuTn7cAn6LhfHQw5NlQ%2526client%253Dca-pub-4663753467999594%2526adurl%253D&y=1&s=&z=0
Frame ID: 2F139855BD1CCAB87084619D7FB9243D
Requests: 11 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=117569&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=300&d=50&e=&g=3fd3a9e393a89ccf7cfc346b485cc1e6%2F13706121768195100782&i=29981&j=16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1678934101378&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gdmwkbp2zn0k1wpnbk3dxy7hw8vx5q3nx00a79f0w25fpky3e8bddm2dht5qbq2vew0za126z8jcrbazydrwxwmx55w0ka0cdz6mexmnfykambxeprqpj82krntj5x2v2m812vmhxzk97cttztv2xdwh51ft329rkavk7rntpz63drqqscs08m3cm0me4866c612adggdcmxsrckns5hdtzh7jpbmggqnvxhj54s75ksrhnz0xp0aj7nvh9bvrt6sx0redw3kwxhsddrz4fahdc%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCqRdFVIASZN6uItfkx_AP1u6-uAKQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi00NjYzNzUzNDY3OTk5NTk0yAEJqQIA52cef7-xPuACAKgDAaoEhAJP0Ofdx4q8XBq5tJOnYvu7qF4_hkJEYKHfiPk5yQCVoNOY0YQZ2LZjk40MIoTZW9QcTgN0lVJ9Ynl5UEPEc8XPl2UN-kn0mKkHINdiG61ZFCuNEx2TOP1XL5GgmfM3AS0lylUlDYxLRkucklXuc2NzalwG7LpHqXx5pFmFaZqdYI9S1cVvc7mPRwQ41wTg0FGr2uXVxzmv4DMtwChOeM9Giq3IwajQ8jLOZ49Lcr1LxmwMwupkQDv6tx5d0lQK2B3TPScSJyyeIc-8bV6uv6G4JzDJ1Ckdl2YV23xwaWVWhBwDXUKCHxpRyTwO4lHdVn55Iu-M_skX7Fx7jHMtz3naO4hJs-AEAYAGmpb-sfuW9_XIAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3v7_XTkID9SZOrn-HTnhR28xABcg%2526client%253Dca-pub-4663753467999594%2526adurl%253D&y=1&s=&z=0
Frame ID: EA635C36C0D2F420E8AA8DFAF880F8C1
Requests: 5 HTTP requests in this frame

Frame: https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: D90A6A1492814010DA432C22212F2400
Requests: 9 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1kxqbwg7fy21nh3cxc9a5nmavj3rejmtb9r3gwpvxgdwq3pxdkgc7n2vdjqxsf07bnjph0h8cr1davdsks0kmne40akf5w95s867bhznzcm2ezr8myx1yxf9sw3kk3xdr5yj6arrv4bdr9ax4spsfgk61bx07s0gcy6j58beq94x5ebvbz9xcb70sgxjac2dfz9a9dw5w4gevfvhf5qjv1ntkatdvv6ttr2j5j6jb8hzvh1s1q68n9gxqdjr94rcpp9jjb4q640vqbexqq57n62y70q60ves1pesavrs28qpqxr0pv8tw0treqegttbq1ycfbjh9heymhttjk2hbnrgr6cvbd1mwq6kcv1m1yar5w0ka7r2t1t5nc62t6n7a0trs0bskkv092nydr5gwgn37jy4djyer6xbwh3z01y1b5hd09gvmvtze3ydk8hepc4p7pj1e&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_Cj5VIASZPm9OIrQgAeQqK2oA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2NjM3NTM0Njc5OTk1OTTIAQmpAgDnZx5_v7E-4AIAqAMBqgSAAk_QAd2LJOOOnqgkFMSbiMaukxvt8ZPXCDXdilCKZ9AAFAfxolbWpuWJrB8Ic67iSMW8ztUC_TebhLRp6SVIMr92MusQfdQ8q8YG8BPKw595FA08thWJLoYK1A0zVKJFlgKxuFgZ3R61gYXlb3J7h_hmKst4-vPuW42PuiRMFr0hRrHx1ZDIa6MUNjWTQWwp-yAPu51ab46Ezd93h1VcbuTZYgIGnmbxOiCvcTY9JysZZ34obeXJvpeh1oOctauNsu5H9MO9vgX2HCq5e4SH8Xym342nzlJ7-2StG9rHNmELdVv-WshtJRs6i473kfNHE_aAYQcwyz3K4jTGltKYxFXgBAGABoGV2N-QofbviAGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1-0bIM517TruYWEzUEr2gX30cMFg%26client%3Dca-pub-4663753467999594%26adurl%3D
Frame ID: B0E1DD74CCE5E75C470B5CCEADA82B0A
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 9EFAB84A6B7657B2B6E722CC750D9803
Requests: 9 HTTP requests in this frame

Frame: https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 0CBCF6CB1BA216DFE018C043E51BC8EC
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 64A4DFB9B681BE086B872B31B7F2E494
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pagead/adview?ai=C4OCvVYASZMPXFtPl7gOmtYSIDJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2NjM3NTM0Njc5OTk1OTTIAQmpAgDnZx5_v7E-4AIAqAMBqgT9AU_Q7KJpvZhMgEubt9hAermc6GrbdHIM1pm8a1K-2TI0EQLg4DH6JMTjB1_XbCsEy65MkF9VLvZ-AepGxjtuiYjUut4GZTZsO2niciZJNqJbhYdbu8Br24a-6Z1LsumTq-cJSUkaF6PlsQRrVYfkm2sF6xytxlo8fuWswthrnVVr6zTJdHiaAuJzuw-VsPrFZ4fuYMqkwOAB-DmmB37--yVDV4YxLMQeJWUXmx_nyxZ40BE4uF3qveoCCxUZr92k7j0yGd2pD9vpXykMxHUGlM8JTylQGqSJBg5RZ9LNFxa7a_PWae4a9YfYZtwyS24w64gvy76IVRZapQe_YwzgBAGABpqW_rH7lvf1yAGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBAgAoB-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTQ2NjM3NTM0Njc5OTk1OTQYh7AO&sigh=7bhjaNZ82wk&uach_m=[UACH]&cid=CAQSPADUE5ymOe37FKT5iSLds5mhXTzlPYWZsXZRrk4Rus652s-Rih3cN66jO8KsibmQiGDuF2NWWhlVHjI_uRgB
Frame ID: 5001F19B55B805C1DB8B1C252AC2997A
Requests: 8 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1g294dxd48kkn0mscv844628xc0bsmfgwp61vwzpj3dn90essn44h41jyxzgfx788zpvx4e0zdt7hxq2j5n5z6t4fafgv2jb5bcx8wdd4g03xhfct2j884s1n1af6qr5t3wkm722y3d6rtxb52gpytc3v0zyeejqmetcw0d62d9nhkjbs7ew11zh7yt0zb4p2fk0d8v9b0ky2nge1npw4kay8dyjekb80ensaxt03ka9nydwr62psy7x8vxn7s5v20n28v6vvqhs013rrmg7gptne7hxq078gm4yzhnhad5hg0wbzqznjeezbcbned3kbtxqv43yqnbngm0skmm51zk7ms0ntck9y9b6aqzk4a2wvte3zrt9yy7x177599ptpm4nnna4c88efmwyqpv8qd5s6dbng2m6yt9gfkfwwv5gvwq8bmnb2vt20gqq2a52vkd01cd0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC1PsgVYASZMPXFtPl7gOmtYSIDJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2NjM3NTM0Njc5OTk1OTTIAQmpAgDnZx5_v7E-4AIAqAMBqgSAAk_Q7KJpvZhMgEubt9hAermc6GrbdHIM1pm8a1K-2TI0EQLg4DH6JMTjB1_XbCsEy65MkF9VLvZ-AepGxjtuiYjUut4GZTZsO2niciZJNqJbhYdbu8Br24a-6Z1LsumTq-cJSUkaF6PlsQRrVYfkm2sF6xytxlo8fuWswthrnVVr6zTJdHiaAuJzuw-VsPrFZ4fuYMqkwOAB-DmmB37--yVDV4YxLMQeJWUXmx_nyxZ40BE4uF3qveoCCxUZr92k7j0yGd2pD9vpXykMxHUGlM8JTylQGqSJRAxw9QU0kFZz7LtAs6eIB77MbHE4ZXbta0pmWUYcSzpCcNsgI8RcrLzgBAGABpqW_rH7lvf1yAGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2-SAun4UsMWBuXvTgeIAvi4nR7uw%26client%3Dca-pub-4663753467999594%26adurl%3D
Frame ID: 3020E0248234DF98460C883BFE50FC08
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: C74E4853D5811BAE87428AAB7BD21D7F
Requests: 9 HTTP requests in this frame

Frame: https://webservices.webspectator.com/adunitMapping?appId=2739&eaup=/22452847/Istoe_Home&eolid=null&eci=null&ct=%7B%7D&w=970&h=250&wsRotSlot=&isda=1
Frame ID: 3ED279FE0622737C672CEEB558BAF284
Requests: 2 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=23576%2C188429%2C197862&b=1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQ%2CmD8hefGfWJ6jsmHZHZtztJGjTKSwTeezuGgw2%2C3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3&f=w7DHdfjf8V8cEHRH2tEC447HzSATmm3aKJ23%2C791CqfzfjD9JarHXHgtECVdXS4S1TQQ2f2kBW%2CWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W&c=970&d=90&e=&g=7c690a3cdd766b61e9925b3172d84479%2F13427897391999105021&i=20774%2C21596%2C71725&j=14%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1678934101730&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kz9c904epy01zzg2d0zamjzmdn9qxncctnp9mbqkva43fc7dx3nwm2x4r9qk8ben4v2pky3s6vxb80h2a4qhk17080472w5y4y13scp7y82jf9bx0aq4mn42eh3df93e63jw88syhvzgzwjtfr51sd6n5wryn4y22w501vghf6t7f7sej7a9ca8d7fcmch8c46eq192a028e0a8vrw0d46e7291dgqb0f9td21n5q12hswpmeh4cekfdg02xbm5svv1sre5gd2hb7tjyvpwe7w1%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC_Cj5VIASZPm9OIrQgAeQqK2oA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2NjM3NTM0Njc5OTk1OTTIAQmpAgDnZx5_v7E-4AIAqAMBqgSAAk_QAd2LJOOOnqgkFMSbiMaukxvt8ZPXCDXdilCKZ9AAFAfxolbWpuWJrB8Ic67iSMW8ztUC_TebhLRp6SVIMr92MusQfdQ8q8YG8BPKw595FA08thWJLoYK1A0zVKJFlgKxuFgZ3R61gYXlb3J7h_hmKst4-vPuW42PuiRMFr0hRrHx1ZDIa6MUNjWTQWwp-yAPu51ab46Ezd93h1VcbuTZYgIGnmbxOiCvcTY9JysZZ34obeXJvpeh1oOctauNsu5H9MO9vgX2HCq5e4SH8Xym342nzlJ7-2StG9rHNmELdVv-WshtJRs6i473kfNHE_aAYQcwyz3K4jTGltKYxFXgBAGABoGV2N-QofbviAGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1-0bIM517TruYWEzUEr2gX30cMFg%2526client%253Dca-pub-4663753467999594%2526adurl%253D&y=1&s=&z=0
Frame ID: 6DA3AA6D633DCDCC15EE761C01A14F34
Requests: 14 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 47EF30743215F5447ADD8133AF906FCC
Requests: 1 HTTP requests in this frame

Frame: https://pixel.mathtag.com/sync/iframe?mt_uuid=3c146412-8055-4a00-966b-ee3f29a568d0&no_iframe=1&exsync=https%3A%2F%2Fapp.retargetly.com%2Fsync%3Fsid%3D%5BMM_UUID%5D%26pid%3D10&mt_lim=12&source=mathtag
Frame ID: 0452272D00B39651282791C0024936BE
Requests: 5 HTTP requests in this frame

Frame: https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 6E364784856B669C778D0239AF0AD570
Requests: 1 HTTP requests in this frame

Frame: https://webservices.webspectator.com/adunitMapping?appId=2739&eaup=/22452847/Istoe_Home&eolid=null&eci=null&ct=%7B%7D&w=300&h=250&wsRotSlot=&isda=1
Frame ID: C3467602AC98212DEDDE45F946CB6E7E
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pagead/adview?ai=CM2DLVYASZLbjII2VgAfdx5iYA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2NjM3NTM0Njc5OTk1OTTIAQmpAgDnZx5_v7E-4AIAqAMBqgSCAk_QGQSz3xJT6XZ4DEnkwwisfGIhGSDp8Jl6OntfMt1X59Cerd7AVG0oaSmxr47qczQUoJn5e1AQiJIuRgvJYRyU-OaaUlm9Ae5C0vazt3UXYvVUvVyq74YmFOEigWHkDkSOyX-u85m94P4Otz_QOfqGujjmzZ8ynG9-W3ZlsXpXlYg2E7U7xGrRqAk6L2FKukezTrEUzS5bRt4OOiMByl2VWfsqT7Xe2LVZSHMArglChQHj_M2dDJBVA64T_9L_cF4Su6tFRK7kc-QTL1qhkVOd18PwIHLajW93m4CbCNLD2qnGdpW0MwBwdLRaaVR-NMMyRo_VeUsXiAexA_8R4Homh-AEAYAG79rjt9a5xbd1oAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQIAKAfoLAggBgAwB0BUBgBcBshccChoSFHB1Yi00NjYzNzUzNDY3OTk5NTk0GIewDg&sigh=9Df9nlh4mbs&uach_m=[UACH]&cid=CAQSPADUE5ymtFh8PMpYLV_FxM_F4B5YQHqqmBU_Zf8psNskRpvNItmbBH7CAlXo3Xo8828mO0NukS3evi_XlRgB
Frame ID: 7D553BCA53E522EAC9B8B2C4463BB4FF
Requests: 7 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1jknb8d1qvdc9hnxr0jfwhzz0xva55vm0fkayd9k8e8xe4j85h9ss27vq5wj9ther6t49f266sy26zx3v8ds8kgxmtd8g2yxgxnshyh7e9p1fmxv4ncsqctapv9k3wck4rgg3a0rfakh2fk45vetpzx04yzfvxbdh082g3d0zd4qa0744kt2vmy8dzkr8gb27x3cj9gngxp6e0aj2wnzgbdr8ek9fjnckbfx9qjf0y5bk55cqr7s4hy9nvgj33pbafm0mf6a7c52yj1rrbj6na9b330wh7xag25q91vc7jheejhqabwx9apaks5btvpjt4m1p5pkw59r87pn8c8rpdwjr375jdc83rczrpt8sw0zg3zv62mjszw0hfwm3d3pbp51ekgq7xtkfnwdadb07m8j69x0xjvjqmg10jtc7mj35rnnb6cfn3jf04p5c5zccn88mwndxg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCIcIfVYASZLbjII2VgAfdx5iYA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2NjM3NTM0Njc5OTk1OTTIAQmpAgDnZx5_v7E-4AIAqAMBqgSFAk_QGQSz3xJT6XZ4DEnkwwisfGIhGSDp8Jl6OntfMt1X59Cerd7AVG0oaSmxr47qczQUoJn5e1AQiJIuRgvJYRyU-OaaUlm9Ae5C0vazt3UXYvVUvVyq74YmFOEigWHkDkSOyX-u85m94P4Otz_QOfqGujjmzZ8ynG9-W3ZlsXpXlYg2E7U7xGrRqAk6L2FKukezTrEUzS5bRt4OOiMByl2VWfsqT7Xe2LVZSHMArglChQHj_M2dDJBVA64T_9L_cF4Su6tFRK7kc-QTL1qhkVOd18PwIHLajW93m4DZCvNRDVBBNl0ze5aqPSaoUEB0mckcXlJVuwKFcJOvL-fEPOVmT57nteAEAYAG79rjt9a5xbd1oAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1-Or66cd7sSfL0C0ihoipdMfswLQ%26client%3Dca-pub-4663753467999594%26adurl%3D
Frame ID: 73A81642A07167049BBDE34988E827F6
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 3152B559B83A8095846BC7DD69F625E6
Requests: 9 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=183975&b=Z28fwfBfz65xcmHDHDt3tJ41C6SXTQQefY5jB&f=9kMaMfmfdxAeTKHBH2tzCrAPh9SmTzzmSrbBX&c=300&d=50&e=&g=cd1fb562a5c28a206adb2f621606ffec%2F12969081154049086728&i=20597&j=21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1678934102002&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kw2v85m5xpjr2ywr1z63batqxjr7se1q050nq2c803qdb8petef495yd83rxz6p54p6an3rk8w13c0nr1ephp70t766b0f19m3pbn75qc7mkhvge82essvm9ykmrc974bahsaxhndkwjz8cchgw2nba68gb89k5k9e5e6b727rah696z8z32s4ec9tbaxg2ffqqe1b477m36zw7dh5j87sh42g5q6f5nyeqw14smr0p6whpa60zs9h28nmr6y761qdz33xxxcqp2cwj26d0fqwe%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC1PsgVYASZMPXFtPl7gOmtYSIDJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2NjM3NTM0Njc5OTk1OTTIAQmpAgDnZx5_v7E-4AIAqAMBqgSAAk_Q7KJpvZhMgEubt9hAermc6GrbdHIM1pm8a1K-2TI0EQLg4DH6JMTjB1_XbCsEy65MkF9VLvZ-AepGxjtuiYjUut4GZTZsO2niciZJNqJbhYdbu8Br24a-6Z1LsumTq-cJSUkaF6PlsQRrVYfkm2sF6xytxlo8fuWswthrnVVr6zTJdHiaAuJzuw-VsPrFZ4fuYMqkwOAB-DmmB37--yVDV4YxLMQeJWUXmx_nyxZ40BE4uF3qveoCCxUZr92k7j0yGd2pD9vpXykMxHUGlM8JTylQGqSJRAxw9QU0kFZz7LtAs6eIB77MbHE4ZXbta0pmWUYcSzpCcNsgI8RcrLzgBAGABpqW_rH7lvf1yAGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2-SAun4UsMWBuXvTgeIAvi4nR7uw%2526client%253Dca-pub-4663753467999594%2526adurl%253D&y=1&s=&z=0
Frame ID: 31EBF2C17488EBEB804626A3158727AA
Requests: 8 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 1BCC2437D7B0767E4A72272962BD6672
Requests: 1 HTTP requests in this frame

Frame: https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 0BE86ECE1A4FF147CC8B0D6A09B27D6F
Requests: 9 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZBKAVQAM2HMIEfB1AAlkZ_9xwddT7hYBjNkCew&u=%7CtL5M0cBJr6hUM1OTb3nul9t2gLQ456%2FJKMSvvDk%2FLl4%3D%7C&c1=YJ4X_nXZn4MS-Vyc1jpPlV4VTPO6xzWbMW9ePYRMUYXVfUoF4cAXWY4IDGxyAu5zOLBuBlPze-AX3ZVsQJGtw57CEIsnB4xvtzisV2IamoyYEv1G_xfosXphBmvyyeWyLHYscSWQnlN-n8ol_-8rBJfNE9hQ7t8p6M-wzoRjP6MI1XytYNZGZcpQbBu1mDk019XTpzxA0F3xm_LOZiIVwdvebgqO5IebWmPwZ7gwyhp9Oje4AYyrbnKfyGeLRyR3-B5qYHoHy-L5ul2timwYyhI0n_Ar_x-1a5Ps_hL8WZL_sjIy8ZX6eILr-Z_M614usVHFhEJMcAkPrRvWkmnyFe4yJ-vPn6A0CPBKO84wVDG7RvouXE_5fcPZ0eUr0Kn3mWEcReZsyrE4GXr3YSJTKaDEAOA_e-BbjYvTKZ1uzwHtBOX26TPw-UQaVA7xMWVf7JGQkW9NoJDE_M7uW6Ks3LgD3cBXrEI0wk-bUvJv7Ym_fNw9-cMMfl3EB23U2ZRS-zKhxm1uej0Q1SXI8HMTmCgpBjKcO9QU6VhIXg61MGDmfXbgzax187gYGsaqDUWJa2DumDTi3tF7NKLxclI049DHTCd_yRTfPkCfHxyv1j4Ws5hyjxYkdy5LZqNKcB73qKRcNMmGUls&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCOydXVYASZPOwM_Xgx_AP58il0AHJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2NjM3NTM0Njc5OTk1OTTIAQmpAgDnZx5_v7E-4AIAqAMBqgSEAk_QZ1_AETdkrhzfclfKtbKewy0r-RCp7BpvyMlkU_csQRrxdUDwH8E5pDKQ7TsAkd2siBzxGXfLm4Cbw2KMNbzpFChu4IHYditfQ7NDCXpo4trBmjfo0wrlgJNJ6Ev6V8dFa9d1WQccCko_PaH25bvM6qy9XC9Owywc7eqrp4nCbUdre9_F1X8QT5cjJ1K7EauXK0O12VMBMxs2JhUNtS59tfgFuWpTR9APCRFBqOtc5UDpgCxa3AJlp3WiXfA7I0opOnBdsHpcSM5oE1PnlDv9hSqJN6CTO4WoTL78AkT_NlLh_kpdQh1W-xQ_S7TUdM18V0tJcGwsaDzi7uqrMuDiJ8Rn4AQBgAaDlJjj1KzUrV2gBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1ZxzDPY8B0zZOaUZ2Q4TddrRDzCg%26client%3Dca-pub-4663753467999594%26adurl%3D
Frame ID: BFE807C8AE6FC475BC63E8EEED71BD7F
Requests: 21 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: EECF809C19E50F85F9FEE8F5B7CCAEBC
Requests: 9 HTTP requests in this frame

Frame: https://webservices.webspectator.com/adunitMapping?appId=2739&eaup=/22452847/Istoe_Home&eolid=null&eci=null&ct=%7B%7D&w=300&h=600&wsRotSlot=&isda=1
Frame ID: 85ED00E7FFC9D9B95F6FA5E403CB2A5B
Requests: 2 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=15573%2C196439%2C321735&b=G1rtBfpfVz7cKHeHGtPtdwJHZSYTJJkCQV5M%2CM7YHzfrfjePRUWHEHGtDt2jpCBS4TxxZhE2wV%2C3qjcpf4fVbD3f7HrHAtEtMAbQaPSWTKKMsg2Y3&f=Vb8twfmfRKbSVHbHAtXC4bmHBSzTggWuDJ7x%2C61wtef3fMW9mfeHmHYtEC5kmtYS1T33PTERYG%2CWPefrfdfVrKWfYH5HjtDCEP1qt3SETVVmU9Q8W&c=120&d=600&e=&g=869f10d2fd16e15a18b2b3676b17bd38%2F15749568168597614057&i=26474%2C25174%2C110819&j=41%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1678934102297&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jy1z1n2g71jdkm05axvscd31wzx33vbmt1hb5g2f17s232h860htthpjwjfb9v7msbt2qpvrjkjtgcvrx4r412qkcdm2n247vbs83pxt0p11j7mgtrjvaxr38bkacjn4g8sc21ahqzae1g0bxbzmtng5k78g30bd721r7yzkvdvnh3sht53w1812ab08f3p8rtgx49tayr11m62y8m9qnqqkmbpm2rk0pbtnmc5sh19erqw8gxcsm9nb9j4187jj44mp3shj2p1wcebrgxpkj2j%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCIcIfVYASZLbjII2VgAfdx5iYA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2NjM3NTM0Njc5OTk1OTTIAQmpAgDnZx5_v7E-4AIAqAMBqgSFAk_QGQSz3xJT6XZ4DEnkwwisfGIhGSDp8Jl6OntfMt1X59Cerd7AVG0oaSmxr47qczQUoJn5e1AQiJIuRgvJYRyU-OaaUlm9Ae5C0vazt3UXYvVUvVyq74YmFOEigWHkDkSOyX-u85m94P4Otz_QOfqGujjmzZ8ynG9-W3ZlsXpXlYg2E7U7xGrRqAk6L2FKukezTrEUzS5bRt4OOiMByl2VWfsqT7Xe2LVZSHMArglChQHj_M2dDJBVA64T_9L_cF4Su6tFRK7kc-QTL1qhkVOd18PwIHLajW93m4DZCvNRDVBBNl0ze5aqPSaoUEB0mckcXlJVuwKFcJOvL-fEPOVmT57nteAEAYAG79rjt9a5xbd1oAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1-Or66cd7sSfL0C0ihoipdMfswLQ%2526client%253Dca-pub-4663753467999594%2526adurl%253D&y=1&s=&z=0
Frame ID: A7D18069427A708D66C2C5AA99E87D0C
Requests: 14 HTTP requests in this frame

Frame: https://webservices.webspectator.com/adunitMapping?appId=2739&eaup=/22452847/Istoe_Home&eolid=null&eci=null&ct=%7B%7D&w=970&h=250&wsRotSlot=&isda=1
Frame ID: 106FDE336434412C992426757B94D1B2
Requests: 2 HTTP requests in this frame

Frame: https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 72B72BCED73C56E2E46B1D7AFBDCDD58
Requests: 8 HTTP requests in this frame

Frame: https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 72075F20F0A9E71AF58190E6CA1A7045
Requests: 9 HTTP requests in this frame

Frame: https://webservices.webspectator.com/adunitMapping?appId=2739&eaup=/22452847/Istoe_Home&eolid=null&eci=null&ct=%7B%22pos%22%3A%5B%223%22%5D%7D&w=728&h=90&wsRotSlot=&isda=1
Frame ID: B74A03DA8FDBDF28EAE9234F8ABEBCAD
Requests: 2 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1gtm31qmgeard06krq87cknyrwzmm4hjtst03z0sk7nb1hf3ebnnhz77v291mcbsk3r5z7dpyr8jwnd8f7w86bypffrqgecawbvvemrnwhtedcdsk8t1we9m69xcvf041vv85qw1jqcf88cs8f32kfmjpd55s0fy6mtsrzfan6p7kd6fjp3c1ar602smerww8q1cf5mqe7vp8441v1q232yx3zdht4733dyj2csr10vph09ahdjw2xbdw3q4cvrw27cmd4sbw8z854mk86tty3by68vkadm6d97hss96rfggbn6g08348q7e5rw8v7mjy4szafhj9yn8txt077k3ebhzwfs0zgkgnmcdfjttvp2gf8w6epxvrpatgweqjaept7rr6zvp44sm7zsr6nsy2tetvrf72rmp4g3ew2saqawem10tn1bv7asz6w936c0d76gws5nn&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC8NDHVoASZPHNA6zHx_APrJee-AGQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi00NjYzNzUzNDY3OTk5NTk0yAEJqQIA52cef7-xPuACAKgDAaoEgAJP0K-bFVbdti8XsUr0ZV5Yr66sXCp57Dtpc6TqSzxMVHTg1VLEHk0ETeXxmK4mnTOycMA1pLE3fnnPd-TroSxasfGhGrDgs8RXwt3xpd_vjD6qH4QhYyMKB6me7mxmpFLn9ToUmv2zwU70xn6Zx_4IL_m7BlRr5zOcngVhO3sMU5Gnui52Gg6t2_AQbZr0GNdul7WHuyE2_K52bmzaF1a9BsPEf0U2Ff2touLkkrA8x_WEsBZqJr_w2kGuaVyOwofbowzsKMPqkOYOUPo1dIs2AU0p5OPx3JZjom6UxTZlM1_sQrzEiU1phUtz6s8qE59QtrecZk_Keq9nougYFgON4AQBgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2xgkY2wtJNXXK1WyWe-SzTrqvKdQ%26client%3Dca-pub-4663753467999594%26adurl%3D
Frame ID: B5BF72D36849DC4618B3F4D695358645
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: DCBBD20180A121DAC89003BCF3458F9F
Requests: 5 HTTP requests in this frame

Frame: https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 73878439D9CDF56115BC9BE1828BA329
Requests: 9 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1h3wecdh5ma6q0qemv8cxymps4abb86ayd0pp8nqwyphdy4tcn64km4xt5a18mfgjwkvhqp7f68eqs6swrm8r2phzncc12x8trtv3fvk02rb5sx1asmmx09rg4e07t292mf5rwzst3da6eezg9qh8z948sk814zdz620p167fj440p8svaexk8zyh3nbsmaf4sqaxeq04hmqtbacsfhz3xtfctrc2yah3wwfrmt0qa0yqej803rtewvj1t8xwnh26ycrg8nbyj0t1vwe0m3855e2m5f7m6qzpfge0xcskwqn3dpp8vggtygh725x75rww94mtvgy81vp4d0wa34vdnk47rtzgzwwm6f9b2yem78ckccqnssc3gz34gm9a5my9fd4mbzwd7b0s7sbtzww7yywk9p3dshp69k6dvrzzb50x1wnmm6stwhghfszdzb9ne2qdawckc&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_gMoVoASZJzNGcT5-gbZi6nIAZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2NjM3NTM0Njc5OTk1OTTIAQmpAgDnZx5_v7E-4AIAqAMBqgSEAk_QFkOhtqSvsB_DXfvZWX3sQhDVRnodOaVg3Qfg3fPkBqFrUUnJvUvgC3FN9-uWr9ZA3TOpGczRZYAsPBz5lGMphZ7GiHBqJ_1q3RiUCGSqJp-hcglevgemtrDuqBfFcWEzHg-CSwyApLBgLSPm__EU2qGF8NtI8txJHYZ2PTGPsdKM-nOqDDnwoy4dQbpHJuWyfvHMpfrI44slqDTajyxY_qm3eWDAvKajiXJBy_gpM51EW5e7OGGag29ZXDBGeU-sr4q8NIR-uXXDCgZlqR5OgfVxpUO_YfyPN0OaldnykgyfMXkpDdIW8JqW-rQuOoQrdtdC3TtX1f0kDQp9YfARI9sS4AQBgAaS9aHpmoa-1xagBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0t_Xs6HrGda2NuAB76qiUuoHAZhQ%26client%3Dca-pub-4663753467999594%26adurl%3D
Frame ID: 098C89639C1EE319D1DD76B7E5E5BE4A
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 24B3074409A103BC5AB31F57FD000F04
Requests: 5 HTTP requests in this frame

Frame: https://webservices.webspectator.com/adunitMapping?appId=2739&eaup=/22452847/Istoe_Home&eolid=null&eci=null&ct=%7B%22pos%22%3A%5B%224%22%5D%7D&w=970&h=250&wsRotSlot=&isda=1
Frame ID: 470F9090C7340AB75B14D60B82ED9E34
Requests: 2 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1hrz5pks30fkse0nmnstnpy7nf72zy9v4mqya02cfgz5fqq9s1tcctkb5ef46f86g1e0sb7a3ay0tb741jnccf7ns9wgxr5dx7cbx6x2s0jrk5jymrvshbx6h6h2e4g190sa29rh3p237jmcfbf30mmfwsms8fq9e8g09ymh06173pq0c4cnvcx89ey752b9cn1ebe0bnahv65asaph5qvy7kdfqegepj05cxqpn83pwvwptgxjvpb126kfqrdgztjb4ezkcwsdwv869erfxkg954y66j2b2yzj7kpgczprayak85vpwnww3w2vxztaqshmcsb8rstsxpw7cfmcqydx4ka2zfzb9vj3bkybzyp8fstzb3ekt5ccysh039kr0bj00y7hsfr9apjw3bcspj8ecbmetszeaawvmvjjbb2qhfmc5fc3b6n3xbf6j8h9z6z9jxf4v&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC2rg2VoASZOnUK8Lj7gPklKugB5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2NjM3NTM0Njc5OTk1OTTIAQmpAmUyKe-Vw7E-4AIAqAMBqgSAAk_QXHnjBdlqGlDUc9kBs-Y4gHWeWKh7fFdn5sqqbJ3bcFYlNXUNokN4EEeM3fwfErcBVzFXq7ujR7O7vOyvP7OGGg0-nLRi6_1UTL6wCJuYYUikIPL5a3dUhPTrACFTWWW78m4VXYyOoXJ7Z9dYzfrXkxwDzYIfInFVaJKwY3sRS2GWoWVk3hrq9azKf6V8Lj66Fty8LvoReiAneCS3r5GEWT3yP5kOS_-tqySh3X3wMHiMXJn2CoDzfvM8jBFex20M0qtbGBW7AKDevBAD9KWm15-G_2BEl-nyBHEMs_wuBmjjmmRS9uhSZRBUftMT5fvqv_Wmd4IsdivU8AeMVAbgBAGABrnqssHX0466vgGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_29pSuQS7WbIJCBaoJJQ9HIiAJecw%26client%3Dca-pub-4663753467999594%26adurl%3D
Frame ID: 1A69333D7AEAB2AA54B09F599C9DB1CF
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 2A617684AA28A57C8E8D86EF0B2877A8
Requests: 5 HTTP requests in this frame

Frame: https://webservices.webspectator.com/adunitMapping?appId=2739&eaup=/22452847/Istoe_Home&eolid=null&eci=null&ct=%7B%7D&w=728&h=90&wsRotSlot=&isda=1
Frame ID: F491C8B41209D2BE84DCB9F57C8798C8
Requests: 2 HTTP requests in this frame

Frame: https://resources-rt.idx.lat/relytopics.html?siteUrl=https://istoe.com.br
Frame ID: 639FA648740C34ACCBC811C4463D370F
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 4A8384A558632D89C128753DBF773C85
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: EA69E6C22E2923350C9E8D21B5C30008
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: FDFF7A8067FCB07867E2D170B36E555D
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=19769%2C325408%2C29002&b=jk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2CD13t3fwf26AYC3HmH9t1tkKwQsxSmTYYQSZMQg%2CxmDFQfAf7EJCPHdHztQtxJEH7S6TKKps17xd&f=xmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2Cdk8aEfkf5W2qcEHjHwtqC5wK3CeS4T55PfgVPW%2CY4Xsrf3fr5gaVH9HetgCpQ5HkS1Tddju1ZYe&c=800&d=250&e=&g=307dd0c0ec66c5a5a55caa41fad61896%2F723741124875372859&i=21630%2C84417%2C25052&j=16%2C52%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1678934103834&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gwv99q3pzw60219sxy42b2tx60j6sanmd34z7r6a4epeakyjcfq877qcew5gypt1tz4acmt3fhj78drtjt7pcmvhhcz6qkzhge7pw2505z0tfw4scy9ae7nad6pk346kvmzghdxj08car0q6s0e83qpyr9zec84cbrkmgzvatpabxkrk6eyz53986ah309npd08531ea3jwwk8tthz0y2dq7heb8pxmw2ky2x3nhyxrew2pdhh8z4k184kfd11q1td19vahy42pe3306cznwa0d%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC_gMoVoASZJzNGcT5-gbZi6nIAZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2NjM3NTM0Njc5OTk1OTTIAQmpAgDnZx5_v7E-4AIAqAMBqgSEAk_QFkOhtqSvsB_DXfvZWX3sQhDVRnodOaVg3Qfg3fPkBqFrUUnJvUvgC3FN9-uWr9ZA3TOpGczRZYAsPBz5lGMphZ7GiHBqJ_1q3RiUCGSqJp-hcglevgemtrDuqBfFcWEzHg-CSwyApLBgLSPm__EU2qGF8NtI8txJHYZ2PTGPsdKM-nOqDDnwoy4dQbpHJuWyfvHMpfrI44slqDTajyxY_qm3eWDAvKajiXJBy_gpM51EW5e7OGGag29ZXDBGeU-sr4q8NIR-uXXDCgZlqR5OgfVxpUO_YfyPN0OaldnykgyfMXkpDdIW8JqW-rQuOoQrdtdC3TtX1f0kDQp9YfARI9sS4AQBgAaS9aHpmoa-1xagBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0t_Xs6HrGda2NuAB76qiUuoHAZhQ%2526client%253Dca-pub-4663753467999594%2526adurl%253D&y=1&s=&z=0
Frame ID: B3D0E47D3A4F0A1E8B0D927D6959ADD6
Requests: 11 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=63352%2C64769%2C117569&b=PGBuBfbfKY6mt9HjHbtMtY9qCJS9TDDAU6R3D%2Cjk8aEfGfx6VAuYHEH2t6txexsZSzT11bTdrg7%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=bk8aQfZfKqZRtYHbHzt8CqGxubSJTMMZHKqQP%2CxmDFQfAfAZzjsPHdHztDC3E3s7S6TKKps17xd%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=728&d=90&e=&g=fbdd7d044dd5f0856f103cfefc557fa0%2F969736781405137192&i=28908%2C27835%2C29981&j=24%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1678934103836&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jcw6wt12gjdeks4b4gnrapx75hyk3v2d86vdy5tvbgdpvh60v2asea1x2nb82337jt5vn768hhhj22eat1mg2768g4b470284a4hqq0hc0x1vdazce949zwwbczsw9r2hkaa1k6xwyfra77ht8w6vv9vt6fyngwjnrpts6pkp3b4g3c3y8h78sym3wvcm4gkn5g0r1rkkzn64xpxyj2rbcga6kycz9d05w58zk7pmcyfdzd9n7p8am028rbaky6mypzw90gapcqe3zvaa71mdyx%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC8NDHVoASZPHNA6zHx_APrJee-AGQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi00NjYzNzUzNDY3OTk5NTk0yAEJqQIA52cef7-xPuACAKgDAaoEgAJP0K-bFVbdti8XsUr0ZV5Yr66sXCp57Dtpc6TqSzxMVHTg1VLEHk0ETeXxmK4mnTOycMA1pLE3fnnPd-TroSxasfGhGrDgs8RXwt3xpd_vjD6qH4QhYyMKB6me7mxmpFLn9ToUmv2zwU70xn6Zx_4IL_m7BlRr5zOcngVhO3sMU5Gnui52Gg6t2_AQbZr0GNdul7WHuyE2_K52bmzaF1a9BsPEf0U2Ff2touLkkrA8x_WEsBZqJr_w2kGuaVyOwofbowzsKMPqkOYOUPo1dIs2AU0p5OPx3JZjom6UxTZlM1_sQrzEiU1phUtz6s8qE59QtrecZk_Keq9nougYFgON4AQBgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2xgkY2wtJNXXK1WyWe-SzTrqvKdQ%2526client%253Dca-pub-4663753467999594%2526adurl%253D&y=1&s=&z=0
Frame ID: 1213AAD7811660C514B8EB7376C1736A
Requests: 12 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=19458%2C188429%2C197862&b=Z28fwfBf6wRUmHDHDt3tJJZC6SXTQQefY5jB%2CmD8hefGfWJ6jsmHZHZtztJGjTKSwTeezuGgw2%2C3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3&f=9kMaMfmfxEVFKHBH2tzCrr9U9SmTzzmSrbBX%2C791CqfzfjD9JarHXHgtECVdXS4S1TQQ2f2kBW%2CWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W&c=728&d=90&e=&g=64369f81fb561724c4f54962039ede43%2F2990747796723692709&i=20774%2C21596%2C71725&j=14%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1678934103843&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kfqz9v6skd2jye7dyyy3cd7q1kmnh209sppdnst3gm7bnwpnky0jh6y3qh3nhhpfmqtvwy21zke5wekbxa5v0hbw979w9r1epa3w2trnj8swj3h2evk2xzxvy1bhfn2xytkzcyrz3hj1ejsmw6s680xxx4sqpmk0tp7ymjc3256kwjcew18ddfhvq87bm6wf25bnk2m6bxp7p5qjs1t7c6t9v5csqr8graetcnq954wvkcsxk3z4qzv04aqff2y75txzqnzfvr87hx26eyqwt37%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC2rg2VoASZOnUK8Lj7gPklKugB5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2NjM3NTM0Njc5OTk1OTTIAQmpAmUyKe-Vw7E-4AIAqAMBqgSAAk_QXHnjBdlqGlDUc9kBs-Y4gHWeWKh7fFdn5sqqbJ3bcFYlNXUNokN4EEeM3fwfErcBVzFXq7ujR7O7vOyvP7OGGg0-nLRi6_1UTL6wCJuYYUikIPL5a3dUhPTrACFTWWW78m4VXYyOoXJ7Z9dYzfrXkxwDzYIfInFVaJKwY3sRS2GWoWVk3hrq9azKf6V8Lj66Fty8LvoReiAneCS3r5GEWT3yP5kOS_-tqySh3X3wMHiMXJn2CoDzfvM8jBFex20M0qtbGBW7AKDevBAD9KWm15-G_2BEl-nyBHEMs_wuBmjjmmRS9uhSZRBUftMT5fvqv_Wmd4IsdivU8AeMVAbgBAGABrnqssHX0466vgGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_29pSuQS7WbIJCBaoJJQ9HIiAJecw%2526client%253Dca-pub-4663753467999594%2526adurl%253D&y=1&s=&z=0
Frame ID: 285FB4D509C3CDCB363632074CDBC12C
Requests: 13 HTTP requests in this frame

Frame: https://trck.trendtours.de/trck/htlp/htlp.html?utm_medium=affiliate&host=trendtours.de&pvid=641280582dc1a65b330c2175&gdpr=0&gdpr_consent=
Frame ID: 5F177743F8B37C2A92BF219DC2AE1B57
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

ISTOÉ Independente

Page URL History Show full URLs

  1. http://istoe.com.br/ HTTP 301
    https://istoe.com.br/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • /prebid\.js
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • swfobject.*\.js
Overall confidence: 100%
Detected patterns
  • analytics\.webgains\.io
Overall confidence: 100%
Detected patterns
  • <iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
  • //cdn\.jsdelivr\.net/

Page Statistics

608
Requests

88 %
HTTPS

41 %
IPv6

85
Domains

141
Subdomains

98
IPs

12
Countries

9604 kB
Transfer

19539 kB
Size

96
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://istoe.com.br/ HTTP 301
    https://istoe.com.br/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 19
  • https://sb.scorecardresearch.com/cs/36204834/beacon.js HTTP 302
  • https://sb.scorecardresearch.com/internal-cs/default/beacon.js
Request Chain 104
  • https://t.myvisualiq.net/impression_pixel?r=2023-03-16+02%3A34%3A57&et=i&ago=212&ao=993&aca=29365277&si=5791742&ci=187403626&pi=360634535&ad=551613956&advt=12325410&chnl=-7&vndr=115&sz=9675&u={AuctionID};&viq_did={device}&pt=I HTTP 302
  • https://t.myvisualiq.net/ul_cb/impression_pixel?r=2023-03-16+02%3A34%3A57&et=i&ago=212&ao=993&aca=29365277&si=5791742&ci=187403626&pi=360634535&ad=551613956&advt=12325410&chnl=-7&vndr=115&sz=9675&u={AuctionID};&viq_did={device}&pt=I
Request Chain 106
  • https://ad.doubleclick.net/ddm/trackimp/N1153793.1006845TABOOLA.COM/B29365277.360634535;dc_trk_aid=551613956;dc_trk_cid=187403626;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=?;dc_ref=istoe.com.br HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N1153793.1006845TABOOLA.COM/B29365277.360634535;dc_pre=CNuf-fO03_0CFd-JgwcdKXMA8w;dc_trk_aid=551613956;dc_trk_cid=187403626;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=?;dc_ref=istoe.com.br
Request Chain 116
  • https://ups.analytics.yahoo.com/ups/58534/occ HTTP 302
  • https://ups.analytics.yahoo.com/ups/58534/occ?verify=true HTTP 302
  • https://sync.taboola.com/sg/yahoosspus-network/1/rtb-h/?taboola_hm=y-xrGN8WJE2uEiFx_2VW7hdXfuwn3Uwy0hs0OAw.Y-~A
Request Chain 137
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=311433673BB34B5B82256424283E0853&RedC=c.clarity.ms&MXFR=1EF61144FDAB6CDF226A0392F9AB62F1 HTTP 302
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=311433673BB34B5B82256424283E0853&MUID=095BE670DD7B69680811F4A6DC1068EB
Request Chain 178
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESECPd2fM973wE9XFfShjjkhU&google_cver=1&google_push=Aa02lx_f3OChJN7fTJmKCOijZjVvUD3c9JSdDko0DtaJWGzGZMN5HE2FxBu-k-JWHiNar-nFDJJvK52IqJSPVgRFfwpniGCg3AygSQ HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESECPd2fM973wE9XFfShjjkhU&google_cver=1&google_push=Aa02lx_f3OChJN7fTJmKCOijZjVvUD3c9JSdDko0DtaJWGzGZMN5HE2FxBu-k-JWHiNar-nFDJJvK52IqJSPVgRFfwpniGCg3AygSQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aa02lx_f3OChJN7fTJmKCOijZjVvUD3c9JSdDko0DtaJWGzGZMN5HE2FxBu-k-JWHiNar-nFDJJvK52IqJSPVgRFfwpniGCg3AygSQ&google_hm=61oV0SubRpeZ0qD2sK8LDA==
Request Chain 180
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEA13GUoJzYIDswM3hN9v4WI&google_cver=1&google_push=Aa02lx8L9UnYwsQXRHfNWnEKlSDKv3EQq72FG6VbxfdweOEpKf9ZymNb532vXbMeMlc8BS2E4_RFCjKA6ZMOy3h7n6B-BqgcUqr39A HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=Aa02lx8L9UnYwsQXRHfNWnEKlSDKv3EQq72FG6VbxfdweOEpKf9ZymNb532vXbMeMlc8BS2E4_RFCjKA6ZMOy3h7n6B-BqgcUqr39A
Request Chain 181
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESELCIdYS103sDN2VfOQLeTLw&google_cver=1&google_push=Aa02lx8pKubTrLlFzANyKP5U3G-hmbHbJfHMtHCFAX4dgaozE2nKx16YxXOm233ND9BRB7fgx-FrlCIBMH0L7G_qUTN1-empbJkLw8E HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx8pKubTrLlFzANyKP5U3G-hmbHbJfHMtHCFAX4dgaozE2nKx16YxXOm233ND9BRB7fgx-FrlCIBMH0L7G_qUTN1-empbJkLw8E
Request Chain 182
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEMSVKeEgIoh7bYWgrqk70WY&google_cver=1&google_push=Aa02lx_MwYmfirON7m_QaGRfTSuyxb-UCt7vEwL2osZp6n5zDK0llK4KcGmYR9Yvedwmziz_ihyY1XZvsL5xxT4nColUZEYdWEv7OrQ HTTP 302
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=Aa02lx_MwYmfirON7m_QaGRfTSuyxb-UCt7vEwL2osZp6n5zDK0llK4KcGmYR9Yvedwmziz_ihyY1XZvsL5xxT4nColUZEYdWEv7OrQ&google_gid=CAESEMSVKeEgIoh7bYWgrqk70WY HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTI4NDIyMzk1MzA2MzIxMzE4Mjc5&google_push=Aa02lx_MwYmfirON7m_QaGRfTSuyxb-UCt7vEwL2osZp6n5zDK0llK4KcGmYR9Yvedwmziz_ihyY1XZvsL5xxT4nColUZEYdWEv7OrQ
Request Chain 183
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESELCIdYS103sDN2VfOQLeTLw&google_cver=1&google_push=Aa02lx8trkjJr9NXmui917Nhy2GxM0hdQT3oyMhEzJX5jDcuBAjBQKd8oGig9aAEA3jqTBdCMJa2ZpO39dLn8HcOw1eTogsWlA1uUCE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx8trkjJr9NXmui917Nhy2GxM0hdQT3oyMhEzJX5jDcuBAjBQKd8oGig9aAEA3jqTBdCMJa2ZpO39dLn8HcOw1eTogsWlA1uUCE HTTP 302
  • https://onetag-sys.com/match/?int_id=19&google_error=5
Request Chain 184
  • https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEAxtwdx1oFb2jbY0G_bNhys&google_cver=1&google_push=Aa02lx9QrAEvdr53ePovcHQ6DyCLexyCuTTR7dGyXAGVniTSl5RY2pbxWnNqVNEmy0ZAV6Y2GO0Y7rHuOugR9v7dGnKvEKdLScch5ynJ HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dxandr_eb%26google_hm%3D%24%7BBASE64_UID_ENC%7D%26google_gid%3DCAESEAxtwdx1oFb2jbY0G_bNhys%26google_cver%3D1%26google_push%3DAa02lx9QrAEvdr53ePovcHQ6DyCLexyCuTTR7dGyXAGVniTSl5RY2pbxWnNqVNEmy0ZAV6Y2GO0Y7rHuOugR9v7dGnKvEKdLScch5ynJ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MzY1NzQ5MTg1OTMwOTk0MjQ4NA%3D%3D&google_gid=CAESEAxtwdx1oFb2jbY0G_bNhys&google_cver=1&google_push=Aa02lx9QrAEvdr53ePovcHQ6DyCLexyCuTTR7dGyXAGVniTSl5RY2pbxWnNqVNEmy0ZAV6Y2GO0Y7rHuOugR9v7dGnKvEKdLScch5ynJ
Request Chain 223
  • https://um.simpli.fi/gp_match?google_gid=CAESEFmyTzcJEhLuqsQ7Ch-kiY0&google_cver=1&google_push=Aa02lx8klCZtiaBkjl1Bi7UklIGjUt_BTUANAwHh8u6kOw5PdEoRqHjjefs4VTxNQiPFkrw0qO_9xEVtE9RwXunLKU9f2-pDScOX3TnG HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=D8ACA06350D24CF5A364B7DEDB2460F0&google_push=Aa02lx8klCZtiaBkjl1Bi7UklIGjUt_BTUANAwHh8u6kOw5PdEoRqHjjefs4VTxNQiPFkrw0qO_9xEVtE9RwXunLKU9f2-pDScOX3TnG
Request Chain 224
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEEpH1QRMm03x6LbmzZIfrMk&google_cver=1&google_push=Aa02lx_m64DqJGSWWDi60hzWmXb2qohTl0MZncT5RnNdAbs73gg1rgRzSmwSkXl25nqX1bGcTXbxoDEhL-BJT4QngoNy-WojGLZeQFeT HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=GAgVF0hATGSnbxIhnH0jiA2&google_push=Aa02lx_m64DqJGSWWDi60hzWmXb2qohTl0MZncT5RnNdAbs73gg1rgRzSmwSkXl25nqX1bGcTXbxoDEhL-BJT4QngoNy-WojGLZeQFeT
Request Chain 225
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESELMUqqtsQMJ9Wfm-v_c1QaU&google_cver=1&google_push=Aa02lx_a1Uhb_UkDnLkX9Cf3-OjfgizycOZx2G1cXMgkKz_J_uYCZecoHyZqC7scBJJ_kzuIbZfu9oED4Rx4cOz18w5RI1jJCK8XEsnm HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESELMUqqtsQMJ9Wfm-v_c1QaU&google_cver=1&google_push=Aa02lx_a1Uhb_UkDnLkX9Cf3-OjfgizycOZx2G1cXMgkKz_J_uYCZecoHyZqC7scBJJ_kzuIbZfu9oED4Rx4cOz18w5RI1jJCK8XEsnm HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTI5NzMyMzM5Njg2NjMyNzE&google_push=Aa02lx_a1Uhb_UkDnLkX9Cf3-OjfgizycOZx2G1cXMgkKz_J_uYCZecoHyZqC7scBJJ_kzuIbZfu9oED4Rx4cOz18w5RI1jJCK8XEsnm
Request Chain 226
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEPn-ktZkHyw5KC3iI61lYt8&google_cver=1&google_push=Aa02lx_Hfu0QQuBYD3LSa-2CJWoY4dg3zLeurb8iNRGKl3KOJZZjrMgpKBMRU3jO2x8AdS3R-4GtohNobwMYi3SXe6xibm12pQPhVaP- HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEPn-ktZkHyw5KC3iI61lYt8&google_cver=1&google_push=Aa02lx_Hfu0QQuBYD3LSa-2CJWoY4dg3zLeurb8iNRGKl3KOJZZjrMgpKBMRU3jO2x8AdS3R-4GtohNobwMYi3SXe6xibm12pQPhVaP-&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=R2P-67vIS-uNSMH57vsZFQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aa02lx_Hfu0QQuBYD3LSa-2CJWoY4dg3zLeurb8iNRGKl3KOJZZjrMgpKBMRU3jO2x8AdS3R-4GtohNobwMYi3SXe6xibm12pQPhVaP-
Request Chain 227
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEFBQAtuAAn7L_-lcaVbXVOU&google_cver=1&google_push=Aa02lx-MkxuREHQyMTAqlnyEFuSEc0uB1gpij9dU1jwHYTJyhze76QX8OuxWagxL4aVK6d1v9E8TFQDDC5f6eTC5aY3HUjx8kmkTHYL6 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx-MkxuREHQyMTAqlnyEFuSEc0uB1gpij9dU1jwHYTJyhze76QX8OuxWagxL4aVK6d1v9E8TFQDDC5f6eTC5aY3HUjx8kmkTHYL6
Request Chain 228
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEM4LAigo7LUa4YUhJgEvDKM&google_cver=1&google_push=Aa02lx-74QNzWMTODNUJ28o6XyOBB-W-oIOPHsaURsDzITbJM5TUg-UfhNmurMypaXgeBZVUxKFyc-h9Gfx_PzPhlke8awxqvn2sB0xvlQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1lUDJSZ2VCRTJ1RU5aNHdkRHMxYzlUcS5CUjZ5NmVIMH5B&google_push=Aa02lx-74QNzWMTODNUJ28o6XyOBB-W-oIOPHsaURsDzITbJM5TUg-UfhNmurMypaXgeBZVUxKFyc-h9Gfx_PzPhlke8awxqvn2sB0xvlQ
Request Chain 268
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEOQTZoQNHdBEzsAoJA4JarA&google_cver=1&google_push=Aa02lx-k3nf8E-Rup1wnWcWIpeJIlwy7xwT1wGUsGGWqUQxqCbNmQjXr7qBqWMKoIs4fKY6E7W-_3HQBaznzn0KxzJNAOhmqzczM1UQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEOQTZoQNHdBEzsAoJA4JarA&google_push=Aa02lx-k3nf8E-Rup1wnWcWIpeJIlwy7xwT1wGUsGGWqUQxqCbNmQjXr7qBqWMKoIs4fKY6E7W-_3HQBaznzn0KxzJNAOhmqzczM1UQ
Request Chain 270
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEDxrucS-iUCY8eEhVeMuwPI&google_cver=1&google_push=Aa02lx_qqQ_K_cy6Vm5YtSL5U9VcIDz5tICZjnrqiexoVq8kteXTOJuJRgyDH1-48hhTacbGf15N-_9zOuHSYPWG3lfTS1YyUZ8OU2g HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=GAgVF0hATGSnbxIhnH0jiA2&google_push=Aa02lx_qqQ_K_cy6Vm5YtSL5U9VcIDz5tICZjnrqiexoVq8kteXTOJuJRgyDH1-48hhTacbGf15N-_9zOuHSYPWG3lfTS1YyUZ8OU2g
Request Chain 272
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEIW1UZPUzlfK-WVqhaZeB5M&google_cver=1&google_push=Aa02lx8hQQtUj0SXyN9F3RiVprySJxK23SNk7sXd1Uoj84H35s-k9XYlo-h9elntxRYAkCBF6vn2DN3dxwO43PGDH4RKMKH10AOo4mo HTTP 307
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEIW1UZPUzlfK-WVqhaZeB5M&google_cver=1&google_push=Aa02lx8hQQtUj0SXyN9F3RiVprySJxK23SNk7sXd1Uoj84H35s-k9XYlo-h9elntxRYAkCBF6vn2DN3dxwO43PGDH4RKMKH10AOo4mo&sovrn_retry=true HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=Aa02lx8hQQtUj0SXyN9F3RiVprySJxK23SNk7sXd1Uoj84H35s-k9XYlo-h9elntxRYAkCBF6vn2DN3dxwO43PGDH4RKMKH10AOo4mo&google_hm=GUVbuGZHvBNjuENaQKekY4O-
Request Chain 273
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEJLFHiO6FH9Kkb0z7QJoEgw&google_cver=1&google_push=Aa02lx_O_fWDmiZl19zlO24Eb-z0I6zs1FOOX1gq2aU4Td__lTI2z8YGEVL8nItHKWZtCTQtwBvFdS1cV0apyZCegO_-4L8YB61Qmt8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTI4NDIyMzk1MzA2MzIxMzE4Mjc5&google_push=Aa02lx_O_fWDmiZl19zlO24Eb-z0I6zs1FOOX1gq2aU4Td__lTI2z8YGEVL8nItHKWZtCTQtwBvFdS1cV0apyZCegO_-4L8YB61Qmt8
Request Chain 292
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEBQAEmbQlyIMXv9xJ8u4VAM&google_cver=1&google_push=Aa02lx-Hd8mbuevGeOqeIkSNjia9pMMGpL_7mUmAJviZYLjJQ5e3GGIxpl6vj21GgLfdgbtQGSFag2CyEMk0NyNtdhiLpXL9rUm1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=Aa02lx-Hd8mbuevGeOqeIkSNjia9pMMGpL_7mUmAJviZYLjJQ5e3GGIxpl6vj21GgLfdgbtQGSFag2CyEMk0NyNtdhiLpXL9rUm1&google_hm=RRHcez6TAyIA49RpZJ4gmQ
Request Chain 295
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEEfhmixOfZ8McK7BNWFpeWo&google_cver=1&google_push=Aa02lx8gQv5227PO6zn3MBhy6BGTi2eodaRCAFsknpp4fd0ihza0qVwF7cMEA4DeTtCHtbm1twFmkw08Y8OSNAkQ0HlOJ3rIVFf- HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=R2P-67vIS-uNSMH57vsZFQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aa02lx8gQv5227PO6zn3MBhy6BGTi2eodaRCAFsknpp4fd0ihza0qVwF7cMEA4DeTtCHtbm1twFmkw08Y8OSNAkQ0HlOJ3rIVFf-
Request Chain 296
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESELOOnR3Or4tGNfqO-ZuswaA&google_cver=1&google_push=Aa02lx85E8rOQu4lkCttf0xwdwm_bc0vg7NbMPVuYPQ3_xD5gvMbiibdmmwnrmqyFqQ6cHkYMLOGGNjeoQvbJaEHmoJQQ3Reaxs HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEZBSTBKS1MtMi0yV0FE&google_push=Aa02lx85E8rOQu4lkCttf0xwdwm_bc0vg7NbMPVuYPQ3_xD5gvMbiibdmmwnrmqyFqQ6cHkYMLOGGNjeoQvbJaEHmoJQQ3Reaxs
Request Chain 297
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEA4gwKpoxe-yiswdCzBKdo8&google_cver=1&google_push=Aa02lx8E78Q2cUQdJ1hM_vQAEvyNdAvlfaxgLg_61Oi5ZmGA_I3NCirdDVM9-Ap8AiLpb4JhyDm3gDvy1RsMXOMoSJi50-6fJmXc HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEA4gwKpoxe-yiswdCzBKdo8&google_push=Aa02lx8E78Q2cUQdJ1hM_vQAEvyNdAvlfaxgLg_61Oi5ZmGA_I3NCirdDVM9-Ap8AiLpb4JhyDm3gDvy1RsMXOMoSJi50-6fJmXc&s=184023&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEA4gwKpoxe-yiswdCzBKdo8&google_hm=ZBKAVfho4sdd9xtVFr86WwAAFJkAAAIB&google_nid=index&google_push=Aa02lx8E78Q2cUQdJ1hM_vQAEvyNdAvlfaxgLg_61Oi5ZmGA_I3NCirdDVM9-Ap8AiLpb4JhyDm3gDvy1RsMXOMoSJi50-6fJmXc
Request Chain 309
  • https://api.retargetly.com/api?id=3368&src=0&url=https%3A%2F%2Fistoe.com.br%2F&browserUrl=undefined&ref=&utmz=&n=ISTO%C3%89%20Independente&md=A%20mais%20combativa%20revista%20semanal%20de%20informa%C3%A7%C3%A3o%20e%20interesse%20geral%20do%20Brasil&mk=&il=0&limit_drop=&userid=925d32e2-f5b2-4194-978f-0a1081db4ee1&idx=&fullVersionList=&platform= HTTP 302
  • https://api.retargetly.com/api?id=3368&src=0&url=https%3A%2F%2Fistoe.com.br%2F&browserUrl=undefined&ref=&utmz=&n=ISTO%C3%89%20Independente&md=A%20mais%20combativa%20revista%20semanal%20de%20informa%C3%A7%C3%A3o%20e%20interesse%20geral%20do%20Brasil&mk=&il=0&limit_drop=&userid=925d32e2-f5b2-4194-978f-0a1081db4ee1&idx=&fullVersionList=&platform=&_rlid=925d32e2-f5b2-4194-978f-0a1081db4ee1
Request Chain 328
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D120211V1226132702M%26subid%3Dviewoneid1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQoneid__suite_Netmix_Reach121_BESTPERFORMER%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CNXk4PW03_0CFXmDgwcdVK8COA;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D120211V1226132702M%26subid%3Dviewoneid1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQoneid__suite_Netmix_Reach121_BESTPERFORMER%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
  • https://www.telefonica-partner.de/tpv.php?t=120211V1226132702M&subid=viewoneid1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://www.lead-alliance.net/tpv.php?t=120211V1226132702M&subid=viewoneid1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=120211&s_id=2023031603350182889743761X120211V1226132702MSviewoneid1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&cons=0&spid=2023031603350182889743761X120211V1226132702MSviewoneid1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQoneid__suite_Netmix_Reach121_BESTPERFORMER&wfid=120211&partnerid=12218
Request Chain 331
  • https://www.awin1.com/cshow.php?s=2470172&v=11354&q=377133&r=412871&pv=1&pref3=oneidmD8hefGfWJ6jsmHZHZtztJGjTKSwTeezuGgw2oneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://www.conrad.de/ztpv.php?awc=11354_412871_1678934101_26b783c0-c3a3-11ed-b09e-2262db7920ac&insert=AW&&gdpr=0&gdpr_consent=
Request Chain 345
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEHnAlwFbwPscqDSlEey-JjY&google_cver=1&google_push=Aa02lx-0gzZCnHEgcXYEwKGec1XvgVm-nfz70FhQjOgtJxJtnT6KJeSUKmgNL-qwD2r2Je7kV5WTZYeiGU6TWm6DQ58AJTXPKFzPbq8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=Aa02lx-0gzZCnHEgcXYEwKGec1XvgVm-nfz70FhQjOgtJxJtnT6KJeSUKmgNL-qwD2r2Je7kV5WTZYeiGU6TWm6DQ58AJTXPKFzPbq8&google_hm=RRHcez6TAyIA49RpZJ4gmQ
Request Chain 346
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEGJz2ZP4hDra7fQVXz9YQlU&google_cver=1&google_push=Aa02lx-_lGXRCS0K5OEtujV6bAMytFjciBAI95in3QuZE7iNa8BLf09JN9xe06h_0F7e7IKxHSgEsLfAjWBBnH0Ee5OrVACxuUo8t-0 HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEGJz2ZP4hDra7fQVXz9YQlU&google_cver=1&google_push=Aa02lx-_lGXRCS0K5OEtujV6bAMytFjciBAI95in3QuZE7iNa8BLf09JN9xe06h_0F7e7IKxHSgEsLfAjWBBnH0Ee5OrVACxuUo8t-0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=Mko3MkpmTWYxUENEc2g1&google_gid=CAESEGJz2ZP4hDra7fQVXz9YQlU&google_cver=1&google_push=Aa02lx-_lGXRCS0K5OEtujV6bAMytFjciBAI95in3QuZE7iNa8BLf09JN9xe06h_0F7e7IKxHSgEsLfAjWBBnH0Ee5OrVACxuUo8t-0
Request Chain 347
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEIKf4UeoEEaGBKi9rDbdr_8&google_cver=1&google_push=Aa02lx_Z2Dfb_B2dRuIoCBlHEa6Cc6tpXel6ut2CTwoHssKFwr9OH7_9WOp9i3RwsPL-1GHBUlgH0W3OorbDx1lPKP8lQBEGpwXDZLI&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAa02lx_Z2Dfb_B2dRuIoCBlHEa6Cc6tpXel6ut2CTwoHssKFwr9OH7_9WOp9i3RwsPL-1GHBUlgH0W3OorbDx1lPKP8lQBEGpwXDZLI%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEIKf4UeoEEaGBKi9rDbdr_8&google_cver=1&google_push=Aa02lx_Z2Dfb_B2dRuIoCBlHEa6Cc6tpXel6ut2CTwoHssKFwr9OH7_9WOp9i3RwsPL-1GHBUlgH0W3OorbDx1lPKP8lQBEGpwXDZLI&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAa02lx_Z2Dfb_B2dRuIoCBlHEa6Cc6tpXel6ut2CTwoHssKFwr9OH7_9WOp9i3RwsPL-1GHBUlgH0W3OorbDx1lPKP8lQBEGpwXDZLI%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 348
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEJYD5oMKmYZjtcNEMl-Bafs&google_cver=1&google_push=Aa02lx8jovZP24DgUITsZR4G1N0OH8GrpZh2BDj0MJDxd-oFQZxhOFWfe8asVx2uALxGSLhwQhT_uVUv0no1_V2sXbwwNacXBXbJbiU HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIxMDk2NzA1NTk0MzU5NjE4NQ%3D%3D&google_push=Aa02lx8jovZP24DgUITsZR4G1N0OH8GrpZh2BDj0MJDxd-oFQZxhOFWfe8asVx2uALxGSLhwQhT_uVUv0no1_V2sXbwwNacXBXbJbiU
Request Chain 349
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESECQKQjopYjV42ZBOntoa2Hg&google_cver=1&google_push=Aa02lx8dGwwJ4NXWoJT3oqPjgCtiCsbLEY6A3a60_6fBME7JYCf7VrEJcug0VrAcMfHWHL11Icnh-EY52AiWWZQJOFsDPqjAtutxJd4 HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=GAgVF0hATGSnbxIhnH0jiA2&google_push=Aa02lx8dGwwJ4NXWoJT3oqPjgCtiCsbLEY6A3a60_6fBME7JYCf7VrEJcug0VrAcMfHWHL11Icnh-EY52AiWWZQJOFsDPqjAtutxJd4
Request Chain 350
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEIIXgMGdvZRaYTyd4cB0XqY&google_cver=1&google_push=Aa02lx-AhaLTGP8RvWlI8w3Xa9bnI6_bvLPvBiCpNROiBYGijDWG5vBRKCxTqXh6gCRrn1P7NMLS39As5qnKyev4tAmpgpghg-luhw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTI4NDIyMzk1MzA2MzIxMzE4Mjc5&google_push=Aa02lx-AhaLTGP8RvWlI8w3Xa9bnI6_bvLPvBiCpNROiBYGijDWG5vBRKCxTqXh6gCRrn1P7NMLS39As5qnKyev4tAmpgpghg-luhw
Request Chain 351
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEGbmMbRQ28tNFNl55D_HTGM&google_cver=1&google_push=Aa02lx9ZQ_HT7-z48pn2EGAgjjVBW1Ui8cvTYL5u56dSnUTIii9K8eIqBOM1HHzsqnfM6FyHQiCgYhJjwIh-lwWjrF70jIS8d44Tgz7U HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx9ZQ_HT7-z48pn2EGAgjjVBW1Ui8cvTYL5u56dSnUTIii9K8eIqBOM1HHzsqnfM6FyHQiCgYhJjwIh-lwWjrF70jIS8d44Tgz7U HTTP 302
  • https://onetag-sys.com/match/?int_id=19&google_error=5
Request Chain 353
  • https://cm.g.doubleclick.net/pixel?google_nid=retargetly_ddp&google_hm=OTI1ZDMyZTItZjViMi00MTk0LTk3OGYtMGExMDgxZGI0ZWUx&google_cm HTTP 302
  • https://app.retargetly.com/sync?pid=11&google_gid=CAESEPytLPQPPCWE_mW5ksAlaDM&google_cver=1
Request Chain 356
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3012&partner_device_id=925d32e2-f5b2-4194-978f-0a1081db4ee1&_rand=1678934101506 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3012&partner_device_id=925d32e2-f5b2-4194-978f-0a1081db4ee1&_rand=1678934101506
Request Chain 360
  • https://cms.analytics.yahoo.com/cms?partner_id=RTGLY HTTP 302
  • https://ups.analytics.yahoo.com/ups/58698/cms?partner_id=RTGLY HTTP 302
  • https://app.retargetly.com/sync?pid=22&sid=y-02dydp9E2oJm0GzNzU.I_luMjttzyjmuo.Q-~A
Request Chain 361
  • https://secure.adnxs.com/getuid?https://app.retargetly.com/sync?sid=$UID&pid=2 HTTP 302
  • https://app.retargetly.com/sync?sid=3657491859309942484&pid=2
Request Chain 362
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3a%2f%2fapp.retargetly.com%2fsync%3fpid%3d14%26sid%3d%23PM_USER_ID HTTP 302
  • https://app.retargetly.com/sync?pid=14&sid=4763FEEB-BBC8-4BEB-8D48-C1F9EEFB1915
Request Chain 366
  • https://sync.smartadserver.com/getuid?gdpr=0&url=https%3A%2F%2Fapp.retargetly.com%2Fsync%3Fsid%3D%5Bsas_uid%5D%26pid%3D63 HTTP 302
  • https://sync.smartadserver.com/getuid?gdpr=0&url=https://app.retargetly.com/sync?sid=[sas_uid]&pid=63&cklb=1 HTTP 302
  • https://app.retargetly.com/sync?sid=3194933628265421749
Request Chain 367
  • https://sync.smartadserver.com/getuid?gdpr=0&url=https%3A%2F%2Fapp.retargetly.com%2Fsync%3Fpid%3D74%26sid%3D%5Bsas_uid%5D HTTP 302
  • https://sync.smartadserver.com/getuid?gdpr=0&url=https://app.retargetly.com/sync?pid=74&sid=[sas_uid]&cklb=1
Request Chain 389
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESELLcGxWX1Aws0PVE7oFhgzk&google_cver=1&google_push=Aa02lx_pgkc2jSGr8cDC-hfS-F3Pf4L5a_8Ss9abjldK61HEsxyfbiZHtqPuWRpcVz0pWV3jU2RZX8kr8ZPvhSd7PW65bMf6FjdbXEfl HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aa02lx_pgkc2jSGr8cDC-hfS-F3Pf4L5a_8Ss9abjldK61HEsxyfbiZHtqPuWRpcVz0pWV3jU2RZX8kr8ZPvhSd7PW65bMf6FjdbXEfl
Request Chain 390
  • https://um.simpli.fi/gp_match?google_gid=CAESEFeFd52qQ6TJAQGHzt8tpyI&google_cver=1&google_push=Aa02lx9FryXbHlqlmLG3CZ229862yiV_Xu7reMY8EDTOGQWwiDpDxW4d5sPD13AIcWgVxJAaqEcUQerkwb-FllpZYdnmQ8Z9scSEOSE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=D8ACA06350D24CF5A364B7DEDB2460F0&google_push=Aa02lx9FryXbHlqlmLG3CZ229862yiV_Xu7reMY8EDTOGQWwiDpDxW4d5sPD13AIcWgVxJAaqEcUQerkwb-FllpZYdnmQ8Z9scSEOSE
Request Chain 391
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEEXa-W5y2DSmp4ntb0UrPVU&google_cver=1&google_push=Aa02lx_SH8MXFFC7Cb5wWy7sdQGHg_ONuBuK-XOyNuKpK3OAcbQmHGsydKnHZYKe0Vgk8oPZjf4iu5umVUb_Q1dLj6hxBp0Plk9RhgCy HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx_SH8MXFFC7Cb5wWy7sdQGHg_ONuBuK-XOyNuKpK3OAcbQmHGsydKnHZYKe0Vgk8oPZjf4iu5umVUb_Q1dLj6hxBp0Plk9RhgCy&google_hm=eS0wQ2k4WUhCRTJwR19Xc29WbnBHT2NyQVBMbmpsV3ZYNn5B
Request Chain 392
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEJTsi9a5ye38OA4Nrfnaz7M&google_cver=1&google_push=Aa02lx_55hFDzJgfjnr0iDuDCe8XVq3ybdc7MaWTmmRjLV-n0C_IhcBHjFzYQWPAfXXlp-RlLu8a-QnVJoAh3WGEPmMiPhkx-rKhTzzT HTTP 302
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESEJTsi9a5ye38OA4Nrfnaz7M&google_cver=1&google_push=Aa02lx_55hFDzJgfjnr0iDuDCe8XVq3ybdc7MaWTmmRjLV-n0C_IhcBHjFzYQWPAfXXlp-RlLu8a-QnVJoAh3WGEPmMiPhkx-rKhTzzT HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=Aa02lx_55hFDzJgfjnr0iDuDCe8XVq3ybdc7MaWTmmRjLV-n0C_IhcBHjFzYQWPAfXXlp-RlLu8a-QnVJoAh3WGEPmMiPhkx-rKhTzzT
Request Chain 393
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEM0HrTqQGs8ZwrzMwLBdnEA&google_cver=1&google_push=Aa02lx_5VXuj3Lpo-zvLTrJHnWWrsh86Vn07gow1h1lDMP-ptgUTk7Hn1LMYFNt7JYE48Ss2jmGKuUks0TeZYSAt8OctcBjn_ANDAIDo HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTI5NzMyMzM5Njg2NjMyNzE&google_push=Aa02lx_5VXuj3Lpo-zvLTrJHnWWrsh86Vn07gow1h1lDMP-ptgUTk7Hn1LMYFNt7JYE48Ss2jmGKuUks0TeZYSAt8OctcBjn_ANDAIDo
Request Chain 394
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEBErs8-v0gnZ5i-aoQTj0zc&google_cver=1&google_push=Aa02lx8uKPeA0j7CrUZhHoZAT-KTX7DulD4cqp0dTiCeRrW2UiSi2dk609wpUBbMGeaJpA3W-KO63UZo7-mJ6xOeSo6kqohjawUeqbde HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEBErs8-v0gnZ5i-aoQTj0zc&google_hm=ZBKAVfho4sdd9xtVFr86WwAAFJkAAAIB&google_nid=index&google_push=Aa02lx8uKPeA0j7CrUZhHoZAT-KTX7DulD4cqp0dTiCeRrW2UiSi2dk609wpUBbMGeaJpA3W-KO63UZo7-mJ6xOeSo6kqohjawUeqbde
Request Chain 395
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESECVDA3fcN22FW-SwMWs8bds&google_cver=1&google_push=Aa02lx8coVnHHlDO4WrpR71drFfBfJNyHxCWK6-rE2BmnIb-cc3iaG5cw8AEhZYYabsYcDBDPqp8Soxm_W_23TQKM6V7S21S3MaZs9En HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=Aa02lx8coVnHHlDO4WrpR71drFfBfJNyHxCWK6-rE2BmnIb-cc3iaG5cw8AEhZYYabsYcDBDPqp8Soxm_W_23TQKM6V7S21S3MaZs9En&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1678934101844 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-3b994b2c-63b0-47b3-9d51-5bae167327eb-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAa02lx8coVnHHlDO4WrpR71drFfBfJNyHxCWK6-rE2BmnIb-cc3iaG5cw8AEhZYYabsYcDBDPqp8Soxm_W_23TQKM6V7S21S3MaZs9En%26google_hm%3DAzuZSyxjsEeznVFbrhZzJ-s HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=Aa02lx8coVnHHlDO4WrpR71drFfBfJNyHxCWK6-rE2BmnIb-cc3iaG5cw8AEhZYYabsYcDBDPqp8Soxm_W_23TQKM6V7S21S3MaZs9En&google_hm=AzuZSyxjsEeznVFbrhZzJ-s
Request Chain 400
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D120211V1226132702M%26subid%3Dviewoneid1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQoneid__suite_Netmix_Reach121_BESTPERFORMER%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CIaH9_W03_0CFXaK_QcdIs4IvQ;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D120211V1226132702M%26subid%3Dviewoneid1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQoneid__suite_Netmix_Reach121_BESTPERFORMER%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
  • https://www.telefonica-partner.de/tpv.php?t=120211V1226132702M&subid=viewoneid1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://www.lead-alliance.net/tpv.php?t=120211V1226132702M&subid=viewoneid1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=120211&s_id=2023031603350182889743775X120211V1226132702MSviewoneid1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&cons=0&spid=2023031603350182889743775X120211V1226132702MSviewoneid1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQoneid__suite_Netmix_Reach121_BESTPERFORMER&wfid=120211&partnerid=12218
Request Chain 403
  • https://www.awin1.com/cshow.php?s=2470172&v=11354&q=377133&r=412871&pv=1&pref3=oneidmD8hefGfWJ6jsmHZHZtztJGjTKSwTeezuGgw2oneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://www.conrad.de/ztpv.php?awc=11354_412871_1678934101_26efd1d0-c3a3-11ed-9d45-2261c3620022&insert=AW&&gdpr=0&gdpr_consent=
Request Chain 438
  • https://um.simpli.fi/gp_match?google_gid=CAESEMBeRjSBEzF5OgSmxThLHlY&google_cver=1&google_push=Aa02lx9UzgVPSvv0onwioxKO5GVMXhxnYTPM7_56KcilsmtFwzt-i78dEeR9zd8CEnU0xxEeVHSPfM8XhHPmxXYeG3WJqLjxDkZv4uY HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=D8ACA06350D24CF5A364B7DEDB2460F0&google_push=Aa02lx9UzgVPSvv0onwioxKO5GVMXhxnYTPM7_56KcilsmtFwzt-i78dEeR9zd8CEnU0xxEeVHSPfM8XhHPmxXYeG3WJqLjxDkZv4uY
Request Chain 439
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEGTzDEZTDv90a38cJwFw8nI&google_cver=1&google_push=Aa02lx_TXxzJoIKZBee0uZRtSncYOiImIvs-rkXuKQFknUFhj05fUKMKIC-eL6eh5eew9MzDaF1v8xC_45k8ATuhBS5fQhW0eZHsiRk HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=Aa02lx_TXxzJoIKZBee0uZRtSncYOiImIvs-rkXuKQFknUFhj05fUKMKIC-eL6eh5eew9MzDaF1v8xC_45k8ATuhBS5fQhW0eZHsiRk&google_hm=ByENoGx2RMqXwURk2vgpLY0
Request Chain 440
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEI-Zy5h64n_RSir9zAFOQjY&google_cver=1&google_push=Aa02lx8M3eUgMhw325Zd82mtqwmF3Whog4wOC2kAALm_G5q2HATjRfvh1U36nKRLimkq3R-mu9ozYMeuhtK0TFsVFJ0oyjg5wI2hhZw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIxMDk2NzA1NTk0MzU5NjE4NQ%3D%3D&google_push=Aa02lx8M3eUgMhw325Zd82mtqwmF3Whog4wOC2kAALm_G5q2HATjRfvh1U36nKRLimkq3R-mu9ozYMeuhtK0TFsVFJ0oyjg5wI2hhZw
Request Chain 441
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEHDfcIaEAAEnDscBpDYTEYs&google_cver=1&google_push=Aa02lx9CjXAaBpBpWRrKRiet7WZEvg7t3dDquwcRT68ChmqSmHtczt-9Ve7yvSuCPYcBt31H7c_z_EAWC33Ilfzce2cd9TwfjsQ19Rg HTTP 302
  • https://p.rfihub.com/cm?in=1&pub=20513&ssp=google HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=119&user_id=5133329524710691937&expires=30&ssp=google HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aa02lx9CjXAaBpBpWRrKRiet7WZEvg7t3dDquwcRT68ChmqSmHtczt-9Ve7yvSuCPYcBt31H7c_z_EAWC33Ilfzce2cd9TwfjsQ19Rg&google_hm=61oV0SubRpeZ0qD2sK8LDA==
Request Chain 442
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEI5ks1LqCig4iYCZL3TMt7Q&google_cver=1&google_push=Aa02lx_tK56n9RTm-XmkiOopFwjg8J5DmN-kaH3qE59l3He3ugbCy9erzd25epiKDCoXNUjfamV8mvlPe93IdRjK6p6jsG5Pn1iBkw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx_tK56n9RTm-XmkiOopFwjg8J5DmN-kaH3qE59l3He3ugbCy9erzd25epiKDCoXNUjfamV8mvlPe93IdRjK6p6jsG5Pn1iBkw
Request Chain 443
  • https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEJnIis-XYbXTwgFSCG8-YDM&google_cver=1&google_push=Aa02lx9gvHhzR2WZFNTPaO3se6l8cZoyyBBlsqMTHsVFe6ylaaDGXwKoHeHd_DxEv1a4Wwz_a_eQTuF-7FQNfGBNwQeGKT7ySglsUdiM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=Aa02lx9gvHhzR2WZFNTPaO3se6l8cZoyyBBlsqMTHsVFe6ylaaDGXwKoHeHd_DxEv1a4Wwz_a_eQTuF-7FQNfGBNwQeGKT7ySglsUdiM HTTP 302
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Request Chain 480
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEEKtMdyNsrH9eU_fyNx6BYw&google_cver=1&google_push=Aa02lx97Q6Diry8Fn8K7uGMAUxApGxqcExF7Fsz6lHI9LVjY-YDoWjQoubtHnoHHL-BPQR_wIcaSudHzJzYmsXxUbhW2vPpEMDfK6w HTTP 302
  • https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=Aa02lx97Q6Diry8Fn8K7uGMAUxApGxqcExF7Fsz6lHI9LVjY-YDoWjQoubtHnoHHL-BPQR_wIcaSudHzJzYmsXxUbhW2vPpEMDfK6w&google_hm=RRHcez6TAyIA49RpZJ4gmQ
Request Chain 482
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESENk3HyCfST4ozEZMGyLCzdA&google_cver=1&google_push=Aa02lx-lezr5GyVutY-JtT_EmpxWlrUrFVGztv7pEXgOjEbSgpyrnqb91J5QY8BHA6tRb5NV58aGIodjSoGq_D8Tvi96liTj_g4L HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=R2P-67vIS-uNSMH57vsZFQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aa02lx-lezr5GyVutY-JtT_EmpxWlrUrFVGztv7pEXgOjEbSgpyrnqb91J5QY8BHA6tRb5NV58aGIodjSoGq_D8Tvi96liTj_g4L
Request Chain 483
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEMPXCZwxfyLrOaJB_cdfmvM&google_cver=1&google_push=Aa02lx82FK1PHwTD6iIH7F6VU6A0ijoZY_oZl2Y-tk5RopIRAjy1nZIGWzZRIaINC583R2QkPcZqr5qsqsciyo4Z87kY0mzXH2FK HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=Aa02lx82FK1PHwTD6iIH7F6VU6A0ijoZY_oZl2Y-tk5RopIRAjy1nZIGWzZRIaINC583R2QkPcZqr5qsqsciyo4Z87kY0mzXH2FK&google_hm=GUVbuGZHvBNjuENaQKekY4O-
Request Chain 484
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEMBPexfjrSUFe_hyznI5s-E&google_cver=1&google_push=Aa02lx9BvUz9g13sjntri_hSkto29Kab0DVQpluTMTrFaPkE_i47rzCHezGOIFN6-TgyIiBSUmlrD0jghuqUzWdRbhASsn48RYTSRg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTI4NDIyMzk1MzA2MzIxMzE4Mjc5&google_push=Aa02lx9BvUz9g13sjntri_hSkto29Kab0DVQpluTMTrFaPkE_i47rzCHezGOIFN6-TgyIiBSUmlrD0jghuqUzWdRbhASsn48RYTSRg
Request Chain 485
  • https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEJV6SruycOmJSKK4BCJA5-Q&google_cver=1&google_push=Aa02lx88aL0vguIlkP1aof6ezJqIQhpIy5TWW25wXBJ6ifLDAG0A__PfJcxnFT8h1IsdDqx3hjqCaPkkeH245XxovdDiHJB8nfaj4yQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MzY1NzQ5MTg1OTMwOTk0MjQ4NA%3D%3D&google_gid=CAESEJV6SruycOmJSKK4BCJA5-Q&google_cver=1&google_push=Aa02lx88aL0vguIlkP1aof6ezJqIQhpIy5TWW25wXBJ6ifLDAG0A__PfJcxnFT8h1IsdDqx3hjqCaPkkeH245XxovdDiHJB8nfaj4yQ
Request Chain 486
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEOIkVCMiOzMkjBEVZWIPkYc&google_cver=1&google_push=Aa02lx8UdgqrvDegEJfKfEopWUs6pEikYCELVT-WkuLdGVMOgSk8sQ3HujdiKHYLoeRV5c9ns0hriphI4A7f8HOieQYPUht-q4I7Yng HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=eb5a15d1-2b9b-4697-99d2-a0f6b0af0b0c&%%GOOGLE_PUSH_PAIR%%
Request Chain 503
  • https://pv.medialead.de/trck/epv/2aed39855b5f46b72660fe7fe4b2634f?t=htlp&subid=oneidG1rtBfpfVz7cKHeHGtPtdwJHZSYTJJkCQV5Moneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=57372&dt_subid2=oneidG1rtBfpfVz7cKHeHGtPtdwJHZSYTJJkCQV5Moneid__suite_Netmix_Reach121_BESTPERFORMER&actionid=981741&produktid=&dt_url=
Request Chain 506
  • https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=%3Fhttps%3A%2F%2Fwww.awin1.com%2Fcawshow.php%3Fv=11938&s=2542680&q=367022&r=412871&pv=1&pref3=pv_oneidM7YHzfrfjePRUWHEHGtDt2jpCBS4TxxZhE2wVoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_pre=CMvpnva03_0CFd-JgwcdKXMA8w;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=%3Fhttps%3A%2F%2Fwww.awin1.com%2Fcawshow.php%3Fv=11938&s=2542680&q=367022&r=412871&pv=1&pref3=pv_oneidM7YHzfrfjePRUWHEHGtDt2jpCBS4TxxZhE2wVoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=pv_oneidM7YHzfrfjePRUWHEHGtDt2jpCBS4TxxZhE2wVoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1678934102_278470b0-c3a3-11ed-b339-2265b7c46fb7
Request Chain 553
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEEUxbFy4soK4lqZ-LRl_66I&google_cver=1&google_push=Aa02lx8YB5icXhGYzgihRiLkQJaBvZ8kzQbHYoFNUImArIOEWiUzGSQs2EMvT5uIp7-uNtxlnXMSCMrBKaEJHHrSexS_Ev0qYiXL_Rg HTTP 302
  • https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=Aa02lx8YB5icXhGYzgihRiLkQJaBvZ8kzQbHYoFNUImArIOEWiUzGSQs2EMvT5uIp7-uNtxlnXMSCMrBKaEJHHrSexS_Ev0qYiXL_Rg&google_hm=RRHcez6TAyIA49RpZJ4gmQ
Request Chain 555
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEJzgAIR_hINzXxip4X4uho4&google_cver=1&google_push=Aa02lx__CcWlNVJJwMEdL_5ieiAZTMUDUtDByYis7qy3LMPAefHiWwPd6G4aOjrs6gcssgIALvl0VD-XUXiLc8NW7RgYoZTTZOCt5x0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx__CcWlNVJJwMEdL_5ieiAZTMUDUtDByYis7qy3LMPAefHiWwPd6G4aOjrs6gcssgIALvl0VD-XUXiLc8NW7RgYoZTTZOCt5x0&google_hm=eS0wQ2k4WUhCRTJwR19Xc29WbnBHT2NyQVBMbmpsV3ZYNn5B
Request Chain 562
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEJzgAIR_hINzXxip4X4uho4&google_cver=1&google_push=Aa02lx_LDznFGjsiGNG6gNY5sHGoTyg1TGJkeGCspbz4f5s4CyXUCllPsy_nr8ec1QjSqfdek74SyexzBLuie1SJoUaRcc53V66uK7s HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx_LDznFGjsiGNG6gNY5sHGoTyg1TGJkeGCspbz4f5s4CyXUCllPsy_nr8ec1QjSqfdek74SyexzBLuie1SJoUaRcc53V66uK7s&google_hm=eS0wQ2k4WUhCRTJwR19Xc29WbnBHT2NyQVBMbmpsV3ZYNn5B
Request Chain 572
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEJzgAIR_hINzXxip4X4uho4&google_cver=1&google_push=Aa02lx9lRVbCtcMkafb7UrCQak30inzoTputGLQpQUtrwwyQM-u-8MXnmprO0cOqIbVvRzbDtPTonrCeIJGt3QSg8YNsH9OlyWGGK9s HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx9lRVbCtcMkafb7UrCQak30inzoTputGLQpQUtrwwyQM-u-8MXnmprO0cOqIbVvRzbDtPTonrCeIJGt3QSg8YNsH9OlyWGGK9s&google_hm=eS0wQ2k4WUhCRTJwR19Xc29WbnBHT2NyQVBMbmpsV3ZYNn5B
Request Chain 609
  • https://www.awin1.com/cshow.php?s=2524318&v=11420&q=392147&r=412871&pv=1&pref3=oneidxmDFQfAf7EJCPHdHztQtxJEH7S6TKKps17xdoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://pvx.freenet-mobilfunk.de/?vp_nummer=41006061&subvpid=412871&eventid=11420_412871_1678934103_2829d870-c3a3-11ed-b09e-2262db7920ac
Request Chain 623
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D112793V1226132702M%26subid%3DviewoneidZ28fwfBf6wRUmHDHDt3tJJZC6SXTQQefY5jBoneid__suite_Netmix_Reach121_BESTPERFORMER%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CJic9_a03_0CFQR44AodYDUGpA;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D112793V1226132702M%26subid%3DviewoneidZ28fwfBf6wRUmHDHDt3tJJZC6SXTQQefY5jBoneid__suite_Netmix_Reach121_BESTPERFORMER%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
  • https://www.telefonica-partner.de/tpv.php?t=112793V1226132702M&subid=viewoneidZ28fwfBf6wRUmHDHDt3tJJZC6SXTQQefY5jBoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://www.lead-alliance.net/tpv.php?t=112793V1226132702M&subid=viewoneidZ28fwfBf6wRUmHDHDt3tJJZC6SXTQQefY5jBoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=112793&s_id=2023031603350482889743889X112793V1226132702MSviewoneidZ28fwfBf6wRUmHDHDt3tJJZC6SXTQQefY5jBoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&cons=0&spid=2023031603350482889743889X112793V1226132702MSviewoneidZ28fwfBf6wRUmHDHDt3tJJZC6SXTQQefY5jBoneid__suite_Netmix_Reach121_BESTPERFORMER&wfid=112793&partnerid=12218
Request Chain 626
  • https://www.awin1.com/cshow.php?s=2470172&v=11354&q=377133&r=412871&pv=1&pref3=oneidmD8hefGfWJ6jsmHZHZtztJGjTKSwTeezuGgw2oneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://www.conrad.de/ztpv.php?awc=11354_412871_1678934103_28301a00-c3a3-11ed-b00f-2238801674a3&insert=AW&&gdpr=0&gdpr_consent=

608 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
istoe.com.br/
Redirect Chain
  • http://istoe.com.br/
  • https://istoe.com.br/
142 KB
21 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://istoe.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.85.150 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
150.85.201.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
25ff32c841b0ac53eadf452556acbf0a39003b22e76ed8999dc3f0e6b626bf44

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
4
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=60, must-revalidate, proxy-revalidate
content-encoding
gzip
content-length
20656
content-type
text/html; charset=UTF-8
date
Thu, 16 Mar 2023 02:34:51 GMT
link
<https://istoe.com.br/wp-json/>; rel="https://api.w.org/" <https://istoe.com.br/wp-json/wp/v2/pages/209230>; rel="alternate"; type="application/json" <https://istoe.com.br/>; rel=shortlink </wp-content/cache/minify/64cb4.js?x65938>; rel=preload; as=script </wp-content/cache/minify/56d32.js?x65938>; rel=preload; as=script </wp-content/cache/minify/91082.js?x65938>; rel=preload; as=script </wp-content/cache/minify/677c1.js?x65938>; rel=preload; as=script </wp-content/cache/minify/1615d.js?x65938>; rel=preload; as=script </wp-content/cache/minify/65c9f.css?x65938>; rel=preload; as=style </wp-content/cache/minify/6a103.css?x65938>; rel=preload; as=style </wp-content/cache/minify/98c56.css?x65938>; rel=preload; as=style
pragma
public
referrer-policy
no-referrer-when-downgrade
server
nginx
vary
Accept-Encoding
via
1.1 google

Redirect headers

Cache-Control
private
Content-Length
0
Content-Type
text/html; charset=UTF-8
Date
Thu, 16 Mar 2023 02:34:55 GMT
Location
https://istoe.com.br:443/
64cb4.js
istoe.com.br/wp-content/cache/minify/ 		101 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://istoe.com.br/wp-content/cache/minify/64cb4.js?x65938
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.85.150 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
150.85.201.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
4b2c328c46e103a5d90c398c1c868b9b1029dda79e1ff1d66d3e99832bc937ac

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://istoe.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
public
date
Thu, 16 Mar 2023 02:34:42 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
via
1.1 google
server
nginx
age
14
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=60, must-revalidate, proxy-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35026
56d32.js
istoe.com.br/wp-content/cache/minify/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://istoe.com.br/wp-content/cache/minify/56d32.js?x65938
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.85.150 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
150.85.201.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
9a3d1f5824ad4bd991a67acab64088920e43d25545ca6b4cb78736dc35b696a3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://istoe.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
public
date
Thu, 16 Mar 2023 02:34:01 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
via
1.1 google
server
nginx
age
55
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=60, must-revalidate, proxy-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1377
91082.js
istoe.com.br/wp-content/cache/minify/ 		553 KB
155 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://istoe.com.br/wp-content/cache/minify/91082.js?x65938
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.85.150 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
150.85.201.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
509a5e08a83663773a51eb656b46edc477ffa4a3f687c50d39e2d906e24e6742

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://istoe.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
public
date
Thu, 16 Mar 2023 02:34:15 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
via
1.1 google
server
nginx
age
41
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=60, must-revalidate, proxy-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
158119
677c1.js
istoe.com.br/wp-content/cache/minify/ 		1012 B
527 B 		Script
General
Check archive.org
Download Go to
Full URL
https://istoe.com.br/wp-content/cache/minify/677c1.js?x65938
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.85.150 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
150.85.201.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
c75c9e749da12f7783eaccace3576f58ffd66b5d4deed0d43b8bd84d493f17a5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://istoe.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
public
date
Thu, 16 Mar 2023 02:34:22 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
via
1.1 google
server
nginx
age
34
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=60, must-revalidate, proxy-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
436
1615d.js
istoe.com.br/wp-content/cache/minify/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://istoe.com.br/wp-content/cache/minify/1615d.js?x65938
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.85.150 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
150.85.201.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
1a54a1907a6443e3c81608130bfed4546eb0ce5d0c8897e1d7a3b43d89ecc367

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://istoe.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
public
date
Thu, 16 Mar 2023 02:34:44 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
via
1.1 google
server
nginx
age
12
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=60, must-revalidate, proxy-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2356
65c9f.css
istoe.com.br/wp-content/cache/minify/ 		106 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://istoe.com.br/wp-content/cache/minify/65c9f.css?x65938
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.85.150 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
150.85.201.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
60dc19da06b0a7e96d376a3b26d529581d8b146408e070c4af5a54ba73730946

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://istoe.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
public
date
Thu, 16 Mar 2023 02:34:20 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
via
1.1 google
server
nginx
age
36
vary
Accept-Encoding
content-type
text/css; charset=utf-8
cache-control
public, max-age=60, must-revalidate, proxy-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14596
6a103.css
istoe.com.br/wp-content/cache/minify/ 		58 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://istoe.com.br/wp-content/cache/minify/6a103.css?x65938
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.85.150 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
150.85.201.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
89c4b9ec6341e4f66063430dc2c5956e1363d681eefdb6235654ce51150f3787

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://istoe.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
public
date
Thu, 16 Mar 2023 02:34:17 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
via
1.1 google
server
nginx
age
39
vary
Accept-Encoding
content-type
text/css; charset=utf-8
cache-control
public, max-age=60, must-revalidate, proxy-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13931
98c56.css
istoe.com.br/wp-content/cache/minify/ 		218 KB
55 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://istoe.com.br/wp-content/cache/minify/98c56.css?x65938
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.85.150 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
150.85.201.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
72473fce79bb30e1f8563e9aeb6c3b1d57916eaeb8d3196ec67db3dcd650e378

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://istoe.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
public
date
Thu, 16 Mar 2023 02:34:08 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
via
1.1 google
server
nginx
age
48
vary
Accept-Encoding
content-type
text/css; charset=utf-8
cache-control
public, max-age=60, must-revalidate, proxy-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
55836
lazyload.min.js
istoe.com.br/wp-content/plugins/w3-total-cache/pub/js/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://istoe.com.br/wp-content/plugins/w3-total-cache/pub/js/lazyload.min.js?x65938
Requested by
Host: istoe.com.br
URL: https://istoe.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.85.150 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
150.85.201.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
1a54a1907a6443e3c81608130bfed4546eb0ce5d0c8897e1d7a3b43d89ecc367

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://istoe.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
public
date
Thu, 16 Mar 2023 02:28:19 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
via
1.1 google
server
nginx
age
397
etag
W/"63eed96c-1883"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=600, must-revalidate, proxy-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2356
css2
fonts.googleapis.com/ 		20 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Inter:wght@100;200;300;400;500;600;700;800;900&display=swap
Requested by
Host: istoe.com.br
URL: https://istoe.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b2dc460864a60ac3ce89c4c6fab1c62ef9171ac1365cc47aa8aca95ecb06f0cf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://istoe.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 16 Mar 2023 02:34:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 16 Mar 2023 01:32:01 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 16 Mar 2023 02:34:56 GMT
css2
fonts.googleapis.com/ 		14 KB
937 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Merriweather:ital,wght@0,300;0,400;0,700;0,900;1,300;1,400;1,700;1,900&display=swap
Requested by
Host: istoe.com.br
URL: https://istoe.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0e162d427904ff2a6ab71a99d3ba1dad74557f27fc763cade590a9e2894507aa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://istoe.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 16 Mar 2023 02:34:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 16 Mar 2023 01:26:47 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 16 Mar 2023 02:34:56 GMT
bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/ 		157 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/bootstrap.min.css
Requested by
Host: istoe.com.br
URL: https://istoe.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://istoe.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:34:56 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1879276
x-jsd-version
4.5.3
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra-eddf8230071-FRA, cache-yyz4541-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"27288-jtLWNQ0j+FfZKAVzfQ+XxnXeZms"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ovldxrLpKYRNJDE%2Fi3uUbCQ2L8aGVW5LA2Z8F3FfYBuKlr1EnPzFGElNXlvD4UcH5rafJxrHdniSha0YTscTPPaFvgB88eGsBUl5nzEt%2FQXrL5dj6mGW4WmBXAyC%2Btk0zV%2BGy1SH86gHo%2Fev2XM%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
7a8999947e66bba4-FRA
jquery.min.js
cdn.jsdelivr.net/npm/jquery@3.4.1/dist/ 		86 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/jquery@3.4.1/dist/jquery.min.js?ver=1
Requested by
Host: istoe.com.br
URL: https://istoe.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://istoe.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:34:56 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1879276
x-jsd-version
3.4.1
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra-eddf8230115-FRA, cache-yyz4533-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"15851-iFI5JDUbrAtdVg/gxXgeJVbnaT0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R8q8twGUTgC1o0SgP86uXFu8Lu2q4VJKCMnUs0U0oZeZuXDzDsUKKHdtbfRvOgFlP9RRTWdJzF28k7cj25E0p8dx8gN%2F5oqpin%2BmfuJobvhhhNyoa7bJHq5RgRk14Nx%2BYbZZWpRDcRYYLEWh9ew%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
7a8999947e67bba4-FRA
home
istoe.com.br/@nave/client/1de9cd2d-d7cf-46be-be01-dc5e25d29577/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://istoe.com.br/@nave/client/1de9cd2d-d7cf-46be-be01-dc5e25d29577/home
Requested by
Host: istoe.com.br
URL: https://istoe.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.201.85.150 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
150.85.201.35.bc.googleusercontent.com
Software
/
Resource Hash
0e7570b4fbe6a40102d4187d13a43ad7435b1567fa5e7a8752570ebda68b58a3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://istoe.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Mar 2023 02:34:56 GMT
content-encoding
br
via
1.1 google
surrogate-control
no-store
vary
accept-encoding
content-type
text/plain
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
0
gpt.js
www.googletagservices.com/tag/js/ 		79 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: istoe.com.br
URL: https://istoe.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b3ec1618d3e929668626e7cc9f6c958f654c4dccfe32bd1f517833cc000feeab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://istoe.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:34:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27421
x-xss-protection
0
server
sffe
etag
"1512 / 143 of 1000 / last-modified: 1678929173"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 16 Mar 2023 02:34:56 GMT
js
www.googletagmanager.com/gtag/ 		220 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-6VP0875DQD
Requested by
Host: istoe.com.br
URL: https://istoe.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
64933d456b5e4866153b8f365d1e41f11406f378c864c3aaa373a970707069b8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://istoe.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:34:56 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
78740
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 16 Mar 2023 02:34:56 GMT
333e575b-b844-4016-9eba-647f67f3829b.js
cdn.pn.vg/sites/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.pn.vg/sites/333e575b-b844-4016-9eba-647f67f3829b.js
Requested by
Host: istoe.com.br
URL: https://istoe.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:6c22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
307ac4e6b6a2621ed8e34bee06198a23b1ea0deedd0f9a3b156527afc777763d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://istoe.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:34:56 GMT
via
1.1 5e28951e5f2b6d7d562636473d26d7a6.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
FRA56-P5
age
2700
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 26 Jan 2023 10:26:18 GMT
server
cloudflare
etag
W/"8e69d7a51df1cb2b7ad9bc632d4177e7"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, POST, PUT
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PEDL%2BwOeR4jrJ6juJqpjqfeG9P26a1LGwAkaUMK0iIdyiT2AUmN2Yq1Mn5jZRw1VkUEna6SoyB3juDENx9f538U7rpkFKZwYB3RxAzFEgZ7Xq%2BTrZ9CMcxan9T6hnj7sfbi7Clql7CY%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
content-type
text/javascript
cache-control
max-age=14400
cf-ray
7a899997fdb6383b-FRA
x-amz-cf-id
NPxrDtaVAKakCQQ5Dg3jtXYRE-7SpJMlC7A4U8e5hey-VEVeEkkahg==
bootstrap.bundle.min.js
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/ 		82 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/bootstrap.bundle.min.js
Requested by
Host: istoe.com.br
URL: https://istoe.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8d7089253dca29c9cd8d9deb7ec69b0a3d445f88f6a26478c719be1f90adcb01
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://istoe.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:34:56 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1879278
x-jsd-version
4.5.3
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra-eddf8230067-FRA, cache-jnb7024-JNB
x-jsd-version-type
version
server
cloudflare
etag
W/"148b8-qycDEVlyTiQh9v9ccPSOZXq+nTk"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G2Dk05PLKecFwNDnDl%2BxD6b8LfoUi7B15chO4X21kgW%2BxHp5BubkC0HYNU4cDiVt3DYKr8y4mtcrHZxxEFsrZaxH0zgNWvpWssxT6AG6zZw1Tb%2BPj4ToBJFBd06Y%2Bew3QHpangO5OeFfMKRnQ98%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
7a899994cea2bba4-FRA
fmk1om34jg
www.clarity.ms/tag/ 		989 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/fmk1om34jg?ref=wordpress
Requested by
Host: istoe.com.br
URL: https://istoe.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:1ec:4e:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
26b9853d4c1f427ff83cc49649e43ba00c51c0e9ce8c6315e081a07e5b2072e7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://istoe.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

request-context
appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78
date
Thu, 16 Mar 2023 02:34:56 GMT
cache-control
no-cache, no-store
expires
-1
x-azure-ref
20230316T023456Z-wvzcqkmkdp6zhecfv1d27pv2r800000002eg00000000695r
x-cache
CONFIG_NOCACHE
content-type
application/x-javascript
beacon.js
sb.scorecardresearch.com/internal-cs/default/
Redirect Chain
  • https://sb.scorecardresearch.com/cs/36204834/beacon.js
  • https://sb.scorecardresearch.com/internal-cs/default/beacon.js
4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/internal-cs/default/beacon.js
Requested by
Host: istoe.com.br
URL: https://istoe.com.br/
Protocol
H2
Server
13.32.99.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-105.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
84e5aa85594b35c4b60787f4a97e2e1eb369dacbe23d8154f61f60bb0343d465

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://istoe.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:24:36 GMT
content-encoding
gzip
via
1.1 39e6266db143f6443f194d8c60e22480.cloudfront.net (CloudFront)
last-modified
Thu, 09 Mar 2023 10:02:11 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
621
etag
W/"77ff4ede4693897337a38594321529a3"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
fLieVtjunD2ispTPCo3tJrxjhlXvE7IHYKrxyePWu2GW_v2XhhCiZQ==

Redirect headers

location
/internal-cs/default/beacon.js
date
Thu, 16 Mar 2023 02:34:56 GMT
via
1.1 39e6266db143f6443f194d8c60e22480.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
content-length
0
x-amz-cf-id
x8FDsTe_pKrfdSJMkITL2OcQbefZl3il5LYVwABfpKUzZXTG05DN9g==
x-cache
Miss from cloudfront
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: istoe.com.br
URL: https://istoe.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://istoe.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 16 Mar 2023 01:19:33 GMT
last-modified
Tue, 10 Jan 2023 21:29:14 GMT
server
Golfe2
age
4523
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20085
expires
Thu, 16 Mar 2023 03:19:33 GMT
loader.js
cdn.taboola.com/libtrc/editora3-isto/ 		767 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/editora3-isto/loader.js
Requested by
Host: istoe.com.br
URL: https://istoe.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
46a1b42078127593fb34049ba9f365868d00f467d6e063dd5dc22c875b493abb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://istoe.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id
ECHP1bw3i9ElJnCNK8IYB0CmKjHiLfBT
content-encoding
gzip
via
1.1 varnish
date
Thu, 16 Mar 2023 02:34:56 GMT
x-amz-request-id
N3SVA3XJDSMCEWJ8
age
21
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
66031
x-amz-id-2
5ZHMXMn7a13Hv3XogAMWvRgJwyAbXzbV8PKkwLvV18JFtAAUtkZVUreV42aslmDJNYYNmMu8p/Y=
x-served-by
cache-fra-eddf8230115-FRA
last-modified
Wed, 15 Mar 2023 15:40:20 GMT
server
AmazonS3
x-timer
S1678934097.633991,VS0,VE1
etag
"466e782e8e773ea42786b475e7e81517"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
87
access-control-allow-origin
*
cache-control
private,max-age=14401
accept-ranges
bytes
x-cache-hits
1
newsroom.js
c2.taboola.com/nr/editora3-isto/ 		69 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c2.taboola.com/nr/editora3-isto/newsroom.js
Requested by
Host: istoe.com.br
URL: https://istoe.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
524cd3c4415a6c441a525b4aec6d7e9e646a772b1d4a1b0f4542af8afc1eedf5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://istoe.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
via
1.1 varnish
date
Thu, 16 Mar 2023 02:34:56 GMT
x-amz-request-id
806MBDM5K06XKQVC
age
4929
x-cache
HIT
content-length
17951
x-amz-id-2
jVZFwSJjO2hiDVd/VqLjF1XNCx7OPeq1KWEBf4LQXu5lNhBmpWhJ4EIoSChryRLDvsvvBjdAQLk=
x-served-by
cache-fra-eddf8230058-FRA
last-modified
Fri, 25 Feb 2022 07:01:36 GMT
server
AmazonS3
x-timer
S1678934097.647946,VS0,VE0
etag
"7a3522abd67dd43350e84c5289977259"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
accept-ranges
bytes
x-cache-hits
7
truncated
/ 		64 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
01caf20e667c8e300960582162f912d9405e9895c32cff1a9ee95511fd509a2c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
32daaa0657957a007d7d94f46bba205842696c8b949ce3cf57f7d00d801763c0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8070057bdc406fec3f7b52344d540a184f0736adbba929eca535f863a09bf5fa

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6c361ebb1e9689b81da1aeaa9b98be9213b44f5eb91fcb03c334e9adc74f568f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		70 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
acfaaf62bff0119246c65258ed4eddfff3758441c562b3726627e377d6939118

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b3391b26fd634859b900670bddcdd8ef22a819e3581da050f15f48c85a15ba5c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
18f670c55099b0297f8ddcd2643c875e7e110735c243132be3024987a570a1a2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8a1c97585f425281e30abeb95848a24b4c1f4cdaf9b8d48cf277506eaaa14822

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
61bc145fd9ca1411c9df0257cfe7f00dc3512468758629964b32282796e66809

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2fa2ef9406bdb147fd9fb4a7c9b56b5dea19c564eafd4a23042c75e1a3525c60

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		69 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
84bf33dd9b7a3abb832df0242421046af95f5df2f7b09c252845e0d32954efe7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		69 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
da3a4546a0e448401be0bb03316a63462b069f64ed89fd23add5547f030aa4ec

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
eab654b386bb47c394b35f37115c3d2948a65054fade065ccf5ab7f31c4f05f0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3a48ba6d11055a2a6f840befa14e603650d8ca3d752e16daccd828d3869fb791

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		69 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1c6f59568daa92440b86989c65cd80e534bdb6790431dbf46ed34e6bad60b652

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
835e2796b1d55eb0719b1b32f9e6cbe3e1a05282aae3e0f8bf09698c4459d4b3

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		69 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4bf862f3586f612ddb5751eb35d4e67ea6719bd5049fd103a606f303a025ca1e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1f52c5bc0af7b23f7551662bab58f752ab673b009c02f698a9551754205e3b02

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9e28d81fc3b74855453de9484728dc93e842efaaccab3225a9b0cc8f5dca66eb

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		69 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0e5993455d9c1d2babbfcbd2c9936b267fe88b5d597769a2aff8b7ce7f249b6d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3a3ace891cf7e0135ad8d40c8c235e14f302551c725c7ecfa865aa413ccb0116

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		67 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
10f2c22d2623cf0907fe0aefb6b4a3f6541cf26dcc2384f30368ae84efff23d3

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		70 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9bf2adc3ae5ecf1c7fa745647da2c3329af91b190f09595892ab898b9aecfb1d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
18e97c6cf4c5689618ee5d8697b8220e83afdb3d61e6eb286dde3f4f6ceb59c0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		69 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e2e8930ff9454192c7ceff3e0e3bcb1172023f1099ed5c8b102e92e14053e34a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		69 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2d9ca545ec9e7aa79774bbefcd55d2017f02871a4b6d44d7da78f7848cf660cb

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		69 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
75e0fe33a139622cde1d4bacdef52e609e623b514c56b113c69568fa16c23a12

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		69 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a00a64df8993a9d7aa7262eed9a569c9f6d07ca1a5629d06bded50c7a8b8b16f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		69 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dbfd118ad6c8f1a956742866e7095a877ed1537e0d7d9260fb8258bb0de25758

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		69 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
46167936be0033190267bdf9bec4c9c6045bc5a256ca6c3ab6e465f47b13b012

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		69 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b474932f970242e4c0f4d2c4f7caf944b9820583f6c3f23043b82bad1d6cb414

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		69 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0009480b1873bd79f5081f2a3c029af6f0a7f03c5902fae0bb7e757610ee736e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		70 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e19d3bfb9acd7e4b17f931546a8502f703675e65dc8be6d63dd18774c15b416b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		70 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fcd9c6914994e93cb40df3a8d7b1fe98ae2d07dde566f9a2a6468f503f54e8ef

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		69 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1fe885f298481ea960ea9ea519b5a57a9338534d53c668d807a4077713391e8d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type
image/svg+xml
UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v12/ 		37 KB
38 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@100;200;300;400;500;600;700;800;900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
450f3ba4e47ee174bd9692b396f264b907d37d2528f53911760f3d0edb785f7e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://istoe.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 09 Mar 2023 09:17:36 GMT
x-content-type-options
nosniff
age
580640
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37924
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 20:54:46 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 08 Mar 2024 09:17:36 GMT
ilabspush.min.js
cdn.pn.vg/push/ 		186 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.pn.vg/push/ilabspush.min.js
Requested by
Host: cdn.pn.vg
URL: https://cdn.pn.vg/sites/333e575b-b844-4016-9eba-647f67f3829b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:6c22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c21c555767cc7534fbeeb7cffcbdabe1427c714fe961addf92a50c2242bdb7d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://istoe.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:34:56 GMT
via
1.1 1cea41348481b3edf706fcd9a48d6eea.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
MAN51-P1
age
2756
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 09 Feb 2023 15:13:20 GMT
server
cloudflare
etag
W/"3255877cd62ee31402d4624df4e16c62"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JYCJvKOvoivqCz%2Bfer%2BVbn8dlrPs7xeetkbCG987pKgT%2FiW%2FVIoYCWO%2F%2BfG1hjAQ7Sji2XFj2OzMyN%2BMYVY96B25SzmjWfpOhdUI40nmcQctAfHTcjdpTU%2BK8mgyjFc%2FOwsaq7PaRa8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400
cf-ray
7a8999986e14383b-FRA
x-amz-cf-id
biIz2N0j9HLGH1bRZRZ-KKYNpJZ4YUmp2p9XscZTdPuv1CfjV3ycFw==
load.js
widget.perfectmarket.com/editora3-isto/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.perfectmarket.com/editora3-isto/load.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/editora3-isto/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1693c45f95e0ff8cac55b57471d5a05cbd0c15a6c6df89f7cb78710ea7897f52

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://istoe.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id
qx1AxQ_S7eLSQkl3moWNhc.cgLCz_V85
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
date
Thu, 16 Mar 2023 02:34:57 GMT
x-amz-request-id
W45ZYB5T6849MJJM
age
0
x-cache
HIT, HIT
content-length
1208
x-amz-id-2
cPc5ypNQDeW1R2NB6oMfpSRsqxecQoqlNmykcPA9T1ywmgT6qWIXN1ncgdiyeC9VPmPnBUerdeg=
x-served-by
cache-bur-kbur8200156-BUR, cache-fra-eddf8230029-FRA
last-modified
Fri, 03 Apr 2020 10:34:43 GMT
server
AmazonS3
x-timer
S1678934097.780510,VS0,VE304
etag
"b04c64b5073c66c5abef7805dd8e44a1"
vary
Accept-Encoding,,
content-type
application/javascript; charset=utf-8
cache-control
max-age=300
accept-ranges
bytes
x-cache-hits
1611, 1
impl.20230315-12-RELEASE.js
cdn.taboola.com/libtrc/ 		737 KB
154 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20230315-12-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/editora3-isto/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
99900bf577463f5efda7b945e5c39a3a2a9b5b73ac7738103b8044f8fb947b3b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://istoe.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id
mE1dQZLmhyEvCZbQN0xSnKE.5ryPhiqu
content-encoding
br
via
1.1 varnish
date
Thu, 16 Mar 2023 02:34:56 GMT
x-amz-request-id
TH8SRP91690W70BY
age
27561
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
157052
x-amz-id-2
Ripv1K/kqqhX7uCdUVI6CbFOvRzFQZqbJIYYSk1q9Dv8na3hBRF8i/f9Eia8a+gXMa4NFAVwkm0=
x-served-by
cache-fra-eddf8230115-FRA
last-modified
Wed, 15 Mar 2023 10:55:26 GMT
server
AmazonS3-br
x-timer
S1678934097.745541,VS0,VE0
etag
"88f947878e99ceb3dd93e1ad3b30a950"
vary
Accept-Encoding
content-type
application/javascript
abp
90
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
58627
get-action
nr-events.taboola.com/newsroom/1.0/editora3-isto/ 		132 B
297 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nr-events.taboola.com/newsroom/1.0/editora3-isto/get-action?page.url=https%3A%2F%2Fistoe.com.br%2F&view.id=121499113709608992&page.template=home&page.dashboard=home
Requested by
Host: c2.taboola.com
URL: https://c2.taboola.com/nr/editora3-isto/newsroom.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
cc78fd70080002caf2043cdb48109d0b6e234a8adf6171b05a2ff05e98b95b11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://istoe.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-served-by
cache-fra-eddf8230115-FRA
tbl-x-upstream
10.44.7.206:8080
date
Thu, 16 Mar 2023 02:34:56 GMT
via
1.1 varnish
server
nginx
x-timer
S1678934097.782234,VS0,VE9
x-cache
MISS
content-type
application/json;charset=UTF-8
accept-ranges
bytes
content-length
132
x-application-context
front-page-event-server:production
x-cache-hits
0
b
sb.scorecardresearch.com/ 		0
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b?c1=2&c2=36204834&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1678934096767&ns_c=UTF-8&c7=https%3A%2F%2Fistoe.com.br%2F&c8=ISTO%C3%89%20Independente&c9=
Requested by
Host: istoe.com.br
URL: https://istoe.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-105.fra60.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://istoe.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:34:56 GMT
via
1.1 39e6266db143f6443f194d8c60e22480.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
x-amz-cf-id
se6v7_umyPFyIKy0wxKSDzYlM4ls43Rt9X9wkEgM8yJt3zo75oQIcQ==
x-cache
Miss from cloudfront
b
sb.scorecardresearch.com/ 		0
189 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b?c1=7&c2=34354936&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1678934096768&ns_c=UTF-8&c3=1&c7=https%3A%2F%2Fistoe.com.br%2F&c8=ISTO%C3%89%20Independente&c9=
Requested by
Host: istoe.com.br
URL: https://istoe.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-105.fra60.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://istoe.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:34:56 GMT
via
1.1 39e6266db143f6443f194d8c60e22480.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
x-amz-cf-id
bwaGOfaN-UmtCN6ZRqVIR9uAqafWjhC5CsCS006iv3ms3Ih1JZa1Vg==
x-cache
Miss from cloudfront
logo-istoe.svg
istoe.com.br/wp-content/themes/project_theme/assets/img/svg/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://istoe.com.br/wp-content/themes/project_theme/assets/img/svg/logo-istoe.svg?x65938
Requested by
Host: istoe.com.br
URL: https://istoe.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.201.85.150 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
150.85.201.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
805c41178b1d12c73f2148a882a353c8a09d35a4c28e063d650f76192cadea84

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://istoe.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
public
date
Thu, 16 Mar 2023 00:53:40 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
via
1.1 google
server
nginx
age
6076
etag
W/"62e9db84-fb0"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=86400, must-revalidate, proxy-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1592
96-280x304.jpg
istoe.com.br/wp-content/uploads/2023/03/ 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://istoe.com.br/wp-content/uploads/2023/03/96-280x304.jpg?x65938
Requested by
Host: istoe.com.br
URL: https://istoe.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.201.85.150 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
150.85.201.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
817c9dba862a4f671cc1be8f5fa2140573624a385aba91f57886879f024b2534

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://istoe.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
public
date
Thu, 16 Mar 2023 00:27:29 GMT
via
1.1 google
referrer-policy
no-referrer-when-downgrade
server
nginx
age
7647
etag
"640a54bb-7fb9"
content-type
image/jpeg
cache-control
public, max-age=86400, must-revalidate, proxy-revalidate
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32697
simple-three-in-a-row-1.jpg
istoe.com.br/wp-content/uploads/2023/03/ 		129 KB
129 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://istoe.com.br/wp-content/uploads/2023/03/simple-three-in-a-row-1.jpg
Requested by
Host: istoe.com.br
URL: https://istoe.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.201.85.150 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
150.85.201.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
4d35e3fa390ee51c342095e08a8836cb29c856ed6837fc5a27696370888f7af3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://istoe.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
public
date
Wed, 15 Mar 2023 20:57:49 GMT
via
1.1 google
referrer-policy
no-referrer-when-downgrade
server
nginx
age
20227
etag
"64107ce6-202a1"
content-type
image/jpeg
cache-control
public, max-age=86400, must-revalidate, proxy-revalidate
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
131745
tagreuters.com2023binary_LYNXMPEJ2E13X-VIEWIMAGE-e1678924859167.jpg
istoe.com.br/wp-content/uploads/Reuters_Direct_Media/BrazilOnlineReportBusinessNews/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://istoe.com.br/wp-content/uploads/Reuters_Direct_Media/BrazilOnlineReportBusinessNews/tagreuters.com2023binary_LYNXMPEJ2E13X-VIEWIMAGE-e1678924859167.jpg
Requested by
Host: istoe.com.br
URL: https://istoe.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.201.85.150 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
150.85.201.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
ea0d57dcc546fffa9e2bbde3d288e070bc7e03faf2de62646a9e8e48b329c3ec

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://istoe.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
public
date
Thu, 16 Mar 2023 02:34:56 GMT
via
1.1 google
referrer-policy
no-referrer-when-downgrade
server
nginx
etag
"64125c3b-3ce0"
content-type
image/jpeg
cache-control
public, max-age=86400, must-revalidate, proxy-revalidate
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15584
tagreuters.com2023binary_LYNXMPEJ0708H-VIEWIMAGE-e1673646254373.jpg
istoe.com.br/wp-content/uploads/Reuters_Direct_Media/BrazilOnlineReportTopNews/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://istoe.com.br/wp-content/uploads/Reuters_Direct_Media/BrazilOnlineReportTopNews/tagreuters.com2023binary_LYNXMPEJ0708H-VIEWIMAGE-e1673646254373.jpg?x65938
Requested by
Host: istoe.com.br
URL: https://istoe.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.201.85.150 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
150.85.201.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
767def4400888535d13656a65f72f6d4643aad075e9de6b74e6f346ebc7b9522

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://istoe.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
public
date
Wed, 15 Mar 2023 21:12:35 GMT
via
1.1 google
referrer-policy
no-referrer-when-downgrade
server
nginx
age
19341
etag
"63c1d0ae-3034"
content-type
image/jpeg
cache-control
public, max-age=86400, must-revalidate, proxy-revalidate
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12340
13-2.jpg
istoe.com.br/wp-content/uploads/2022/11/ 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://istoe.com.br/wp-content/uploads/2022/11/13-2.jpg
Requested by
Host: istoe.com.br
URL: https://istoe.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.201.85.150 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
150.85.201.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
45e86c861e11ddebad2e2fb03c9ce1da22888214925a48ba3701bf7cad4a7cb1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://istoe.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
public
date
Thu, 16 Mar 2023 02:28:57 GMT
via
1.1 google
referrer-policy
no-referrer-when-downgrade
server
nginx
age
359
etag
"636d3dfe-85d3"
content-type
image/jpeg
cache-control
public, max-age=86400, must-revalidate, proxy-revalidate
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34259
c981d6b1efe057a5f6a57f61230d6e24ce031d58-1.jpg
istoe.com.br/wp-content/uploads/2017/05/ 		178 KB
178 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://istoe.com.br/wp-content/uploads/2017/05/c981d6b1efe057a5f6a57f61230d6e24ce031d58-1.jpg?x65938
Requested by
Host: istoe.com.br
URL: https://istoe.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.201.85.150 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
150.85.201.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
8884b30509550a89db99d440457a129e6495d5414a2a761ca6b7c2443d220e81

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://istoe.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
public
date
Wed, 15 Mar 2023 21:12:37 GMT
via
1.1 google
referrer-policy
no-referrer-when-downgrade
server
nginx
age
19339
etag
"5c6b8b55-2c74d"
content-type
image/jpeg
cache-control
public, max-age=86400, must-revalidate, proxy-revalidate
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
182093
benzema-e1678917599231.jpg
istoe.com.br/wp-content/uploads/2023/03/ 		252 KB
252 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://istoe.com.br/wp-content/uploads/2023/03/benzema-e1678917599231.jpg
Requested by
Host: istoe.com.br
URL: https://istoe.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.201.85.150 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
150.85.201.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
0e4eb7f40c46d814caf5748fc98e27ca8be758f1c82ecb7c1cfc9a61e06a74e1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://istoe.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
public
date
Wed, 15 Mar 2023 22:14:00 GMT
via
1.1 google
referrer-policy
no-referrer-when-downgrade
server
nginx
age
15656
etag
"64123fdf-3ee92"
content-type
image/jpeg
cache-control
public, max-age=86400, must-revalidate, proxy-revalidate
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
257682
nikolas-ferreira-datena.jpg
istoe.com.br/wp-content/uploads/2023/03/ 		97 KB
97 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://istoe.com.br/wp-content/uploads/2023/03/nikolas-ferreira-datena.jpg?x65938
Requested by
Host: istoe.com.br
URL: https://istoe.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.201.85.150 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
150.85.201.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
0b7a2e22390448cbf35083cdb344b2badf44642e8e79e4fcdcf5437bb39b0635

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://istoe.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
public
date
Wed, 15 Mar 2023 21:12:39 GMT
via
1.1 google
referrer-policy
no-referrer-when-downgrade
server
nginx
age
19337
etag
"6412232c-18232"
content-type
image/jpeg
cache-control
public, max-age=86400, must-revalidate, proxy-revalidate
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
98866
imposto_de_renda_calculo_cred_ebc_640x360.jpg
istoe.com.br/wp-content/uploads/2017/03/ 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://istoe.com.br/wp-content/uploads/2017/03/imposto_de_renda_calculo_cred_ebc_640x360.jpg?x65938
Requested by
Host: istoe.com.br
URL: https://istoe.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.201.85.150 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
150.85.201.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
2b717dac1235911b8c75e72b4a069871eea2c13244d0097a5202cb12053bd061

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://istoe.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
public
date
Wed, 15 Mar 2023 10:54:52 GMT
via
1.1 google
referrer-policy
no-referrer-when-downgrade
server
nginx
age
56404
etag
"5c6b8836-a084"
content-type
image/jpeg
cache-control
public, max-age=86400, must-revalidate, proxy-revalidate
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41092
collect
www.google-analytics.com/j/ 		4 B
206 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j99&a=1946241729&t=pageview&_s=1&dl=https%3A%2F%2Fistoe.com.br%2F&ul=en-us&de=UTF-8&dt=ISTO%C3%89%20Independente&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACAAI~&jid=2066340023&gjid=176366859&cid=1307452278.1678934097&tid=UA-10912487-1&_gid=1495439294.1678934097&_r=1&_slc=1&cg1=Homepage&z=214803003
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://istoe.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 16 Mar 2023 02:34:56 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://istoe.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		4 B
69 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j99&a=1946241729&t=pageview&_s=1&dl=https%3A%2F%2Fistoe.com.br%2F&ul=en-us&de=UTF-8&dt=ISTO%C3%89%20Independente&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAEABAAAAACAAI~&jid=1804110643&gjid=968976617&cid=1307452278.1678934097&tid=UA-12962565-11&_gid=1495439294.1678934097&_r=1&_slc=1&z=261393746
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://istoe.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 16 Mar 2023 02:34:56 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://istoe.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
333e575b-b844-4016-9eba-647f67f3829b.json
osp-assets.pn.vg/ 		21 B
763 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://osp-assets.pn.vg/333e575b-b844-4016-9eba-647f67f3829b.json
Requested by
Host: cdn.pn.vg
URL: https://cdn.pn.vg/push/ilabspush.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:6c22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
deb68e16777fefa7c5ab4cefd475b2b9e9afaae5d243535a8eccc89c7fa3c17b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://istoe.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:34:56 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
TDAYZ5ST61JVEVZ0
age
546488
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
21
x-amz-id-2
WxrY+3yPb2rKOj40Y4M7l0XlurI4ZDxN8JBp4b2IKI06DzbPS132VQBIzhkB89QnOFekkxRA7o4=
last-modified
Wed, 01 Jun 2022 18:17:05 GMT
server
cloudflare
etag
"7e49c47a75dd2571802e6b32b46a36ac"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET, HEAD, POST, PUT
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XfqVCDWCZ9JLyf3QZzTAGRZtlYyoANAyM4JZ5qcNdGCMxwfBKXRgj%2Bb%2F2W358JRONjzDDmWzgT9oSw4Ri012F0AFZA19jMEG739AlrzJvXOZ71JLNHLVXZD4TezLWtPAYBnaQjSbN6xF8cc8Y9H7"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
7a8999995bbf9208-FRA
PushnewsSubscriptionSDK.js
cdn.pn.vg/push/ 		35 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.pn.vg/push/PushnewsSubscriptionSDK.js
Requested by
Host: cdn.pn.vg
URL: https://cdn.pn.vg/push/ilabspush.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e0::ac40:6c22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6169b737eda8164703eb60af8bbd410b54f46f10a9ddc68e5ca254be5735b0b7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://istoe.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:34:56 GMT
via
1.1 eb6e5773d654b9aeadbed8169564506c.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
FRA56-P5
age
2152
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 07 Mar 2023 19:00:32 GMT
server
cloudflare
etag
W/"3f4fa8e50359f9cceca7110e52f507d7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4qMvs5MMGgWssBDpRefKyWwBYaxSjUXynke0e1obVJw%2BAeg3qcCvzokz%2F2Cp0Jc7uqqMRlS4JULoxu9RUsGciiECWDVmPKhaslQW4Omyzq5zHzyjE9i%2F1FjJrb5SbfMJQhe4sMENncQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400
cf-ray
7a89999908f59137-FRA
x-amz-cf-id
_77RQ8VQMO3UN2mDNJCascu9_9ZoxJcMkGMgF1I4JK2mRh2J4DLxvg==
notify-impression
nr-events.taboola.com/newsroom/1.0/editora3-isto/ 		0
101 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nr-events.taboola.com/newsroom/1.0/editora3-isto/notify-impression?page.url=https%3A%2F%2Fistoe.com.br%2F&view.id=121499113709608992&page.template=home&page.dashboard=home
Requested by
Host: istoe.com.br
URL: https://istoe.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://istoe.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-served-by
cache-fra-eddf8230115-FRA
tbl-x-upstream
10.45.29.4:8080
date
Thu, 16 Mar 2023 02:34:56 GMT
via
1.1 varnish
server
nginx
x-timer
S1678934097.812812,VS0,VE9
x-cache
MISS
accept-ranges
bytes
x-application-context
front-page-event-server:production
x-cache-hits
0
pubads_impl_2023031301.js
securepubads.g.doubleclick.net/gpt/ 		397 KB
134 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031301.js?cb=31073052
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb7d39384f8a58e23c5e8c78b974aabb9cd28238d451301a12b43c321783fe6c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://istoe.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 15 Mar 2023 18:27:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
29235
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
136873
x-xss-protection
0
last-modified
Mon, 13 Mar 2023 08:34:58 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 14 Mar 2024 18:27:41 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		675 B
851 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=istoe.com.br
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c703ef4f6731be9421772c5ffbf073435cb7e77e24ad44f39c43baaf8b8d0106
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://istoe.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:34:56 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
308
x-xss-protection
0
expires
Thu, 16 Mar 2023 02:34:56 GMT
sync
gum.criteo.com/ 		46 B
288 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230315-12-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://istoe.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:34:55 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
546449
expires
60
json
trc.taboola.com/editora3-isto/trc/3/ 		87 KB
25 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/editora3-isto/trc/3/json?tim=02%3A34%3A56.872&lti=deflated&data=%7B%22id%22%3A213%2C%22ii%22%3A%22_homepage_%22%2C%22it%22%3A%22home%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1678894808427%2C%22vi%22%3A1678934096870%2C%22cv%22%3A%2220230315-12-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fistoe.com.br%2F%22%2C%22bv%22%3A%220%22%2C%22wc%22%3Atrue%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Fistoe.com.br%2F%22%2C%22vpi%22%3A%22%2F%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A12201%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-h2m%22%2C%22s%22%3A10%2C%22uim%22%3A%22thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Home%20Thumbnails%22%2C%22orig_uip%22%3A%22Below%20Home%20Thumbnails%22%2C%22cd%22%3A11872.359375%2C%22mw%22%3A1248%7D%5D%2C%22cacheKey%22%3A%22home%3D_homepage_%2CBelow%20Home%20Thumbnails%3Dthumbnails-a%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230315-12-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
bb508102b59a34d9277dc9348b9d82d9a67b44cfa56531608ee4e98d9dcb850b

Request headers

Referer
https://istoe.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
584
date
Thu, 16 Mar 2023 02:34:57 GMT
content-encoding
gzip
via
1.1 varnish
x-served-by
cache-fra-eddf8230058-FRA
server
nginx
x-timer
S1678934097.883792,VS0,VE584
vary
Accept-Encoding
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://istoe.com.br
content-type
application/javascript; charset=utf-8
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
collect
stats.g.doubleclick.net/j/ 		4 B
346 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-10912487-1&cid=1307452278.1678934097&jid=2066340023&gjid=176366859&_gid=1495439294.1678934097&_u=YEBAAEAAAAAAACAAI~&z=1425779530
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://istoe.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Thu, 16 Mar 2023 02:34:56 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://istoe.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
69 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-12962565-11&cid=1307452278.1678934097&jid=1804110643&gjid=968976617&_gid=1495439294.1678934097&_u=YEDAAEABAAAAACAAI~&z=1008420828
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://istoe.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Thu, 16 Mar 2023 02:34:56 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://istoe.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
clarity.js
www.clarity.ms/eus2-sc/s/0.7.2/ 		56 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/eus2-sc/s/0.7.2/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/fmk1om34jg?ref=wordpress
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:1ec:4e:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
99b523edd72385876c466fc061393829b08dec3aa544963373b22a08fb97784f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://istoe.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:34:56 GMT
content-encoding
br
last-modified
Wed, 01 Jun 2022 12:22:22 GMT
etag
W/"1d9569c9fccb81c"
vary
Accept-Encoding
x-azure-ref
20230316T023456Z-wvzcqkmkdp6zhecfv1d27pv2r800000002eg00000000696y
content-type
application/javascript;charset=utf-8
x-cache
TCP_HIT
cache-control
public, max-age=86400
request-context
appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
collect
region1.google-analytics.com/g/ 		0
251 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-6VP0875DQD&gtm=45je33f0h2&_p=1946241729&cid=1307452278.1678934097&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1678934096&sct=1&seg=0&dl=https%3A%2F%2Fistoe.com.br%2F&dt=ISTO%C3%89%20Independente&en=page_view&_fv=1&_ss=1&_c=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6VP0875DQD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://istoe.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Mar 2023 02:34:56 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://istoe.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		220 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-LNVZMYDN5E&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6VP0875DQD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
28db2f4e432c31ae09610efd9306a554f8016753b25d6f1c5851387f7ae26da7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://istoe.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:34:56 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
78738
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 16 Mar 2023 02:34:56 GMT
reply
istoe.com.br/@nave/gateway/ 		459 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://istoe.com.br/@nave/gateway/reply?navtrackdata=%7B%22clientip%22:%22185.213.155.141%22,%22timestamp%22:1678934096,%22source%22:%221de9cd2d-d7cf-46be-be01-dc5e25d29577%22,%22slug%22:%22home%22,%22nvtags%22:%5B%5D,%22url%22:%22https://istoe.com.br/%22,%22uuid%22:%222951747d-9d43-4561-8c90-a13622701503%22,%22refuuid%22:%222951747d-9d43-4561-8c90-a13622701503%22,%22hostname%22:%22istoe.com.br%22,%22pathname%22:%22/%22%7D
Requested by
Host: istoe.com.br
URL: https://istoe.com.br/@nave/client/1de9cd2d-d7cf-46be-be01-dc5e25d29577/home
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.201.85.150 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
150.85.201.35.bc.googleusercontent.com
Software
/
Resource Hash
0b3fc7c6e9295f03e0a46e2abbb4f10fdf3e47e11717a252346a336a4bdc42f2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://istoe.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:34:57 GMT
content-encoding
br
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary
accept-encoding
content-type
text/plain; charset=utf-8
/
b.smrk.io/api/public/geolocation/UaIUuQR5a1vmYEZDK0maG6SIcUjTk5tGj2Yj/ 		484 B
611 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://b.smrk.io/api/public/geolocation/UaIUuQR5a1vmYEZDK0maG6SIcUjTk5tGj2Yj/
Requested by
Host: cdn.pn.vg
URL: https://cdn.pn.vg/push/ilabspush.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
40.121.178.25 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
31edea158d5cbb71e8151feb75b806d1dc6a54f249137f3a46cbe082cdaf2fe6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://istoe.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Thu, 16 Mar 2023 02:34:57 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/json
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Access-Control-Max-Age
86400
Connection
keep-alive
Access-Control-Allow-Method
GET, OPTIONS
ga-audiences
www.google.com/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-10912487-1&cid=1307452278.1678934097&jid=2066340023&_u=YEBAAEAAAAAAACAAI~&z=652144881
Requested by
Host: istoe.com.br
URL: https://istoe.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://istoe.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Mar 2023 02:34:57 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-10912487-1&cid=1307452278.1678934097&jid=2066340023&_u=YEBAAEAAAAAAACAAI~&z=652144881
Requested by
Host: istoe.com.br
URL: https://istoe.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://istoe.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Mar 2023 02:34:57 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-LNVZMYDN5E&gtm=45je33d0&_p=1946241729&cid=1307452278.1678934097&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1678934097&sct=1&seg=0&dl=https%3A%2F%2Fistoe.com.br%2F&dt=ISTO%C3%89%20Independente&en=page_view&_fv=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LNVZMYDN5E&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://istoe.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Mar 2023 02:34:57 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://istoe.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pmk-202003261.3.js
widget.perfectmarket.com/editora3-isto/ 		111 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.perfectmarket.com/editora3-isto/pmk-202003261.3.js
Requested by
Host: widget.perfectmarket.com
URL: https://widget.perfectmarket.com/editora3-isto/load.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2c7bbddc37a3f2283e54f6e7032fde6792042b05b9b0d745103414890bdb38a0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://istoe.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id
LCAe1iru.EHzQK2x8Kw0Ifg0XmlmRfED
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
date
Thu, 16 Mar 2023 02:34:57 GMT
x-amz-request-id
5X73X6EB2S450TP9
age
2543598
x-cache
HIT, HIT
content-length
30933
x-amz-id-2
dsFoiLXdwKM+iyuB92FWvXBLEKnUoKqrLl3qB5WremYbe8FAWHvxssLjI565nQlKDP1baQVIygE=
x-served-by
cache-bur-kbur8200049-BUR, cache-fra-eddf8230029-FRA
last-modified
Fri, 03 Apr 2020 10:34:43 GMT
server
AmazonS3
x-timer
S1678934097.439325,VS0,VE0
etag
"3fe89470106e41f87c05803708a7cb1a"
vary
Accept-Encoding,,
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
accept-ranges
bytes
x-cache-hits
6820, 2
beacon.js
sb.scorecardresearch.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: widget.perfectmarket.com
URL: https://widget.perfectmarket.com/editora3-isto/pmk-202003261.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-105.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://istoe.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 01:19:33 GMT
content-encoding
gzip
via
1.1 39e6266db143f6443f194d8c60e22480.cloudfront.net (CloudFront)
last-modified
Thu, 09 Mar 2023 09:22:40 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
4524
x-amz-server-side-encryption
AES256
etag
W/"a06e7a176f40dc26aa5e9567ac9d2d5e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
UnOSV_go_UUhaWsF_YGb1wNMtC52U_aAAoFrsYKAgvaQjxVUkfFK7w==
UnitFeedManagerDesktop.min.js
vidstat.taboola.com/lite-unit/3.9.9/ 		111 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/lite-unit/3.9.9/UnitFeedManagerDesktop.min.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230315-12-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c0a7b78b741975a40bcc99c4b89e39855248aa76b3c8d639c8dc39245ebe1441

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://istoe.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:34:57 GMT
via
1.1 9ef1b108656dc6d0707b168b862883dc.cloudfront.net (CloudFront), 1.1 varnish
content-encoding
gzip
x-amz-cf-pop
FRA60-P1
age
923407
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront, HIT
content-length
30995
x-served-by
cache-fra-eddf8230058-FRA
last-modified
Sun, 05 Mar 2023 10:04:45 GMT
server
AmazonS3
x-timer
S1678934098.509330,VS0,VE0
etag
"c04a240008c67910556582d1bf159ad7"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
hb8k5qTx84vjvnZKLEByyGLQ8mj--ue9G2l1Fxf9ze3Xeud14VgcLA==
x-cache-hits
61597
feed-card-placeholder.20230315-12-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/feed-card-placeholder.20230315-12-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/editora3-isto/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a0c1247d011ef6b72df5b51079773f6083bb91bc6794ad930048c02bee33a102

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://istoe.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id
AZQXdKtR6Y7NiFHQMyexKR1uHT1AhoZB
content-encoding
gzip
via
1.1 varnish
date
Thu, 16 Mar 2023 02:34:57 GMT
x-amz-request-id
D7PCYJ706F543W11
age
34690
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1263
x-amz-id-2
E0vQSxPhLbx1DWs5wmIppJTbTDgGhnCt8ldFBFeNbQLcjeEmYiUAqTpScyI8iWZEVaUrvuwDx64=
x-served-by
cache-fra-eddf8230115-FRA
last-modified
Wed, 15 Mar 2023 16:56:47 GMT
server
AmazonS3
x-timer
S1678934098.518383,VS0,VE0
etag
"19bbe793779dd3115a09032d35d1cadc"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
90
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
70586
f89e1763-220d-4e09-ba69-9e040548fb7a.svg
cdn.taboola.com/static/f8/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/static/f8/f89e1763-220d-4e09-ba69-9e040548fb7a.svg
Requested by
Host: istoe.com.br
URL: https://istoe.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://istoe.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id
cMrDKn.emLmm9kiiOOF64ulDT4DRy6LK
content-encoding
gzip
via
1.1 varnish
date
Thu, 16 Mar 2023 02:34:57 GMT
x-amz-request-id
YCPN939ZR6JJT6WN
age
82
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1758
x-amz-id-2
yzGHlw/rdsJZxfwjmgR6mRS1ezwFJNkMwxyepEPhwn4b63VEpi0BN5pw+o7ibBuFdbDoYdZBCes=
x-served-by
cache-fra-eddf8230115-FRA
last-modified
Wed, 07 Feb 2018 11:15:52 GMT
server
AmazonS3
x-timer
S1678934098.530942,VS0,VE0
etag
"b8b410e4b18d45aa2f3d9bc09cd335fb"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
abp
90
cache-control
private,max-age=31536000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
25
userx.20230315-12-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/userx.20230315-12-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/editora3-isto/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ddd2742a2731662ccdca36a6e38d16e73dfc076a3e4dd688aa339e52b4e16383

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://istoe.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id
Yx0MVbFMdWUeFxOCDM46ed4dhStaMEAX
content-encoding
gzip
via
1.1 varnish
date
Thu, 16 Mar 2023 02:34:57 GMT
x-amz-request-id
520Q9DGGSKCYC5VV
age
34896
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
5399
x-amz-id-2
Abt6LQ2gXRG1mpj8vgIwzk9HgLIsgKCBjqmoOrtNfo6t2YwWlmh3kuxezyqJ7GykFWWWZCf10fg=
x-served-by
cache-fra-eddf8230115-FRA
last-modified
Wed, 15 Mar 2023 16:53:22 GMT
server
AmazonS3
x-timer
S1678934098.537332,VS0,VE0
etag
"5c6b1ff4d7c9e9280b905d918e307e5e"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
90
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
12119
cta-component.20230315-12-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		19 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/cta-component.20230315-12-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/editora3-isto/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ccc2819d34ec2b6caa5270cbb37f0906078e4773ffe19dc2fa7cc858f79555a4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://istoe.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id
MbO9ybbpCJ_QNmzgGnbZey8s93kzQj8v
content-encoding
gzip
via
1.1 varnish
date
Thu, 16 Mar 2023 02:34:57 GMT
x-amz-request-id
S3ERRJHKQZX815E1
age
34696
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
4739
x-amz-id-2
P5mF3AquVtDcBYAfnhXoAWvscIBJIQdnHY9AVaxLBFgE/iOcoMuBFdtadlER0KkKQe79DV7lZGU=
x-served-by
cache-fra-eddf8230115-FRA
last-modified
Wed, 15 Mar 2023 16:56:41 GMT
server
AmazonS3
x-timer
S1678934098.543065,VS0,VE0
etag
"e5733b48a71f01beb666336fa999c6c3"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
90
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
61351
abtests
trc.taboola.com/editora3-isto/log/3/ 		0
131 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/editora3-isto/log/3/abtests?route=AM:AM:V&tvi2=10406&lti=deflated&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22hp4u-excludeUrl%22%2C%22type%22%3A%22module%20initialized%22%2C%22eventTime%22%3A1678934097561%7D&tim=02%3A34%3A57.561&id=9017&llvl=2&ri=dec463e8f8702ac592e9bd1979a39ae1&sd=v2_27cc81510dd1224858b14d83fd11dd93_c647f624-debf-4148-ba73-3d112299c401-tuctb0c05d0_1678934096_1678934096_CIi3jgYQpqVFGOb3lMLuMCABKAEwODib4wlAiYoQSMOz2QNQ____________AVgAYABo6t-6o5P9iuX9AXAA&ui=c647f624-debf-4148-ba73-3d112299c401-tuctb0c05d0&pi=/&wi=-8333092029798277823&pt=home&vi=1678934096870&
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230315-12-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://istoe.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-vcl-time-ms
9
pragma
no-cache
date
Thu, 16 Mar 2023 02:34:57 GMT
via
1.1 varnish
x-served-by
cache-fra-eddf8230058-FRA
server
nginx
x-timer
S1678934098.559989,VS0,VE9
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://istoe.com.br
content-type
image/gif
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
1c493a69bcec8342ea52f1aadca5867a.png
cdn.taboola.com/libtrc/static/thumbnails/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/libtrc/static/thumbnails/1c493a69bcec8342ea52f1aadca5867a.png
Requested by
Host: istoe.com.br
URL: https://istoe.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fa3793a5e6df811a91f9ff6c0750934f41712b5330a6756aa37f573ad1d78df1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://istoe.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id
88Kt8pNlUfzMDll827UD6yk8aTEDvf5d
date
Thu, 16 Mar 2023 02:34:57 GMT
via
1.1 varnish
x-amz-request-id
DXRQRVPGPZZVWSQR
age
0
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
18203
x-amz-id-2
NMlNvGQDu71737MNFjqT2hkutssq+FYBMxi/zFnKjhqzB0oo53Y18GztxPdkivAG9VtTreIbVnw=
x-served-by
cache-fra-eddf8230115-FRA
last-modified
Tue, 20 Mar 2018 18:03:18 GMT
server
AmazonS3
x-timer
S1678934098.561102,VS0,VE185
etag
"96d750ae479cc9000e6ee07cb7791181"
content-type
image/png
abp
90
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
1
abtests
am-trc-events.taboola.com/editora3-isto/log/3/ 		0
231 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/editora3-isto/log/3/abtests?route=AM:AM:V&tvi2=10406&lti=deflated&ri=dec463e8f8702ac592e9bd1979a39ae1&sd=v2_27cc81510dd1224858b14d83fd11dd93_c647f624-debf-4148-ba73-3d112299c401-tuctb0c05d0_1678934096_1678934096_CIi3jgYQpqVFGOb3lMLuMCABKAEwODib4wlAiYoQSMOz2QNQ____________AVgAYABo6t-6o5P9iuX9AXAA&ui=c647f624-debf-4148-ba73-3d112299c401-tuctb0c05d0&pi=/&wi=-8333092029798277823&pt=home&vi=1678934096870&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22block_clicks_init%22%2C%22type%22%3A%22block-clicks-manager%22%2C%22eventTime%22%3A1678934097541%7D&tim=02%3A34%3A57.541&id=8387&llvl=2&cv=20230315-12-RELEASE&
Requested by
Host: istoe.com.br
URL: https://istoe.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://istoe.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Thu, 16 Mar 2023 02:34:57 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
impression_pixel
t.myvisualiq.net/ul_cb/
Redirect Chain
  • https://t.myvisualiq.net/impression_pixel?r=2023-03-16+02%3A34%3A57&et=i&ago=212&ao=993&aca=29365277&si=5791742&ci=187403626&pi=360634535&ad=551613956&advt=12325410&chnl=-7&vndr=115&sz=9675&u={Auct...
  • https://t.myvisualiq.net/ul_cb/impression_pixel?r=2023-03-16+02%3A34%3A57&et=i&ago=212&ao=993&aca=29365277&si=5791742&ci=187403626&pi=360634535&ad=551613956&advt=12325410&chnl=-7&vndr=115&sz=9675&u...
43 B
573 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.myvisualiq.net/ul_cb/impression_pixel?r=2023-03-16+02%3A34%3A57&et=i&ago=212&ao=993&aca=29365277&si=5791742&ci=187403626&pi=360634535&ad=551613956&advt=12325410&chnl=-7&vndr=115&sz=9675&u={AuctionID};&viq_did={device}&pt=I
Requested by
Host: istoe.com.br
URL: https://istoe.com.br/
Protocol
HTTP/1.1
Server
54.183.1.6 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-183-1-6.us-west-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://istoe.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-origin
*
Date
Thu, 16 Mar 2023 02:34:58 GMT
Cache-Control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Redirect headers

Location
https://t.myvisualiq.net/ul_cb/impression_pixel?r=2023-03-16+02%3A34%3A57&et=i&ago=212&ao=993&aca=29365277&si=5791742&ci=187403626&pi=360634535&ad=551613956&advt=12325410&chnl=-7&vndr=115&sz=9675&u={AuctionID};&viq_did={device}&pt=I
Date
Thu, 16 Mar 2023 02:34:58 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
visit.jpg
tps.doubleverify.com/ 		0
162 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tps.doubleverify.com/visit.jpg?ctx=3758893&cmp=29365277&sid=5791742&plc=360634535&adsrv=1&btreg=&btadsrv=&crt=&tagtype=&dvtagver=6.1.img&
Requested by
Host: istoe.com.br
URL: https://istoe.com.br/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.149.12.213 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
213.12.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://istoe.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 16 Mar 2023 02:34:57 GMT
Cache-Control
max-age=0
Connection
keep-alive
Expires
03/15/2023 02:34:57
B29365277.360634535;dc_pre=CNuf-fO03_0CFd-JgwcdKXMA8w;dc_trk_aid=551613956;dc_trk_cid=187403626;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consen...
ad.doubleclick.net/ddm/trackimp/N1153793.1006845TABOOLA.COM/
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N1153793.1006845TABOOLA.COM/B29365277.360634535;dc_trk_aid=551613956;dc_trk_cid=187403626;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;...
  • https://ad.doubleclick.net/ddm/trackimp/N1153793.1006845TABOOLA.COM/B29365277.360634535;dc_pre=CNuf-fO03_0CFd-JgwcdKXMA8w;dc_trk_aid=551613956;dc_trk_cid=187403626;ord=[timestamp];dc_lat=;dc_rdid=;...
42 B
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/trackimp/N1153793.1006845TABOOLA.COM/B29365277.360634535;dc_pre=CNuf-fO03_0CFd-JgwcdKXMA8w;dc_trk_aid=551613956;dc_trk_cid=187403626;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=?;dc_ref=istoe.com.br
Requested by
Host: istoe.com.br
URL: https://istoe.com.br/
Protocol
H2
Server
142.250.186.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f6.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://istoe.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Mar 2023 02:34:57 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 16 Mar 2023 02:34:57 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ad.doubleclick.net/ddm/trackimp/N1153793.1006845TABOOLA.COM/B29365277.360634535;dc_pre=CNuf-fO03_0CFd-JgwcdKXMA8w;dc_trk_aid=551613956;dc_trk_cid=187403626;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=?;dc_ref=istoe.com.br
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
p.clarity.ms/ 		0
292 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://p.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/eus2-sc/s/0.7.2/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.122.63.128 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://istoe.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://istoe.com.br
Date
Thu, 16 Mar 2023 02:34:57 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
social
am-trc-events.taboola.com/editora3-isto/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/editora3-isto/log/3/social?route=AM:AM:V&tvi2=10406&lti=deflated&ri=dec463e8f8702ac592e9bd1979a39ae1&sd=v2_27cc81510dd1224858b14d83fd11dd93_c647f624-debf-4148-ba73-3d112299c401-tuctb0c05d0_1678934096_1678934096_CIi3jgYQpqVFGOb3lMLuMCABKAEwODib4wlAiYoQSMOz2QNQ____________AVgAYABo6t-6o5P9iuX9AXAA&ui=c647f624-debf-4148-ba73-3d112299c401-tuctb0c05d0&pi=/&wi=-8333092029798277823&pt=home&vi=1678934096870&st=social-available&d=%7B%22data%22%3A%5B%7B%22i%22%3A%22ctx%22%2C%22ism%22%3Afalse%2C%22srx%22%3A1600%2C%22sry%22%3A1200%2C%22pd%22%3Anull%2C%22tpl%22%3A%22%22%2C%22url%22%3A%22https%3A%2F%2Fistoe.com.br%22%2C%22rref%22%3A%22%22%2C%22sref%22%3A%22_sessionPending_%22%2C%22hdl%22%3A%22Home%22%2C%22sec%22%3A%22%22%2C%22aut%22%3A%5B%5D%2C%22img%22%3A%22%22%2C%22v%22%3A15%2C%22pw%22%3Afalse%7D%5D%7D&tim=02%3A34%3A57.580&id=9226&llvl=2&cv=20230315-12-RELEASE&
Requested by
Host: istoe.com.br
URL: https://istoe.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://istoe.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Thu, 16 Mar 2023 02:34:57 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
am-trc-events.taboola.com/editora3-isto/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/editora3-isto/log/3/abtests?route=AM:AM:V&tvi2=10406&lti=deflated&ri=dec463e8f8702ac592e9bd1979a39ae1&sd=v2_27cc81510dd1224858b14d83fd11dd93_c647f624-debf-4148-ba73-3d112299c401-tuctb0c05d0_1678934096_1678934096_CIi3jgYQpqVFGOb3lMLuMCABKAEwODib4wlAiYoQSMOz2QNQ____________AVgAYABo6t-6o5P9iuX9AXAA&ui=c647f624-debf-4148-ba73-3d112299c401-tuctb0c05d0&pi=/&wi=-8333092029798277823&pt=home&vi=1678934096870&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22recommendation-reel%22%2C%22type%22%3A%22available%22%2C%22eventTime%22%3A1678934097594%7D&tim=02%3A34%3A57.594&id=1192&llvl=2&cv=20230315-12-RELEASE&
Requested by
Host: istoe.com.br
URL: https://istoe.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://istoe.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Thu, 16 Mar 2023 02:34:57 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
st
imprammp.taboola.com/ Frame F392 		546 B
506 B 		Document
General
Check archive.org
Download Go to
Full URL
https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V7VG8CFgPW4ebAeYgwoQTW4ebAeYgwoQUAAAAGBvQHJGbxWCyuicUt8syWa9HMZlxLHJORWzlZ7WaWxcgw8q2MQGIWj8XimljcIs9suRbNbMa1xDEZuZWT1W5mWYwMI9_KChzGcpkMaoGEZfb7DkK-22UQFV1vi93hNHveUIGm0-Fz3euVntPfZdf43XaJ5S8HAAAAgIf___9_CAAAAIAIAAAAAAkAAAAAioCKfwuBCwAAAACM____fw0AKI4Dsrw8J5fdHwAAAAAgAAAAACQAA_a1JQAVa3Un__________8xA_SZNzL_____NwY9AA8-AA9CAAAAH0Mr5SafGw-4bkQFwkWMAAAAAHKrNxuPJnVCZVH1___fbwVwBQAQYIhexGORpTso8RYGAAAAMLZAD4vfb3bYNX63y_7_________zf7P_tGEmHri0oK64EjVfgEBANZ-AQEA2MYNAOBNAC7oCFoxGKwOQZar1WAymcwOAAAA4O7___9fD0R2G49xsVoMRibHZDIaroYTx2hk3MxMjsXI5Nxs71g3-J-zVQSlz0NYZr_vIOS7XQZR0fW22B1Os-cgPmgYlpNBML8JW4xWk8lmOZwtF5PBcDQcjfY3EIvFACdisFxOJovJbjVajTbD3Wg2WKBADCZI0aLBZDUaTRaT4Wo0Wc2Wi91ugxStWs1Gm8FwNZvMdrvVcDBcjkY4YYvRajLZLIez5WIyGI6Go9EQYcY22s1sk9Fa5LLY3KLFaLiWOHybtWbkWEwmy-XGNFisRa-P6WLYGFYjwxYFA0T2InlapBORy2OabVbGmXE3mCw8ruVk5ZyYHMvdcuFZLlyOiViiOVmkE9llX9ltPMbFajEYmRyTyWi4Gk4co5FxMzM5FiOTc7Pv2Ea7mW0yWotcFptbtBgN1xKHb7PWjByLyWS53JgGi7Xo9TFdDBvDamTYN2a74XIzGixn-8ZsN1xuRoPlbN9hMj1Tn7NReNxqPD7FM3aTWW8Og8JlsHh_EtNi2p0dTGff0WnzqZdFndHv9_v9fr_f7_f7DVrPwWxQ-LbRW7Z3DZpL17G5IDYYFLFEcJFOVCan6W95eNZKz-lvEUuUpot0oi_63S7Dw-fyV8QSwekinQj9bpdF_ceHGK7mksVmrlit5orRYpUAAAAAAAAAAJYwZ94EAAAA4DSQ1XI3W63zIEaDzW62Wi5AhJSp7s-xXMhZxi70LqMW-vwET0dQcePHDWVymv6Wh2et9Jz-VgaIkCpl3vyZINZqtawBAAAEsAEAAAK4dfMWmDrF_____8cBAADIyNEDAADQ7wNdwY9eK_TE8RfEYDTbDQ!&cmcv=&pix=undefined&cb=1678934097916&uv=3261&tms=1678934097916&abt=nonrv_vA!prp_vC!prp_vC!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=fbcbb5bb-d369-4ff8-b12d-9257f21d0d7e&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.9.9/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
27bd01c8e79dcd85fd696e9d10581f0414f22dc14eb57d48cd8e2d129d275e42

Request headers

Referer
https://istoe.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-type
text/html;charset=ISO-8859-1
date
Thu, 16 Mar 2023 02:34:57 GMT
server
nginx
vary
Accept-Encoding
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-fra-eddf8230115-FRA
x-timer
S1678934098.917039,VS0,VE9
sync
am-match.taboola.com/ Frame BEE8 		564 B
649 B 		Document
General
Check archive.org
Download Go to
Full URL
https://am-match.taboola.com/sync?dast=V7VG8CFgPW4ebAeYgwoQTW4ebAeYgwoQUAAAAGBvQHJGbxWCyuicUt8syWa9HMZlxLHJORWzlZ7WaWxcgw8q2MQGIWj8XimljcIs9suRbNbMa1xDEZuZWT1W5mWYwMI9_KChzGcpkMaoGEZfb7DkK-22UQFV1vi93hNHveUIGm0-Fz3euVntPfZdf43XaJ5S8HAAAAgIf___9_CAAAAIAIAAAAAAkAAAAAioCKfwuBCwAAAACM____fw0AKI4Dsrw8J5fdHwAAAAAgAAAAACQAA_a1JQAVa3Un__________8xA_SZNzL_____NwY9AA8-AA9CAAAAH0Mr5SafGw-4bkQFwkWMAAAAAHKrNxuPJnVCZVH1___fbwVwBQAQYIhexGORpTso8RYGAAAAMLZAD4vfb3bYNX63y_7_________zf7P_tGEmHri0oK64EjVfgEBANZ-AQEA2MYNAOBNAC7oCFoxGKwOQZar1WAymcwOAAAA4O7___9fD0R2G49xsVoMRibHZDIaroYTx2hk3MxMjsXI5Nxs71g3-J-zVQSlz0NYZr_vIOS7XQZR0fW22B1Os-cgPmgYlpNBML8JW4xWk8lmOZwtF5PBcDQcjfY3EIvFACdisFxOJovJbjVajTbD3Wg2WKBADCZI0aLBZDUaTRaT4Wo0Wc2Wi91ugxStWs1Gm8FwNZvMdrvVcDBcjkY4YYvRajLZLIez5WIyGI6Go9EQYcY22s1sk9Fa5LLY3KLFaLiWOHybtWbkWEwmy-XGNFisRa-P6WLYGFYjwxYFA0T2InlapBORy2OabVbGmXE3mCw8ruVk5ZyYHMvdcuFZLlyOiViiOVmkE9llX9ltPMbFajEYmRyTyWi4Gk4co5FxMzM5FiOTc7Pv2Ea7mW0yWotcFptbtBgN1xKHb7PWjByLyWS53JgGi7Xo9TFdDBvDamTYN2a74XIzGixn-8ZsN1xuRoPlbN9hMj1Tn7NReNxqPD7FM3aTWW8Og8JlsHh_EtNi2p0dTGff0WnzqZdFndHv9_v9fr_f7_f7DVrPwWxQ-LbRW7Z3DZpL17G5IDYYFLFEcJFOVCan6W95eNZKz-lvEUuUpot0oi_63S7Dw-fyV8QSwekinQj9bpdF_ceHGK7mksVmrlit5orRYpUAAAAAAAAAAJYwZ94EAAAA4DSQ1XI3W63zIEaDzW62Wi5AhJSp7s-xXMhZxi70LqMW-vwET0dQcePHDWVymv6Wh2et9Jz-VgaIkCpl3vyZINZqtawBAAAEsAEAAAK4dfMWmDrF_____8cBAADIyNEDAADQ7wNdwY9eK_TE8RfEYDTbDQ!&excid=22&docw=0&cijs=1&nlb=false
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.9.9/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
4b0acb5b956e0838f74b55d4693710c5f2f5fb43d6ad98609eb2882ad7df92eb

Request headers

Referer
https://istoe.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-type
text/html;charset=ISO-8859-1
date
Thu, 16 Mar 2023 02:34:57 GMT
machineid
3402
server
nginx
VideoBidRequestHandlerServlet
wf.taboola.com/ 		2 KB
921 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1678934097922&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1507&pt=230030327&tz=0&viewable=true&ddast=V7VG8CFgPW4ebAeYgwoQTW4ebAeYgwoQUAAAAGBvQHJGbxWCyuicUt8syWa9HMZlxLHJORWzlZ7WaWxcgw8q2MQGIWj8XimljcIs9suRbNbMa1xDEZuZWT1W5mWYwMI9_KChzGcpkMaoGEZfb7DkK-22UQFV1vi93hNHveUIGm0-Fz3euVntPfZdf43XaJ5S8HAAAAgIf___9_CAAAAIAIAAAAAAkAAAAAioCKfwuBCwAAAACM____fw0AKI4Dsrw8J5fdHwAAAAAgAAAAACQAA_a1JQAVa3Un__________8xA_SZNzL_____NwY9AA8-AA9CAAAAH0Mr5SafGw-4bkQFwkWMAAAAAHKrNxuPJnVCZVH1___fbwVwBQAQYIhexGORpTso8RYGAAAAMLZAD4vfb3bYNX63y_7_________zf7P_tGEmHri0oK64EjVfgEBANZ-AQEA2MYNAOBNAC7oCFoxGKwOQZar1WAymcwOAAAA4O7___9fD0R2G49xsVoMRibHZDIaroYTx2hk3MxMjsXI5Nxs71g3-J-zVQSlz0NYZr_vIOS7XQZR0fW22B1Os-cgPmgYlpNBML8JW4xWk8lmOZwtF5PBcDQcjfY3EIvFACdisFxOJovJbjVajTbD3Wg2WKBADCZI0aLBZDUaTRaT4Wo0Wc2Wi91ugxStWs1Gm8FwNZvMdrvVcDBcjkY4YYvRajLZLIez5WIyGI6Go9EQYcY22s1sk9Fa5LLY3KLFaLiWOHybtWbkWEwmy-XGNFisRa-P6WLYGFYjwxYFA0T2InlapBORy2OabVbGmXE3mCw8ruVk5ZyYHMvdcuFZLlyOiViiOVmkE9llX9ltPMbFajEYmRyTyWi4Gk4co5FxMzM5FiOTc7Pv2Ea7mW0yWotcFptbtBgN1xKHb7PWjByLyWS53JgGi7Xo9TFdDBvDamTYN2a74XIzGixn-8ZsN1xuRoPlbN9hMj1Tn7NReNxqPD7FM3aTWW8Og8JlsHh_EtNi2p0dTGff0WnzqZdFndHv9_v9fr_f7_f7DVrPwWxQ-LbRW7Z3DZpL17G5IDYYFLFEcJFOVCan6W95eNZKz-lvEUuUpot0oi_63S7Dw-fyV8QSwekinQj9bpdF_ceHGK7mksVmrlit5orRYpUAAAAAAAAAAJYwZ94EAAAA4DSQ1XI3W63zIEaDzW62Wi5AhJSp7s-xXMhZxi70LqMW-vwET0dQcePHDWVymv6Wh2et9Jz-VgaIkCpl3vyZINZqtawBAAAEsAEAAAK4dfMWmDrF_____8cBAADIyNEDAADQ7wNdwY9eK_TE8RfEYDTbDQ!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=8&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=1403765&dpubid=259765&abtst=nonrv_vA!prp_vC!prp_vC!ufm_vD&mPre=0.033&cirf=https%3A%2F%2Fistoe.com.br&en=1&subu=3
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.9.9/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
53f294492662b2285c7ba665b7e1fa88407de3db2ba4bb7587e597842a59a531

Request headers

Referer
https://istoe.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-type
text/plain

Response headers

x-cache-hits
0
date
Thu, 16 Mar 2023 02:34:58 GMT
content-encoding
gzip
via
1.1 varnish
machineid
1429
x-cache
MISS
x-served-by
cache-fra-eddf8230115-FRA
pragma
no-cache
server
nginx
x-timer
S1678934098.928013,VS0,VE135
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://istoe.com.br
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
accept-ranges
bytes
expires
Sat, 26 Jul 1997 05:00:00 GMT
st
am-vid-events.taboola.com/ 		0
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66361655&crid=-1&dast=V7VG8CFgPW4ebAeYgwoQTW4ebAeYgwoQUAAAAGBvQHJGbxWCyuicUt8syWa9HMZlxLHJORWzlZ7WaWxcgw8q2MQGIWj8XimljcIs9suRbNbMa1xDEZuZWT1W5mWYwMI9_KChzGcpkMaoGEZfb7DkK-22UQFV1vi93hNHveUIGm0-Fz3euVntPfZdf43XaJ5S8HAAAAgIf___9_CAAAAIAIAAAAAAkAAAAAioCKfwuBCwAAAACM____fw0AKI4Dsrw8J5fdHwAAAAAgAAAAACQAA_a1JQAVa3Un__________8xA_SZNzL_____NwY9AA8-AA9CAAAAH0Mr5SafGw-4bkQFwkWMAAAAAHKrNxuPJnVCZVH1___fbwVwBQAQYIhexGORpTso8RYGAAAAMLZAD4vfb3bYNX63y_7_________zf7P_tGEmHri0oK64EjVfgEBANZ-AQEA2MYNAOBNAC7oCFoxGKwOQZar1WAymcwOAAAA4O7___9fD0R2G49xsVoMRibHZDIaroYTx2hk3MxMjsXI5Nxs71g3-J-zVQSlz0NYZr_vIOS7XQZR0fW22B1Os-cgPmgYlpNBML8JW4xWk8lmOZwtF5PBcDQcjfY3EIvFACdisFxOJovJbjVajTbD3Wg2WKBADCZI0aLBZDUaTRaT4Wo0Wc2Wi91ugxStWs1Gm8FwNZvMdrvVcDBcjkY4YYvRajLZLIez5WIyGI6Go9EQYcY22s1sk9Fa5LLY3KLFaLiWOHybtWbkWEwmy-XGNFisRa-P6WLYGFYjwxYFA0T2InlapBORy2OabVbGmXE3mCw8ruVk5ZyYHMvdcuFZLlyOiViiOVmkE9llX9ltPMbFajEYmRyTyWi4Gk4co5FxMzM5FiOTc7Pv2Ea7mW0yWotcFptbtBgN1xKHb7PWjByLyWS53JgGi7Xo9TFdDBvDamTYN2a74XIzGixn-8ZsN1xuRoPlbN9hMj1Tn7NReNxqPD7FM3aTWW8Og8JlsHh_EtNi2p0dTGff0WnzqZdFndHv9_v9fr_f7_f7DVrPwWxQ-LbRW7Z3DZpL17G5IDYYFLFEcJFOVCan6W95eNZKz-lvEUuUpot0oi_63S7Dw-fyV8QSwekinQj9bpdF_ceHGK7mksVmrlit5orRYpUAAAAAAAAAAJYwZ94EAAAA4DSQ1XI3W63zIEaDzW62Wi5AhJSp7s-xXMhZxi70LqMW-vwET0dQcePHDWVymv6Wh2et9Jz-VgaIkCpl3vyZINZqtawBAAAEsAEAAAK4dfMWmDrF_____8cBAADIyNEDAADQ7wNdwY9eK_TE8RfEYDTbDQ!&cmcv=&pix=31589837&cb=1678934097915&uv=3261&tms=1678934097915&abt=nonrv_vA!prp_vC!prp_vC!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&debug=pn:!sqg:!torgn:1678934095531.3!ts:1678934097915&mntl=1
Requested by
Host: istoe.com.br
URL: https://istoe.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://istoe.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:34:57 GMT
content-length
0
server
nginx
sync
taboola-supply-partners.tremorhub.com/ Frame F392 		43 B
183 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V7VG8CFgPW4ebAeYgwoQTW4ebAeYgwoQUAAAAGBvQHJGbxWCyuicUt8syWa9HMZlxLHJORWzlZ7WaWxcgw8q2MQGIWj8XimljcIs9suRbNbMa1xDEZuZWT1W5mWYwMI9_KChzGcpkMaoGEZfb7DkK-22UQFV1vi93hNHveUIGm0-Fz3euVntPfZdf43XaJ5S8HAAAAgIf___9_CAAAAIAIAAAAAAkAAAAAioCKfwuBCwAAAACM____fw0AKI4Dsrw8J5fdHwAAAAAgAAAAACQAA_a1JQAVa3Un__________8xA_SZNzL_____NwY9AA8-AA9CAAAAH0Mr5SafGw-4bkQFwkWMAAAAAHKrNxuPJnVCZVH1___fbwVwBQAQYIhexGORpTso8RYGAAAAMLZAD4vfb3bYNX63y_7_________zf7P_tGEmHri0oK64EjVfgEBANZ-AQEA2MYNAOBNAC7oCFoxGKwOQZar1WAymcwOAAAA4O7___9fD0R2G49xsVoMRibHZDIaroYTx2hk3MxMjsXI5Nxs71g3-J-zVQSlz0NYZr_vIOS7XQZR0fW22B1Os-cgPmgYlpNBML8JW4xWk8lmOZwtF5PBcDQcjfY3EIvFACdisFxOJovJbjVajTbD3Wg2WKBADCZI0aLBZDUaTRaT4Wo0Wc2Wi91ugxStWs1Gm8FwNZvMdrvVcDBcjkY4YYvRajLZLIez5WIyGI6Go9EQYcY22s1sk9Fa5LLY3KLFaLiWOHybtWbkWEwmy-XGNFisRa-P6WLYGFYjwxYFA0T2InlapBORy2OabVbGmXE3mCw8ruVk5ZyYHMvdcuFZLlyOiViiOVmkE9llX9ltPMbFajEYmRyTyWi4Gk4co5FxMzM5FiOTc7Pv2Ea7mW0yWotcFptbtBgN1xKHb7PWjByLyWS53JgGi7Xo9TFdDBvDamTYN2a74XIzGixn-8ZsN1xuRoPlbN9hMj1Tn7NReNxqPD7FM3aTWW8Og8JlsHh_EtNi2p0dTGff0WnzqZdFndHv9_v9fr_f7_f7DVrPwWxQ-LbRW7Z3DZpL17G5IDYYFLFEcJFOVCan6W95eNZKz-lvEUuUpot0oi_63S7Dw-fyV8QSwekinQj9bpdF_ceHGK7mksVmrlit5orRYpUAAAAAAAAAAJYwZ94EAAAA4DSQ1XI3W63zIEaDzW62Wi5AhJSp7s-xXMhZxi70LqMW-vwET0dQcePHDWVymv6Wh2et9Jz-VgaIkCpl3vyZINZqtawBAAAEsAEAAAK4dfMWmDrF_____8cBAADIyNEDAADQ7wNdwY9eK_TE8RfEYDTbDQ!&cmcv=&pix=undefined&cb=1678934097916&uv=3261&tms=1678934097916&abt=nonrv_vA!prp_vC!prp_vC!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=fbcbb5bb-d369-4ff8-b12d-9257f21d0d7e&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4280:a5fb:d412:b74d:aafb Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date
Thu, 16 Mar 2023 02:34:58 GMT
server
Apache-Coyote/1.1
content-type
image/gif
generic
match.adsrvr.org/track/cmf/ Frame F392 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V7VG8CFgPW4ebAeYgwoQTW4ebAeYgwoQUAAAAGBvQHJGbxWCyuicUt8syWa9HMZlxLHJORWzlZ7WaWxcgw8q2MQGIWj8XimljcIs9suRbNbMa1xDEZuZWT1W5mWYwMI9_KChzGcpkMaoGEZfb7DkK-22UQFV1vi93hNHveUIGm0-Fz3euVntPfZdf43XaJ5S8HAAAAgIf___9_CAAAAIAIAAAAAAkAAAAAioCKfwuBCwAAAACM____fw0AKI4Dsrw8J5fdHwAAAAAgAAAAACQAA_a1JQAVa3Un__________8xA_SZNzL_____NwY9AA8-AA9CAAAAH0Mr5SafGw-4bkQFwkWMAAAAAHKrNxuPJnVCZVH1___fbwVwBQAQYIhexGORpTso8RYGAAAAMLZAD4vfb3bYNX63y_7_________zf7P_tGEmHri0oK64EjVfgEBANZ-AQEA2MYNAOBNAC7oCFoxGKwOQZar1WAymcwOAAAA4O7___9fD0R2G49xsVoMRibHZDIaroYTx2hk3MxMjsXI5Nxs71g3-J-zVQSlz0NYZr_vIOS7XQZR0fW22B1Os-cgPmgYlpNBML8JW4xWk8lmOZwtF5PBcDQcjfY3EIvFACdisFxOJovJbjVajTbD3Wg2WKBADCZI0aLBZDUaTRaT4Wo0Wc2Wi91ugxStWs1Gm8FwNZvMdrvVcDBcjkY4YYvRajLZLIez5WIyGI6Go9EQYcY22s1sk9Fa5LLY3KLFaLiWOHybtWbkWEwmy-XGNFisRa-P6WLYGFYjwxYFA0T2InlapBORy2OabVbGmXE3mCw8ruVk5ZyYHMvdcuFZLlyOiViiOVmkE9llX9ltPMbFajEYmRyTyWi4Gk4co5FxMzM5FiOTc7Pv2Ea7mW0yWotcFptbtBgN1xKHb7PWjByLyWS53JgGi7Xo9TFdDBvDamTYN2a74XIzGixn-8ZsN1xuRoPlbN9hMj1Tn7NReNxqPD7FM3aTWW8Og8JlsHh_EtNi2p0dTGff0WnzqZdFndHv9_v9fr_f7_f7DVrPwWxQ-LbRW7Z3DZpL17G5IDYYFLFEcJFOVCan6W95eNZKz-lvEUuUpot0oi_63S7Dw-fyV8QSwekinQj9bpdF_ceHGK7mksVmrlit5orRYpUAAAAAAAAAAJYwZ94EAAAA4DSQ1XI3W63zIEaDzW62Wi5AhJSp7s-xXMhZxi70LqMW-vwET0dQcePHDWVymv6Wh2et9Jz-VgaIkCpl3vyZINZqtawBAAAEsAEAAAK4dfMWmDrF_____8cBAADIyNEDAADQ7wNdwY9eK_TE8RfEYDTbDQ!&cmcv=&pix=undefined&cb=1678934097916&uv=3261&tms=1678934097916&abt=nonrv_vA!prp_vC!prp_vC!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=fbcbb5bb-d369-4ff8-b12d-9257f21d0d7e&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 16 Mar 2023 02:34:58 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
/
sync.taboola.com/sg/yahoosspus-network/1/rtb-h/ Frame F392
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58534/occ
  • https://ups.analytics.yahoo.com/ups/58534/occ?verify=true
  • https://sync.taboola.com/sg/yahoosspus-network/1/rtb-h/?taboola_hm=y-xrGN8WJE2uEiFx_2VW7hdXfuwn3Uwy0hs0OAw.Y-~A
0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/yahoosspus-network/1/rtb-h/?taboola_hm=y-xrGN8WJE2uEiFx_2VW7hdXfuwn3Uwy0hs0OAw.Y-~A
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V7VG8CFgPW4ebAeYgwoQTW4ebAeYgwoQUAAAAGBvQHJGbxWCyuicUt8syWa9HMZlxLHJORWzlZ7WaWxcgw8q2MQGIWj8XimljcIs9suRbNbMa1xDEZuZWT1W5mWYwMI9_KChzGcpkMaoGEZfb7DkK-22UQFV1vi93hNHveUIGm0-Fz3euVntPfZdf43XaJ5S8HAAAAgIf___9_CAAAAIAIAAAAAAkAAAAAioCKfwuBCwAAAACM____fw0AKI4Dsrw8J5fdHwAAAAAgAAAAACQAA_a1JQAVa3Un__________8xA_SZNzL_____NwY9AA8-AA9CAAAAH0Mr5SafGw-4bkQFwkWMAAAAAHKrNxuPJnVCZVH1___fbwVwBQAQYIhexGORpTso8RYGAAAAMLZAD4vfb3bYNX63y_7_________zf7P_tGEmHri0oK64EjVfgEBANZ-AQEA2MYNAOBNAC7oCFoxGKwOQZar1WAymcwOAAAA4O7___9fD0R2G49xsVoMRibHZDIaroYTx2hk3MxMjsXI5Nxs71g3-J-zVQSlz0NYZr_vIOS7XQZR0fW22B1Os-cgPmgYlpNBML8JW4xWk8lmOZwtF5PBcDQcjfY3EIvFACdisFxOJovJbjVajTbD3Wg2WKBADCZI0aLBZDUaTRaT4Wo0Wc2Wi91ugxStWs1Gm8FwNZvMdrvVcDBcjkY4YYvRajLZLIez5WIyGI6Go9EQYcY22s1sk9Fa5LLY3KLFaLiWOHybtWbkWEwmy-XGNFisRa-P6WLYGFYjwxYFA0T2InlapBORy2OabVbGmXE3mCw8ruVk5ZyYHMvdcuFZLlyOiViiOVmkE9llX9ltPMbFajEYmRyTyWi4Gk4co5FxMzM5FiOTc7Pv2Ea7mW0yWotcFptbtBgN1xKHb7PWjByLyWS53JgGi7Xo9TFdDBvDamTYN2a74XIzGixn-8ZsN1xuRoPlbN9hMj1Tn7NReNxqPD7FM3aTWW8Og8JlsHh_EtNi2p0dTGff0WnzqZdFndHv9_v9fr_f7_f7DVrPwWxQ-LbRW7Z3DZpL17G5IDYYFLFEcJFOVCan6W95eNZKz-lvEUuUpot0oi_63S7Dw-fyV8QSwekinQj9bpdF_ceHGK7mksVmrlit5orRYpUAAAAAAAAAAJYwZ94EAAAA4DSQ1XI3W63zIEaDzW62Wi5AhJSp7s-xXMhZxi70LqMW-vwET0dQcePHDWVymv6Wh2et9Jz-VgaIkCpl3vyZINZqtawBAAAEsAEAAAK4dfMWmDrF_____8cBAADIyNEDAADQ7wNdwY9eK_TE8RfEYDTbDQ!&cmcv=&pix=undefined&cb=1678934097916&uv=3261&tms=1678934097916&abt=nonrv_vA!prp_vC!prp_vC!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=fbcbb5bb-d369-4ff8-b12d-9257f21d0d7e&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:34:58 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
19011

Redirect headers

location
https://sync.taboola.com/sg/yahoosspus-network/1/rtb-h/?taboola_hm=y-xrGN8WJE2uEiFx_2VW7hdXfuwn3Uwy0hs0OAw.Y-~A
date
Thu, 16 Mar 2023 02:34:58 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
generic
match.adsrvr.org/track/cmf/ Frame BEE8 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7VG8CFgPW4ebAeYgwoQTW4ebAeYgwoQUAAAAGBvQHJGbxWCyuicUt8syWa9HMZlxLHJORWzlZ7WaWxcgw8q2MQGIWj8XimljcIs9suRbNbMa1xDEZuZWT1W5mWYwMI9_KChzGcpkMaoGEZfb7DkK-22UQFV1vi93hNHveUIGm0-Fz3euVntPfZdf43XaJ5S8HAAAAgIf___9_CAAAAIAIAAAAAAkAAAAAioCKfwuBCwAAAACM____fw0AKI4Dsrw8J5fdHwAAAAAgAAAAACQAA_a1JQAVa3Un__________8xA_SZNzL_____NwY9AA8-AA9CAAAAH0Mr5SafGw-4bkQFwkWMAAAAAHKrNxuPJnVCZVH1___fbwVwBQAQYIhexGORpTso8RYGAAAAMLZAD4vfb3bYNX63y_7_________zf7P_tGEmHri0oK64EjVfgEBANZ-AQEA2MYNAOBNAC7oCFoxGKwOQZar1WAymcwOAAAA4O7___9fD0R2G49xsVoMRibHZDIaroYTx2hk3MxMjsXI5Nxs71g3-J-zVQSlz0NYZr_vIOS7XQZR0fW22B1Os-cgPmgYlpNBML8JW4xWk8lmOZwtF5PBcDQcjfY3EIvFACdisFxOJovJbjVajTbD3Wg2WKBADCZI0aLBZDUaTRaT4Wo0Wc2Wi91ugxStWs1Gm8FwNZvMdrvVcDBcjkY4YYvRajLZLIez5WIyGI6Go9EQYcY22s1sk9Fa5LLY3KLFaLiWOHybtWbkWEwmy-XGNFisRa-P6WLYGFYjwxYFA0T2InlapBORy2OabVbGmXE3mCw8ruVk5ZyYHMvdcuFZLlyOiViiOVmkE9llX9ltPMbFajEYmRyTyWi4Gk4co5FxMzM5FiOTc7Pv2Ea7mW0yWotcFptbtBgN1xKHb7PWjByLyWS53JgGi7Xo9TFdDBvDamTYN2a74XIzGixn-8ZsN1xuRoPlbN9hMj1Tn7NReNxqPD7FM3aTWW8Og8JlsHh_EtNi2p0dTGff0WnzqZdFndHv9_v9fr_f7_f7DVrPwWxQ-LbRW7Z3DZpL17G5IDYYFLFEcJFOVCan6W95eNZKz-lvEUuUpot0oi_63S7Dw-fyV8QSwekinQj9bpdF_ceHGK7mksVmrlit5orRYpUAAAAAAAAAAJYwZ94EAAAA4DSQ1XI3W63zIEaDzW62Wi5AhJSp7s-xXMhZxi70LqMW-vwET0dQcePHDWVymv6Wh2et9Jz-VgaIkCpl3vyZINZqtawBAAAEsAEAAAK4dfMWmDrF_____8cBAADIyNEDAADQ7wNdwY9eK_TE8RfEYDTbDQ!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 16 Mar 2023 02:34:58 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
sync
taboola-supply-partners.tremorhub.com/ Frame BEE8 		43 B
182 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7VG8CFgPW4ebAeYgwoQTW4ebAeYgwoQUAAAAGBvQHJGbxWCyuicUt8syWa9HMZlxLHJORWzlZ7WaWxcgw8q2MQGIWj8XimljcIs9suRbNbMa1xDEZuZWT1W5mWYwMI9_KChzGcpkMaoGEZfb7DkK-22UQFV1vi93hNHveUIGm0-Fz3euVntPfZdf43XaJ5S8HAAAAgIf___9_CAAAAIAIAAAAAAkAAAAAioCKfwuBCwAAAACM____fw0AKI4Dsrw8J5fdHwAAAAAgAAAAACQAA_a1JQAVa3Un__________8xA_SZNzL_____NwY9AA8-AA9CAAAAH0Mr5SafGw-4bkQFwkWMAAAAAHKrNxuPJnVCZVH1___fbwVwBQAQYIhexGORpTso8RYGAAAAMLZAD4vfb3bYNX63y_7_________zf7P_tGEmHri0oK64EjVfgEBANZ-AQEA2MYNAOBNAC7oCFoxGKwOQZar1WAymcwOAAAA4O7___9fD0R2G49xsVoMRibHZDIaroYTx2hk3MxMjsXI5Nxs71g3-J-zVQSlz0NYZr_vIOS7XQZR0fW22B1Os-cgPmgYlpNBML8JW4xWk8lmOZwtF5PBcDQcjfY3EIvFACdisFxOJovJbjVajTbD3Wg2WKBADCZI0aLBZDUaTRaT4Wo0Wc2Wi91ugxStWs1Gm8FwNZvMdrvVcDBcjkY4YYvRajLZLIez5WIyGI6Go9EQYcY22s1sk9Fa5LLY3KLFaLiWOHybtWbkWEwmy-XGNFisRa-P6WLYGFYjwxYFA0T2InlapBORy2OabVbGmXE3mCw8ruVk5ZyYHMvdcuFZLlyOiViiOVmkE9llX9ltPMbFajEYmRyTyWi4Gk4co5FxMzM5FiOTc7Pv2Ea7mW0yWotcFptbtBgN1xKHb7PWjByLyWS53JgGi7Xo9TFdDBvDamTYN2a74XIzGixn-8ZsN1xuRoPlbN9hMj1Tn7NReNxqPD7FM3aTWW8Og8JlsHh_EtNi2p0dTGff0WnzqZdFndHv9_v9fr_f7_f7DVrPwWxQ-LbRW7Z3DZpL17G5IDYYFLFEcJFOVCan6W95eNZKz-lvEUuUpot0oi_63S7Dw-fyV8QSwekinQj9bpdF_ceHGK7mksVmrlit5orRYpUAAAAAAAAAAJYwZ94EAAAA4DSQ1XI3W63zIEaDzW62Wi5AhJSp7s-xXMhZxi70LqMW-vwET0dQcePHDWVymv6Wh2et9Jz-VgaIkCpl3vyZINZqtawBAAAEsAEAAAK4dfMWmDrF_____8cBAADIyNEDAADQ7wNdwY9eK_TE8RfEYDTbDQ!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4280:a5fb:d412:b74d:aafb Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date
Thu, 16 Mar 2023 02:34:58 GMT
server
Apache-Coyote/1.1
content-type
image/gif
sync
x.bidswitch.net/ Frame BEE8 		43 B
146 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7VG8CFgPW4ebAeYgwoQTW4ebAeYgwoQUAAAAGBvQHJGbxWCyuicUt8syWa9HMZlxLHJORWzlZ7WaWxcgw8q2MQGIWj8XimljcIs9suRbNbMa1xDEZuZWT1W5mWYwMI9_KChzGcpkMaoGEZfb7DkK-22UQFV1vi93hNHveUIGm0-Fz3euVntPfZdf43XaJ5S8HAAAAgIf___9_CAAAAIAIAAAAAAkAAAAAioCKfwuBCwAAAACM____fw0AKI4Dsrw8J5fdHwAAAAAgAAAAACQAA_a1JQAVa3Un__________8xA_SZNzL_____NwY9AA8-AA9CAAAAH0Mr5SafGw-4bkQFwkWMAAAAAHKrNxuPJnVCZVH1___fbwVwBQAQYIhexGORpTso8RYGAAAAMLZAD4vfb3bYNX63y_7_________zf7P_tGEmHri0oK64EjVfgEBANZ-AQEA2MYNAOBNAC7oCFoxGKwOQZar1WAymcwOAAAA4O7___9fD0R2G49xsVoMRibHZDIaroYTx2hk3MxMjsXI5Nxs71g3-J-zVQSlz0NYZr_vIOS7XQZR0fW22B1Os-cgPmgYlpNBML8JW4xWk8lmOZwtF5PBcDQcjfY3EIvFACdisFxOJovJbjVajTbD3Wg2WKBADCZI0aLBZDUaTRaT4Wo0Wc2Wi91ugxStWs1Gm8FwNZvMdrvVcDBcjkY4YYvRajLZLIez5WIyGI6Go9EQYcY22s1sk9Fa5LLY3KLFaLiWOHybtWbkWEwmy-XGNFisRa-P6WLYGFYjwxYFA0T2InlapBORy2OabVbGmXE3mCw8ruVk5ZyYHMvdcuFZLlyOiViiOVmkE9llX9ltPMbFajEYmRyTyWi4Gk4co5FxMzM5FiOTc7Pv2Ea7mW0yWotcFptbtBgN1xKHb7PWjByLyWS53JgGi7Xo9TFdDBvDamTYN2a74XIzGixn-8ZsN1xuRoPlbN9hMj1Tn7NReNxqPD7FM3aTWW8Og8JlsHh_EtNi2p0dTGff0WnzqZdFndHv9_v9fr_f7_f7DVrPwWxQ-LbRW7Z3DZpL17G5IDYYFLFEcJFOVCan6W95eNZKz-lvEUuUpot0oi_63S7Dw-fyV8QSwekinQj9bpdF_ceHGK7mksVmrlit5orRYpUAAAAAAAAAAJYwZ94EAAAA4DSQ1XI3W63zIEaDzW62Wi5AhJSp7s-xXMhZxi70LqMW-vwET0dQcePHDWVymv6Wh2et9Jz-VgaIkCpl3vyZINZqtawBAAAEsAEAAAK4dfMWmDrF_____8cBAADIyNEDAADQ7wNdwY9eK_TE8RfEYDTbDQ!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.59.122.232 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-59-122-232.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:34:58 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
cmTagFEED_MANAGER.js
vidstat.taboola.com/vpaid/units/32_6_1/infra/ 		844 KB
139 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/units/32_6_1/infra/cmTagFEED_MANAGER.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.9.9/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
409ec418f4bcc227d937d02a45075786a6a6ab2f5aa3cc9dbc6f41cbdd76f35e

Request headers

Referer
https://istoe.com.br/
Origin
https://istoe.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-meta-mtime
1678373701
date
Thu, 16 Mar 2023 02:34:58 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
SCFT3BAN3N23YXYX
age
560277
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-meta-ctime
1678373702
x-amz-meta-mode
33188
content-length
141853
x-amz-id-2
nxbbPyMC/MSb+BaguWs6ubEsjx+R41jpa/RvvqB8zvmSwwIGwtE8jQcamnKfKWg9T64Ij+xFY6g=
x-served-by
cache-fra-eddf8230052-FRA
last-modified
Thu, 09 Mar 2023 14:55:03 GMT
server
AmazonS3-br
x-timer
S1678934098.089682,VS0,VE0
etag
"fb3941a663311c5ccd48b591773c61ce"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
19479
cmOsUnit.css
vidstat.taboola.com/vpaid/units/32_6_1/assets/css/ 		59 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/units/32_6_1/assets/css/cmOsUnit.css
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.9.9/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
4e902c64b724e110bbb3a8840f46d79f8569949376c73edf7955dbf388159cc5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://istoe.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-meta-mtime
1678373718
date
Thu, 16 Mar 2023 02:34:58 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
4FX4PZSHE40EJ9FE
age
560278
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-meta-ctime
1678373718
x-amz-meta-mode
33188
content-length
7742
x-amz-id-2
nNQOkw6IagqW4w6qsHzvx+GUfA3tFN0ihxr2pihlD9YKxuMbqqDkj4EfcxJ9fvsU3VsLEqjpd0U=
x-served-by
cache-fra-eddf8230058-FRA
last-modified
Thu, 09 Mar 2023 14:55:19 GMT
server
AmazonS3-br
x-timer
S1678934098.074313,VS0,VE0
etag
"910667a2fde737fb00f85f576307d7c1"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
527829
json
trc.taboola.com/editora3-isto/trc/3/ 		7 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/editora3-isto/trc/3/json?tim=02%3A34%3A58.116&route=AM:AM:V&tvi2=10406&lti=deflated&data=%7B%22id%22%3A853%2C%22ii%22%3A%22_homepage_%22%2C%22it%22%3A%22home%22%2C%22sd%22%3A%22v2_27cc81510dd1224858b14d83fd11dd93_c647f624-debf-4148-ba73-3d112299c401-tuctb0c05d0_1678934096_1678934096_CIi3jgYQpqVFGOb3lMLuMCABKAEwODib4wlAiYoQSMOz2QNQ____________AVgAYABo6t-6o5P9iuX9AXAA%22%2C%22ui%22%3A%22c647f624-debf-4148-ba73-3d112299c401-tuctb0c05d0%22%2C%22uifp%22%3A%22c647f624-debf-4148-ba73-3d112299c401-tuctb0c05d0%22%2C%22lbt%22%3A1678894808427%2C%22vi%22%3A1678934096870%2C%22cv%22%3A%2220230315-12-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fistoe.com.br%2F%22%2C%22bv%22%3A%220%22%2C%22wc%22%3Atrue%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22plf%22%3A%7B%22stop_tslt%22%3Atrue%7D%2C%22bu%22%3A%22https%3A%2F%2Fistoe.com.br%2F%22%2C%22vpi%22%3A%22%2F%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A14539%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-h2m%22%2C%22s%22%3A5%2C%22uim%22%3A%22rec-reel-2n5-a%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Category%20Rec%20Reel334%22%2C%22orig_uip%22%3A%22Below%20Category%20Rec%20Reel334%22%2C%22cd%22%3A12735.921875%2C%22mw%22%3A1185%7D%5D%2C%22cacheKey%22%3A%22home%3D_homepage_%2CBelow%20Category%20Rec%20Reel334%3Drec-reel-2n5-a%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_2%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230315-12-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
fe25eb0a048eb74b47dedffa76327d1e2d34fbcaca8be2a780f2b35173a8c666

Request headers

Referer
https://istoe.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
442
date
Thu, 16 Mar 2023 02:34:58 GMT
content-encoding
gzip
via
1.1 varnish
x-served-by
cache-fra-eddf8230058-FRA
server
nginx
x-timer
S1678934098.117682,VS0,VE442
vary
Accept-Encoding
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://istoe.com.br
content-type
application/javascript; charset=utf-8
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
content_v3.js
vidstat.taboola.com/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/content_v3.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/32_6_1/infra/cmTagFEED_MANAGER.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
12af7975664854ca36da674714083fa05297940fce71e42dabf688e2eb19a0f1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://istoe.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:34:58 GMT
via
1.1 857b0dca772798c338c78a1be69c955c.cloudfront.net (CloudFront), 1.1 varnish
content-encoding
gzip
x-amz-cf-pop
FRA60-P1
age
2573475
x-cache
Hit from cloudfront, HIT
content-length
4839
x-served-by
cache-fra-eddf8230058-FRA
last-modified
Wed, 20 Jul 2022 13:23:50 GMT
server
AmazonS3
x-timer
S1678934098.211968,VS0,VE0
etag
"f7533e747bb02a8eb527ada4f2749620"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
WPQDSHjI0-yBKHiRyp0A6R83yvp_1Crbueri-3T9dZgaMPkT7wTTlA==
x-cache-hits
92576
OvaMediaPlayer.js
vidstat.taboola.com/vpaid/vPlayer/player/v15.0.7/ 		441 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/vPlayer/player/v15.0.7/OvaMediaPlayer.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/32_6_1/infra/cmTagFEED_MANAGER.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
07ec4e6a98caaba912fb93b8d0546b8a91c4a1c456afc59bbbfa45653b7a82b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://istoe.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-meta-mtime
1678701661
date
Thu, 16 Mar 2023 02:34:58 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
DJQZPX52ZWKG4DB5
age
232385
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-meta-ctime
1678701673
x-amz-meta-mode
33188
content-length
85610
x-amz-id-2
QTTP6U0KWpEl0PAyKFxDCYfCCfevKVJOZ/rZmyZ+aXDJb25HA5MJlDUGpus1Z4Ez/U4B6jXPlMQ=
x-served-by
cache-fra-eddf8230058-FRA
last-modified
Mon, 13 Mar 2023 10:01:14 GMT
server
AmazonS3-br
x-timer
S1678934098.235257,VS0,VE0
etag
"bcdf92ea8c7a7b406133c12f21506018"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
203867
sync
am-match.taboola.com/ Frame 3454 		719 B
804 B 		Document
General
Check archive.org
Download Go to
Full URL
https://am-match.taboola.com/sync?dast=V7VG8CFgPW4ebAeYgwoQTW4ebAeYgwoQUAAAAGBvQHJGbxWCyuicUt8syWa9HMZlxLHJORWzlZ7WaWxcgw8q2MQGIWj8XimljcIs9suRbNbMa1xDEZuZWT1W5mWYwMI9_KChzGcpkMaoGEZfb7DkK-22UQFV1vi93hNHveUIGm0-Fz3euVntPfZdf43XaJ5S8HAAAAgIf___9_CAAAAIAIAAAAAAkAAAAAioCKfwuBCwAAAACM____fw0AKI4Dsrw8J5fdHwAAAAAgAAAAACQAA_a1JQAVa3Un__________8xA_SZNzL_____NwY9AA8-AA9CAAAAH0Mr5SafGw-4bkQFwkWMAAAAAHKrNxuPJnVCZVH1___fbwVwBQAQYIhexGORpTso8RYGAAAAMLZAD4vfb3bYNX63y_7_________zf7P_tGEmHri0oK64EjVfgEBANZ-AQEA2MYNAOBNAC7oCFoxGKwOQZar1WAymcwOAAAA4O7___9fD0R2G49xsVoMRibHZDIaroYTx2hk3MxMjsXI5Nxs71g3-J-zVQSlz0NYZr_vIOS7XQZR0fW22B1Os-cgPmgYlpNBML8JW4xWk8lmOZwtF5PBcDQcjfY3EIvFACdisFxOJovJbjVajTbD3Wg2WKBADCZI0aLBZDUaTRaT4Wo0Wc2Wi91ugxStWs1Gm8FwNZvMdrvVcDBcjkY4YYvRajLZLIez5WIyGI6Go9EQYcY22s1sk9Fa5LLY3KLFaLiWOHybtWbkWEwmy-XGNFisRa-P6WLYGFYjwxYFA0T2InlapBORy2OabVbGmXE3mCw8ruVk5ZyYHMvdcuFZLlyOiViiOVmkE9llX9ltPMbFajEYmRyTyWi4Gk4co5FxMzM5FiOTc7Pv2Ea7mW0yWotcFptbtBgN1xKHb7PWjByLyWS53JgGi7Xo9TFdDBvDamTYN2a74XIzGixn-8ZsN1xuRoPlbN9hMj1Tn7NReNxqPD7FM3aTWW8Og8JlsHh_EtNi2p0dTGff0WnzqZdFndHv9_v9fr_f7_f7DVrPwWxQ-LbRW7Z3DZpL17G5IDYYFLFEcJFOVCan6W95eNZKz-lvEUuUpot0oi_63S7Dw-fyV8QSwekinQj9bpdF_ceHGK7mksVmrlit5orRYpUAAAAAAAAAAJYwZ94EAAAA4DSQ1XI3W63zIEaDzW62Wi5AhJSp7s-xXMhZxi70LqMW-vwET0dQcePHDWVymv6Wh2et9Jz-VgaIkCpl3vyZINZqtawBAAAEsAEAAAK4dfMWmDrF_____8cBAADIyNEDAADQ7wNdwY9eK_TE8RfEYDTbDQ!&excid=22&docw=0&cijs=1&nlb=false
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/32_6_1/infra/cmTagFEED_MANAGER.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
fbf08c4d01639c653424ded1023e1d5f1f5010cdaa29d192d10090c9479715d4

Request headers

Referer
https://istoe.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-type
text/html;charset=ISO-8859-1
date
Thu, 16 Mar 2023 02:34:58 GMT
machineid
3407
server
nginx
st
am-vid-events.taboola.com/ 		0
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=16&cisd=convusmp&cipid=66361655&crid=-1&dast=V7VG8CFgPW4ebAeYgwoQTW4ebAeYgwoQUAAAAGBvQHJGbxWCyuicUt8syWa9HMZlxLHJORWzlZ7WaWxcgw8q2MQGIWj8XimljcIs9suRbNbMa1xDEZuZWT1W5mWYwMI9_KChzGcpkMaoGEZfb7DkK-22UQFV1vi93hNHveUIGm0-Fz3euVntPfZdf43XaJ5S8HAAAAgIf___9_CAAAAIAIAAAAAAkAAAAAioCKfwuBCwAAAACM____fw0AKI4Dsrw8J5fdHwAAAAAgAAAAACQAA_a1JQAVa3Un__________8xA_SZNzL_____NwY9AA8-AA9CAAAAH0Mr5SafGw-4bkQFwkWMAAAAAHKrNxuPJnVCZVH1___fbwVwBQAQYIhexGORpTso8RYGAAAAMLZAD4vfb3bYNX63y_7_________zf7P_tGEmHri0oK64EjVfgEBANZ-AQEA2MYNAOBNAC7oCFoxGKwOQZar1WAymcwOAAAA4O7___9fD0R2G49xsVoMRibHZDIaroYTx2hk3MxMjsXI5Nxs71g3-J-zVQSlz0NYZr_vIOS7XQZR0fW22B1Os-cgPmgYlpNBML8JW4xWk8lmOZwtF5PBcDQcjfY3EIvFACdisFxOJovJbjVajTbD3Wg2WKBADCZI0aLBZDUaTRaT4Wo0Wc2Wi91ugxStWs1Gm8FwNZvMdrvVcDBcjkY4YYvRajLZLIez5WIyGI6Go9EQYcY22s1sk9Fa5LLY3KLFaLiWOHybtWbkWEwmy-XGNFisRa-P6WLYGFYjwxYFA0T2InlapBORy2OabVbGmXE3mCw8ruVk5ZyYHMvdcuFZLlyOiViiOVmkE9llX9ltPMbFajEYmRyTyWi4Gk4co5FxMzM5FiOTc7Pv2Ea7mW0yWotcFptbtBgN1xKHb7PWjByLyWS53JgGi7Xo9TFdDBvDamTYN2a74XIzGixn-8ZsN1xuRoPlbN9hMj1Tn7NReNxqPD7FM3aTWW8Og8JlsHh_EtNi2p0dTGff0WnzqZdFndHv9_v9fr_f7_f7DVrPwWxQ-LbRW7Z3DZpL17G5IDYYFLFEcJFOVCan6W95eNZKz-lvEUuUpot0oi_63S7Dw-fyV8QSwekinQj9bpdF_ceHGK7mksVmrlit5orRYpUAAAAAAAAAAJYwZ94EAAAA4DSQ1XI3W63zIEaDzW62Wi5AhJSp7s-xXMhZxi70LqMW-vwET0dQcePHDWVymv6Wh2et9Jz-VgaIkCpl3vyZINZqtawBAAAEsAEAAAK4dfMWmDrF_____8cBAADIyNEDAADQ7wNdwY9eK_TE8RfEYDTbDQ!&cmcv=&pix=31579697&cb=1678934098240&uv=3261&tms=1678934098240&su=3&abt=nonrv_vA!prp_vC!prp_vC!ufm_vG&ft=0&unm=FEED_MANAGER&su=3&
Requested by
Host: istoe.com.br
URL: https://istoe.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://istoe.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:34:58 GMT
content-length
0
server
nginx
blackScreen5.mp4
vidstatb.taboola.com/vid/ 		89 KB
89 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://vidstatb.taboola.com/vid/blackScreen5.mp4
Requested by
Host: istoe.com.br
URL: https://istoe.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66

Request headers

Referer
https://istoe.com.br/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Range
bytes=0-

Response headers

x-amz-meta-mtime
1497790207
date
Thu, 16 Mar 2023 02:34:58 GMT
via
1.1 adc51edbb4dc468fb382e40b115a2f62.cloudfront.net (CloudFront), 1.1 varnish
x-amz-cf-pop
FRA60-P1
age
2310218
x-cache
Hit from cloudfront, HIT
Content-Range
bytes 0-90783/90784
x-amz-meta-mode
33188
Content-Length
90784
x-served-by
cache-fra-eddf8230115-FRA
last-modified
Sun, 02 Jul 2017 20:40:57 GMT
server
AmazonS3
x-timer
S1678934098.287883,VS0,VE0
etag
"b2b087fe4ae638c533731c347fcd4df8"
x-amz-meta-uid
0
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
video/mp4
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
aFo3XPtUcu-k-9AV0uKFRtVm8akzQN1fEAzXYOh9CqA7dLERIrBsUg==
x-cache-hits
1344604
generic
match.adsrvr.org/track/cmf/ Frame 3454 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7VG8CFgPW4ebAeYgwoQTW4ebAeYgwoQUAAAAGBvQHJGbxWCyuicUt8syWa9HMZlxLHJORWzlZ7WaWxcgw8q2MQGIWj8XimljcIs9suRbNbMa1xDEZuZWT1W5mWYwMI9_KChzGcpkMaoGEZfb7DkK-22UQFV1vi93hNHveUIGm0-Fz3euVntPfZdf43XaJ5S8HAAAAgIf___9_CAAAAIAIAAAAAAkAAAAAioCKfwuBCwAAAACM____fw0AKI4Dsrw8J5fdHwAAAAAgAAAAACQAA_a1JQAVa3Un__________8xA_SZNzL_____NwY9AA8-AA9CAAAAH0Mr5SafGw-4bkQFwkWMAAAAAHKrNxuPJnVCZVH1___fbwVwBQAQYIhexGORpTso8RYGAAAAMLZAD4vfb3bYNX63y_7_________zf7P_tGEmHri0oK64EjVfgEBANZ-AQEA2MYNAOBNAC7oCFoxGKwOQZar1WAymcwOAAAA4O7___9fD0R2G49xsVoMRibHZDIaroYTx2hk3MxMjsXI5Nxs71g3-J-zVQSlz0NYZr_vIOS7XQZR0fW22B1Os-cgPmgYlpNBML8JW4xWk8lmOZwtF5PBcDQcjfY3EIvFACdisFxOJovJbjVajTbD3Wg2WKBADCZI0aLBZDUaTRaT4Wo0Wc2Wi91ugxStWs1Gm8FwNZvMdrvVcDBcjkY4YYvRajLZLIez5WIyGI6Go9EQYcY22s1sk9Fa5LLY3KLFaLiWOHybtWbkWEwmy-XGNFisRa-P6WLYGFYjwxYFA0T2InlapBORy2OabVbGmXE3mCw8ruVk5ZyYHMvdcuFZLlyOiViiOVmkE9llX9ltPMbFajEYmRyTyWi4Gk4co5FxMzM5FiOTc7Pv2Ea7mW0yWotcFptbtBgN1xKHb7PWjByLyWS53JgGi7Xo9TFdDBvDamTYN2a74XIzGixn-8ZsN1xuRoPlbN9hMj1Tn7NReNxqPD7FM3aTWW8Og8JlsHh_EtNi2p0dTGff0WnzqZdFndHv9_v9fr_f7_f7DVrPwWxQ-LbRW7Z3DZpL17G5IDYYFLFEcJFOVCan6W95eNZKz-lvEUuUpot0oi_63S7Dw-fyV8QSwekinQj9bpdF_ceHGK7mksVmrlit5orRYpUAAAAAAAAAAJYwZ94EAAAA4DSQ1XI3W63zIEaDzW62Wi5AhJSp7s-xXMhZxi70LqMW-vwET0dQcePHDWVymv6Wh2et9Jz-VgaIkCpl3vyZINZqtawBAAAEsAEAAAK4dfMWmDrF_____8cBAADIyNEDAADQ7wNdwY9eK_TE8RfEYDTbDQ!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 16 Mar 2023 02:34:58 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
sync
taboola-supply-partners.tremorhub.com/ Frame 3454 		43 B
182 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7VG8CFgPW4ebAeYgwoQTW4ebAeYgwoQUAAAAGBvQHJGbxWCyuicUt8syWa9HMZlxLHJORWzlZ7WaWxcgw8q2MQGIWj8XimljcIs9suRbNbMa1xDEZuZWT1W5mWYwMI9_KChzGcpkMaoGEZfb7DkK-22UQFV1vi93hNHveUIGm0-Fz3euVntPfZdf43XaJ5S8HAAAAgIf___9_CAAAAIAIAAAAAAkAAAAAioCKfwuBCwAAAACM____fw0AKI4Dsrw8J5fdHwAAAAAgAAAAACQAA_a1JQAVa3Un__________8xA_SZNzL_____NwY9AA8-AA9CAAAAH0Mr5SafGw-4bkQFwkWMAAAAAHKrNxuPJnVCZVH1___fbwVwBQAQYIhexGORpTso8RYGAAAAMLZAD4vfb3bYNX63y_7_________zf7P_tGEmHri0oK64EjVfgEBANZ-AQEA2MYNAOBNAC7oCFoxGKwOQZar1WAymcwOAAAA4O7___9fD0R2G49xsVoMRibHZDIaroYTx2hk3MxMjsXI5Nxs71g3-J-zVQSlz0NYZr_vIOS7XQZR0fW22B1Os-cgPmgYlpNBML8JW4xWk8lmOZwtF5PBcDQcjfY3EIvFACdisFxOJovJbjVajTbD3Wg2WKBADCZI0aLBZDUaTRaT4Wo0Wc2Wi91ugxStWs1Gm8FwNZvMdrvVcDBcjkY4YYvRajLZLIez5WIyGI6Go9EQYcY22s1sk9Fa5LLY3KLFaLiWOHybtWbkWEwmy-XGNFisRa-P6WLYGFYjwxYFA0T2InlapBORy2OabVbGmXE3mCw8ruVk5ZyYHMvdcuFZLlyOiViiOVmkE9llX9ltPMbFajEYmRyTyWi4Gk4co5FxMzM5FiOTc7Pv2Ea7mW0yWotcFptbtBgN1xKHb7PWjByLyWS53JgGi7Xo9TFdDBvDamTYN2a74XIzGixn-8ZsN1xuRoPlbN9hMj1Tn7NReNxqPD7FM3aTWW8Og8JlsHh_EtNi2p0dTGff0WnzqZdFndHv9_v9fr_f7_f7DVrPwWxQ-LbRW7Z3DZpL17G5IDYYFLFEcJFOVCan6W95eNZKz-lvEUuUpot0oi_63S7Dw-fyV8QSwekinQj9bpdF_ceHGK7mksVmrlit5orRYpUAAAAAAAAAAJYwZ94EAAAA4DSQ1XI3W63zIEaDzW62Wi5AhJSp7s-xXMhZxi70LqMW-vwET0dQcePHDWVymv6Wh2et9Jz-VgaIkCpl3vyZINZqtawBAAAEsAEAAAK4dfMWmDrF_____8cBAADIyNEDAADQ7wNdwY9eK_TE8RfEYDTbDQ!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4280:a5fb:d412:b74d:aafb Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date
Thu, 16 Mar 2023 02:34:58 GMT
server
Apache-Coyote/1.1
content-type
image/gif
usync.html
eus.rubiconproject.com/ Frame 55A2 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7VG8CFgPW4ebAeYgwoQTW4ebAeYgwoQUAAAAGBvQHJGbxWCyuicUt8syWa9HMZlxLHJORWzlZ7WaWxcgw8q2MQGIWj8XimljcIs9suRbNbMa1xDEZuZWT1W5mWYwMI9_KChzGcpkMaoGEZfb7DkK-22UQFV1vi93hNHveUIGm0-Fz3euVntPfZdf43XaJ5S8HAAAAgIf___9_CAAAAIAIAAAAAAkAAAAAioCKfwuBCwAAAACM____fw0AKI4Dsrw8J5fdHwAAAAAgAAAAACQAA_a1JQAVa3Un__________8xA_SZNzL_____NwY9AA8-AA9CAAAAH0Mr5SafGw-4bkQFwkWMAAAAAHKrNxuPJnVCZVH1___fbwVwBQAQYIhexGORpTso8RYGAAAAMLZAD4vfb3bYNX63y_7_________zf7P_tGEmHri0oK64EjVfgEBANZ-AQEA2MYNAOBNAC7oCFoxGKwOQZar1WAymcwOAAAA4O7___9fD0R2G49xsVoMRibHZDIaroYTx2hk3MxMjsXI5Nxs71g3-J-zVQSlz0NYZr_vIOS7XQZR0fW22B1Os-cgPmgYlpNBML8JW4xWk8lmOZwtF5PBcDQcjfY3EIvFACdisFxOJovJbjVajTbD3Wg2WKBADCZI0aLBZDUaTRaT4Wo0Wc2Wi91ugxStWs1Gm8FwNZvMdrvVcDBcjkY4YYvRajLZLIez5WIyGI6Go9EQYcY22s1sk9Fa5LLY3KLFaLiWOHybtWbkWEwmy-XGNFisRa-P6WLYGFYjwxYFA0T2InlapBORy2OabVbGmXE3mCw8ruVk5ZyYHMvdcuFZLlyOiViiOVmkE9llX9ltPMbFajEYmRyTyWi4Gk4co5FxMzM5FiOTc7Pv2Ea7mW0yWotcFptbtBgN1xKHb7PWjByLyWS53JgGi7Xo9TFdDBvDamTYN2a74XIzGixn-8ZsN1xuRoPlbN9hMj1Tn7NReNxqPD7FM3aTWW8Og8JlsHh_EtNi2p0dTGff0WnzqZdFndHv9_v9fr_f7_f7DVrPwWxQ-LbRW7Z3DZpL17G5IDYYFLFEcJFOVCan6W95eNZKz-lvEUuUpot0oi_63S7Dw-fyV8QSwekinQj9bpdF_ceHGK7mksVmrlit5orRYpUAAAAAAAAAAJYwZ94EAAAA4DSQ1XI3W63zIEaDzW62Wi5AhJSp7s-xXMhZxi70LqMW-vwET0dQcePHDWVymv6Wh2et9Jz-VgaIkCpl3vyZINZqtawBAAAEsAEAAAK4dfMWmDrF_____8cBAADIyNEDAADQ7wNdwY9eK_TE8RfEYDTbDQ!&excid=22&docw=0&cijs=1&nlb=false
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://am-match.taboola.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 16 Mar 2023 02:34:58 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
usync.js
eus.rubiconproject.com/ Frame 55A2 		33 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
0cc01b5dd09d3920395c31c328b85ac5793e09f44da34a267d2c7e178bf5ca3a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Thu, 16 Mar 2023 02:34:58 GMT
Content-Encoding
gzip
Last-Modified
Wed, 15 Mar 2023 07:30:08 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=17779
Connection
keep-alive
Content-Length
9996
Expires
Thu, 16 Mar 2023 07:31:17 GMT
khaos.jpg
token.rubiconproject.com/ Frame 55A2 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?gdpr=1&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type
image/jpg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
284
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
abtests
am-trc-events.taboola.com/editora3-isto/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/editora3-isto/log/3/abtests?route=AM:AM:V&tvi2=10406&lti=deflated&ri=5ddcccb54eb4d3e5ca5e8374b7809679&sd=v2_27cc81510dd1224858b14d83fd11dd93_c647f624-debf-4148-ba73-3d112299c401-tuctb0c05d0_1678934096_1678934098_CIi3jgYQpqVFGOb3lMLuMCABKAEwODib4wlAiYoQSMOz2QNQ____________AVgAYABo6t-6o5P9iuX9AXAA&ui=c647f624-debf-4148-ba73-3d112299c401-tuctb0c05d0&pi=/&wi=-8333092029798277823&pt=home&vi=1678934096870&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22recommendation-reel%22%2C%22type%22%3A%22available%22%2C%22eventTime%22%3A1678934098630%7D&tim=02%3A34%3A58.630&id=1391&llvl=2&cv=20230315-12-RELEASE&
Requested by
Host: istoe.com.br
URL: https://istoe.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://istoe.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Thu, 16 Mar 2023 02:34:58 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
bulk
trc.taboola.com/editora3-isto/log/3/ 		0
89 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/editora3-isto/log/3/bulk?tvi2=10406&route=AM%3AAM%3AV&lti=deflated&bulkSize=7
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230315-12-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://istoe.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
10
pragma
no-cache
date
Thu, 16 Mar 2023 02:34:58 GMT
via
1.1 varnish
x-served-by
cache-fra-eddf8230058-FRA
server
nginx
x-timer
S1678934099.650293,VS0,VE10
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://istoe.com.br
content-type
image/gif
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
collect
p.clarity.ms/ 		0
292 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://p.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/eus2-sc/s/0.7.2/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.122.63.128 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://istoe.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://istoe.com.br
Date
Thu, 16 Mar 2023 02:34:58 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 		254 B
746 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by
Host: istoe.com.br
URL: https://istoe.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://istoe.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id
hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
date
Thu, 16 Mar 2023 02:34:58 GMT
via
1.1 varnish
x-amz-request-id
1V3H9VCVPBG1B2M0
age
15001
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
254
x-amz-id-2
ecEkqIT2UiXx3kNvrYZW8vzeO4j3+ukvjDCTHGC9cb5Y1awQ9zHumBitHqhNLm54Y/VcUMLqVJ0=
x-served-by
cache-fra-eddf8230115-FRA
last-modified
Wed, 24 Jun 2015 07:14:11 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer
S1678934099.655160,VS0,VE0
etag
"dfa7b52c86e56bd67fa4002f6ed19854"
content-type
image/png
abp
90
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
1923
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=311433673BB34B5B82256424283E0853&RedC=c.clarity.ms&MXFR=1EF61144FDAB6CDF226A0392F9AB62F1
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=311433673BB34B5B82256424283E0853&MUID=095BE670DD7B69680811F4A6DC1068EB
42 B
443 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=311433673BB34B5B82256424283E0853&MUID=095BE670DD7B69680811F4A6DC1068EB
Protocol
H2
Server
68.219.88.97 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://istoe.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Mar 2023 02:34:58 GMT
last-modified
Fri, 10 Mar 2023 22:29:58 GMT
server
Microsoft-IIS/10.0
etag
"6c9591d89f53d91:0"
x-powered-by
ASP.NET
content-type
image/gif
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42

Redirect headers

pragma
no-cache
date
Thu, 16 Mar 2023 02:34:58 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 3A71EA36B22D4F859519D20CF99258F0 Ref B: FRAEDGE1121 Ref C: 2023-03-16T02:34:58Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=311433673BB34B5B82256424283E0853&MUID=095BE670DD7B69680811F4A6DC1068EB
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
ws-CX7OAZHK.js
wfpscripts.webspectator.com/bootstrap/ 		1 KB
935 B 		Script
General
Check archive.org
Download Go to
Full URL
https://wfpscripts.webspectator.com/bootstrap/ws-CX7OAZHK.js
Requested by
Host: istoe.com.br
URL: https://istoe.com.br/@nave/gateway/reply?navtrackdata=%7B%22clientip%22:%22185.213.155.141%22,%22timestamp%22:1678934096,%22source%22:%221de9cd2d-d7cf-46be-be01-dc5e25d29577%22,%22slug%22:%22home%22,%22nvtags%22:%5B%5D,%22url%22:%22https://istoe.com.br/%22,%22uuid%22:%222951747d-9d43-4561-8c90-a13622701503%22,%22refuuid%22:%222951747d-9d43-4561-8c90-a13622701503%22,%22hostname%22:%22istoe.com.br%22,%22pathname%22:%22/%22%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.1.252.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-252-251.compute-1.amazonaws.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
c39ed6e15eb51f3097df21d42271403d73ef0a064ee86bf4602023042a04b987

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://istoe.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:34:59 GMT
content-encoding
gzip
last-modified
Fri, 29 Mar 2019 14:25:17 GMT
server
nginx/1.10.3 (Ubuntu)
etag
W/"6a5011d6c7071ad64bea1493b9f98b18"
x-cache-status
HIT
content-type
application/x-javascript
cache-control
max-age=31536000
cds-pips.js
cdn.taboola.com/scripts/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/cds-pips.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230315-12-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://istoe.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id
z5FoayaLm_Bvew3pbkytkoHczFCvkPwT
content-encoding
gzip
via
1.1 varnish
date
Thu, 16 Mar 2023 02:34:59 GMT
x-amz-request-id
1V3JN4Z08BWJNCK3
age
3569
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1340
x-amz-id-2
yvDfBoaedLRfPwP0+zgbFCFLRwR4EiC1X5itZ+rLiciBisyuBdOMxzu1/H2ZTO40ir0cZXkf7JA=
x-served-by
cache-fra-eddf8230115-FRA
last-modified
Wed, 12 Oct 2022 13:57:57 GMT
server
AmazonS3
x-timer
S1678934100.505157,VS0,VE0
etag
"383fa66d2a0a09f4a6e64a9593ad43bb"
vary
Accept-Encoding
content-type
application/javascript
abp
90
access-control-allow-origin
*
cache-control
private, max-age=3600
accept-ranges
bytes
x-cache-hits
2386
/
pips.taboola.com/ 		4 B
119 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pips.taboola.com/
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://istoe.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-served-by
cache-fra-eddf8230052-FRA
date
Thu, 16 Mar 2023 02:34:59 GMT
via
1.1 varnish
server
Varnish
access-control-allow-methods
GET
x-cache
HIT
access-control-allow-origin
https://istoe.com.br
cache-control
no-store
accept-ranges
bytes
content-length
4
retry-after
0
x-cache-hits
0
/
cds.taboola.com/ 		0
82 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cds.taboola.com/?uid=c647f624-debf-4148-ba73-3d112299c401-tuctb0c05d0&mbl=ZmFsc2U=
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://istoe.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 16 Mar 2023 02:34:59 GMT
cache-control
no-store
server
nginx
init
webservices.webspectator.com/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://webservices.webspectator.com/init?appId=CX7OAZHK&h=https%3A%2F%2Fistoe.com.br%2F&t=1678934099640
Requested by
Host: wfpscripts.webspectator.com
URL: https://wfpscripts.webspectator.com/bootstrap/ws-CX7OAZHK.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.192.67.210 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-192-67-210.compute-1.amazonaws.com
Software
WildFly/10 / Undertow/1
Resource Hash
eea55ab2129cd954d1f59aac29484031103868d031c15c394de8e184ef45ed03

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://istoe.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 16 Mar 2023 02:35:00 GMT
Content-Encoding
gzip
Server
WildFly/10
X-Powered-By
Undertow/1
Transfer-Encoding
chunked
Content-Type
application/javascript;charset=UTF-8
X-NoCache
true
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Jan 1970 00:00:00 GMT
beacon.js
sb.scorecardresearch.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: wfpscripts.webspectator.com
URL: https://wfpscripts.webspectator.com/bootstrap/ws-CX7OAZHK.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-105.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://istoe.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 01:19:33 GMT
content-encoding
gzip
via
1.1 39e6266db143f6443f194d8c60e22480.cloudfront.net (CloudFront)
last-modified
Thu, 09 Mar 2023 09:22:40 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
4526
x-amz-server-side-encryption
AES256
etag
W/"a06e7a176f40dc26aa5e9567ac9d2d5e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
7_b7n65xdKGrovCQBJ82wNVQsv2ONdE_dnZkSwXTEr03o7IjSYfpDg==
quant.js
secure.quantserve.com/ 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: wfpscripts.webspectator.com
URL: https://wfpscripts.webspectator.com/bootstrap/ws-CX7OAZHK.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:de2e:c7b3:55c0:d5a0 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
14d84079758cedde0bb45369cb6f7e7d25cc3b287605e00d42805514fdd0b83c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://istoe.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:34:59 GMT
content-encoding
gzip
etag
"sCsI4IX19r4ykIX4lYSZTA=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Thu, 23 Mar 2023 02:34:59 GMT
b
sb.scorecardresearch.com/ 		0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b?c1=7&c2=22153319&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1678934099651&ns_c=UTF-8&c7=https%3A%2F%2Fistoe.com.br%2F&c8=ISTO%C3%89%20Independente&c9=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-105.fra60.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://istoe.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:34:59 GMT
via
1.1 39e6266db143f6443f194d8c60e22480.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
x-amz-cf-id
SOAZrko61NoAnCSCQ3LMXhdAVScMix7VykiUUNf1gkjBBPOUC4g_Jg==
x-cache
Miss from cloudfront
rules-p-HGAVM7nQJ_sep.js
rules.quantcount.com/ 		160 B
633 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-HGAVM7nQJ_sep.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:be00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
73db2a2a4d0933294f7188230306bea80ad011455f5f3a34127d33cbb43eb1c9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://istoe.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:29:30 GMT
via
1.1 5d5481cfa85227a3fdd5ff0b03093c62.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
330
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
160
last-modified
Thu, 13 Oct 2022 15:29:48 GMT
server
AmazonS3
etag
"afb90b4e3022c802397d34b9f457500e"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
nx1AcBlFgHj9YuKq7zLDNwhxe3EzZmnYPBSFChR9hyopDgltgWz7lA==
integrator.js
adservice.google.de/adsid/ 		107 B
531 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=istoe.com.br
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031301.js?cb=31073052
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://istoe.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:34:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
456 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=istoe.com.br
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031301.js?cb=31073052
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://istoe.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:34:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		26 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3102037318906712&correlator=3026057470738423&eid=31072989%2C31073052%2C31073061&output=ldjh&gdfp_req=1&vrg=2023031301&ptt=17&impl=fif&iu_parts=22452847%2CIstoe_Home&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C970x90%7C970x250&ifi=1&adks=1010576609&sfv=1-0-40&prev_scp=pos%3Dtop&sc=1&cookie_enabled=1&abxe=1&dt=1678934099830&lmt=1678934099&dlt=1678934096045&idt=1402&adxs=160&adys=207&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fistoe.com.br%2F&frm=20&vis=1&psz=1280x4&msz=1280x0&fws=4&ohw=1600&ga_vid=1307452278.1678934097&ga_sid=1678934100&ga_hid=1946241729&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031301.js?cb=31073052
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
57dbdc175f1f58bbe80ddf65275146a94122010b12be777ae640d0bc41bcbf0f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://istoe.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:35:00 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12047
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://istoe.com.br
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2023031301&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031301.js?cb=31073052
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b0e7c51efb5ebb742702847e186b12ff1317faac11a5392c5093b15231fe2b39
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://istoe.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:34:59 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11077
x-xss-protection
0
container.html
3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame D36F 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031301.js?cb=31073052
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://istoe.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 16 Mar 2023 02:34:59 GMT
expires
Fri, 15 Mar 2024 02:34:59 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		27 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3102037318906712&correlator=3026057470738423&eid=31072989%2C31073052%2C31073061&output=ldjh&gdfp_req=1&vrg=2023031301&ptt=17&impl=fif&iu_parts=22452847%2CIstoe_Home&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C970x90%7C970x250&ifi=2&adks=4209353512&sfv=1-0-40&prev_scp=pos%3D2&sc=1&cookie_enabled=1&abxe=1&dt=1678934099850&lmt=1678934099&dlt=1678934096045&idt=1402&adxs=436&adys=1889&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fistoe.com.br%2F&frm=20&vis=1&psz=1600x16&msz=1600x0&fws=4&ohw=1600&ga_vid=1307452278.1678934097&ga_sid=1678934100&ga_hid=1946241729&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031301.js?cb=31073052
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f9b5c9d3e5dab98fc01cc66c4e229df6d9b1e5b63a118c4d80dd76d42adaead2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://istoe.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:35:00 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12403
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://istoe.com.br
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		34 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3102037318906712&correlator=3026057470738423&eid=31072989%2C31073052%2C31073061&output=ldjh&gdfp_req=1&vrg=2023031301&ptt=17&impl=fif&iu_parts=22452847%2CIstoe_Home&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=3&adks=3997135773&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1678934099857&lmt=1678934099&dlt=1678934096045&idt=1402&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fistoe.com.br%2F&frm=20&vis=1&psz=0x0&msz=0x0&fws=132&ohw=1600&ga_vid=1307452278.1678934097&ga_sid=1678934100&ga_hid=1946241729&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031301.js?cb=31073052
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f0507345ec7cad5933030ea147ef0017ee6d685f5c0f3c5e6ea097ac1c71d039
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://istoe.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:35:00 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12886
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://istoe.com.br
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		27 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3102037318906712&correlator=3026057470738423&eid=31072989%2C31073052%2C31073061&output=ldjh&gdfp_req=1&vrg=2023031301&ptt=17&impl=fif&iu_parts=22452847%2CIstoe_Home&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=4&adks=2304950044&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1678934099864&lmt=1678934099&dlt=1678934096045&idt=1402&adxs=1082&adys=2953&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fistoe.com.br%2F&frm=20&vis=1&psz=341x16&msz=341x0&fws=4&ohw=1600&ga_vid=1307452278.1678934097&ga_sid=1678934100&ga_hid=1946241729&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031301.js?cb=31073052
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c8ad0173a955e0b12df19dd9d9cc64cabf6eafeadc0346177586eef4aa6c8b0c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://istoe.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:35:00 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12278
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://istoe.com.br
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		27 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3102037318906712&correlator=3026057470738423&eid=31072989%2C31073052%2C31073061&output=ldjh&gdfp_req=1&vrg=2023031301&ptt=17&impl=fif&iu_parts=22452847%2CIstoe_Home&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C970x90%7C970x250&ifi=5&adks=3987921101&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1678934099872&lmt=1678934099&dlt=1678934096045&idt=1402&adxs=176&adys=4537&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=3&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fistoe.com.br%2F&frm=20&vis=1&psz=1248x16&msz=1248x0&fws=4&ohw=1600&ga_vid=1307452278.1678934097&ga_sid=1678934100&ga_hid=1946241729&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031301.js?cb=31073052
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
630df8ae8d5be96dda129241cd610d157523fb2d1dc1023b99ce9d0e63f5661f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://istoe.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:35:01 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12271
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://istoe.com.br
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		34 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3102037318906712&correlator=3026057470738423&eid=31072989%2C31073052%2C31073061&output=ldjh&gdfp_req=1&vrg=2023031301&ptt=17&impl=fif&iu_parts=22452847%2CIstoe_Home&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=6&adks=1156964622&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1678934099878&lmt=1678934099&dlt=1678934096045&idt=1402&adxs=1082&adys=4595&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=4&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fistoe.com.br%2F&frm=20&vis=1&psz=215x16&msz=215x0&fws=4&ohw=1600&ga_vid=1307452278.1678934097&ga_sid=1678934100&ga_hid=1946241729&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031301.js?cb=31073052
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bfcc2d7f1d2055e5c9f72ab50835c8887752c5f46886a7b67f6921aca800adac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://istoe.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:35:01 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12858
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://istoe.com.br
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		34 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3102037318906712&correlator=3026057470738423&eid=31072989%2C31073052%2C31073061&output=ldjh&gdfp_req=1&vrg=2023031301&ptt=17&impl=fif&iu_parts=22452847%2CIstoe_Home&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600&ifi=7&adks=1223624843&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1678934099887&lmt=1678934099&dlt=1678934096045&idt=1402&adxs=1082&adys=5767&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=5&ucis=7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fistoe.com.br%2F&frm=20&vis=1&psz=341x16&msz=341x0&fws=4&ohw=1600&ga_vid=1307452278.1678934097&ga_sid=1678934100&ga_hid=1946241729&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031301.js?cb=31073052
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e781bd0844de5068c24c438cd1061193bc919b7b599c840bf25085c0d08de787
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://istoe.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:35:01 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12942
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://istoe.com.br
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		27 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3102037318906712&correlator=3026057470738423&eid=31072989%2C31073052%2C31073061&output=ldjh&gdfp_req=1&vrg=2023031301&ptt=17&impl=fif&iu_parts=22452847%2CIstoe_Home&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C970x90%7C970x250&ifi=8&adks=3930959583&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1678934099893&lmt=1678934099&dlt=1678934096045&idt=1402&adxs=176&adys=6944&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=6&ucis=8&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fistoe.com.br%2F&frm=20&vis=1&psz=1248x16&msz=1248x0&fws=4&ohw=1600&ga_vid=1307452278.1678934097&ga_sid=1678934100&ga_hid=1946241729&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031301.js?cb=31073052
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a2e9332785e83ede4291026bcbe624afbca87ef7d8beb0b66dacc3b438b2af00
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://istoe.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:35:02 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12452
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://istoe.com.br
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel;r=69412531;rf=0;a=p-HGAVM7nQJ_sep;url=https%3A%2F%2Fistoe.com.br%2F;uht=2;fpan=1;fpa=P0-1265558578-1678934099680;pbc=;ns=0;ce=1;qjs=1;qv=3e132866-20230307133952;cm=;gdpr=0;ref=;d=istoe.com.br...
pixel.quantserve.com/ 		35 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=69412531;rf=0;a=p-HGAVM7nQJ_sep;url=https%3A%2F%2Fistoe.com.br%2F;uht=2;fpan=1;fpa=P0-1265558578-1678934099680;pbc=;ns=0;ce=1;qjs=1;qv=3e132866-20230307133952;cm=;gdpr=0;ref=;d=istoe.com.br;dst=0;et=1678934099899;tzo=0;ogl=url.https%3A%2F%2Fistoe%252Ecom%252Ebr%2F%2Ctype.website%2Ctitle.Home%2Cdescription.%2Cimage.%2Cimage.%2Clocale.pt_BR%2Ctype.website%2Ctitle.ISTO%C3%89%20Independente%2Cdescription.A%20mais%20combativa%20revista%20semanal%20de%20informa%C3%A7%C3%A3o%20e%20interesse%20geral%20do%20Brasil%2Curl.https%3A%2F%2Fistoe%252Ecom%252Ebr%2F%2Csite_name.ISTO%C3%89%20Independente%2Cimage.https%3A%2F%2Fistoe%252Ecom%252Ebr%2Fwp-content%2Fuploads%2F2022%2F08%2Fistoe-facebook%252Epng%2Cimage%3Awidth.920%2Cimage%3Aheight.520;ses=3c6ec842-efe5-4db8-b586-7e443df18428
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:de2e:c7b3:55c0:d5a0 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://istoe.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Mar 2023 02:34:59 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031301.js?cb=31073052
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://istoe.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:35:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 16 Mar 2023 02:35:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 3F92 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://istoe.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
13500
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 15 Mar 2023 22:50:00 GMT
expires
Thu, 14 Mar 2024 22:50:00 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame F007 		783 B
970 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
808fa4968ab2f62af60da7665b566ac9b0693629d28bbee1c9e21394f40b1baf
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Q46yDJ0lqHRduBCs3JHsiA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://istoe.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-Q46yDJ0lqHRduBCs3JHsiA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 16 Mar 2023 02:35:00 GMT
expires
Thu, 16 Mar 2023 02:35:00 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
9DoG2UqGQ_hj5gfOHn4oyjEZInin2z3VqHqE5UOquhE.js
pagead2.googlesyndication.com/bg/ Frame 3F92 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/9DoG2UqGQ_hj5gfOHn4oyjEZInin2z3VqHqE5UOquhE.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f43a06d94a8643f863e607ce1e7e28ca31192278a7db3dd5a87a84e543aaba11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 15 Mar 2023 13:23:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
47461
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14304
x-xss-protection
0
last-modified
Mon, 06 Mar 2023 11:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 14 Mar 2024 13:23:59 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame F007 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2023031301&jk=3102037318906712&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers
container.html
3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 0E13 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031301.js?cb=31073052
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://istoe.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 16 Mar 2023 02:34:59 GMT
expires
Fri, 15 Mar 2024 02:34:59 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
6e5a2071-a481-4f87-a09b-4f996121ee30
www.dataunion.com.br/ 		50 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.dataunion.com.br/6e5a2071-a481-4f87-a09b-4f996121ee30
Requested by
Host: istoe.com.br
URL: https://istoe.com.br/@nave/gateway/reply?navtrackdata=%7B%22clientip%22:%22185.213.155.141%22,%22timestamp%22:1678934096,%22source%22:%221de9cd2d-d7cf-46be-be01-dc5e25d29577%22,%22slug%22:%22home%22,%22nvtags%22:%5B%5D,%22url%22:%22https://istoe.com.br/%22,%22uuid%22:%222951747d-9d43-4561-8c90-a13622701503%22,%22refuuid%22:%222951747d-9d43-4561-8c90-a13622701503%22,%22hostname%22:%22istoe.com.br%22,%22pathname%22:%22/%22%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
187.72.39.252 São Paulo, Brazil, ASN16735 (ALGAR TELECOM SA, BR),
Reverse DNS
www.dataunion.com.br
Software
/
Resource Hash
8b836d785672ba3162f8f75ea2542794afc5a8d86b875f6531aedd36ea2aaddb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://istoe.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:35:00 GMT
content-encoding
gzip
access-control-allow-methods
GET, POST
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
content-length
18081
adview
securepubads.g.doubleclick.net/pagead/ Frame 0E13 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CC_LuU4ASZKC8Nc3F-gb-wLeICMme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNDY2Mzc1MzQ2Nzk5OTU5NMgBCakCAOdnHn-_sT7gAgCoAwGqBPcBT9DQmMnuoq3muaVA4bxM4gfBq7looj0SiKbJ9Q4uAogMtvrWKqP-ao0NsH3WMF58eVExlShXii2vumuD9hgKnjBAfXuPjDCnWuLZ9hFRAa_Ec9R5NT4CGAjaR5VHzKEU5rJiPjooqRlXSpP8b1wI_IqGkcb-6fNoHec-wOqowzcnkPqq0Jqbkx08s6gXwLMfyCpoN9HyLJ0U1LqVNHZMQTZjeuT4-jidd3LiJeBputRTzmU07aqcF7khLAEYoST9aIR7Soy2ex6DhK6BvkBCnrWpPR0Vf1G8C_kvoInnXMl0v1cfqRDTnZXJ1mjgiCsBm64COfVHoOAEAYAGg5SY49Ss1K1doAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQIAKAfoLAggBgAwB0BUBgBcBshccChoSFHB1Yi00NjYzNzUzNDY3OTk5NTk0GIewDg&sigh=z0ZIwtSql7g&uach_m=[UACH]&cid=CAQSPADUE5ymTIKg3UW-05RsqbmLCdQQY10DOVWpHcTMogoKThwyRqnyFQjmhE5dkvOEFttsyAvswO6sqlXMOBgB
Requested by
Host: istoe.com.br
URL: https://istoe.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers
notify
rtb.nl3.eu.criteo.com/google/auction/ Frame 0E13 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.nl3.eu.criteo.com/google/auction/notify?profile=14&payload=kP79EufCMMoHWp2DYgICAAAAgyBC8hdiDKsQU4ASZFh8dIAzYsFFoqAAABIAAAoOQVFVREFRWUJBUUVCQVE&wp=ZBKAUwANXiAK3qLNAA3gfkwLdVizVn9gd2pzKw
Requested by
Host: istoe.com.br
URL: https://istoe.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:35:00 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
155653
content-length
0
afr.php
ads.eu.criteo.com/delivery/r/ Frame 990D 		143 KB
46 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=ZBKAUwANXiAK3qLNAA3gfkwLdVizVn9gd2pzKw&u=%7CuWCZiUy7qD%2FouEjlkhyXhB4%2B9MTr%2FywVV6%2Fl90EPonU%3D%7C&c1=YJ4X_nXZn4MS-Vyc1jpPlV4VTPO6xzWbMW9ePYRMUYXVfUoF4cAXWYg8h5DGKhCYavayMK6vuCSe5-sUe1T5ah415E2MEw3gENqPGRConXrdVx33HLPhrr7NhQkrGZs8bvaE_-cw6AHWJEBL6ruujjnee_mlAbTgMLghQ8fJhyr6Z1TH11uRb-4R8adOPKv6GzGtYYEZ6HRiY0hw6y3yOY3uIXrxh3yqDDp0vSPHHFWddFNJ-_X9tteYhnl1zksxS1rLK2H8x-CrTQ_O0k2dyPc62n9SSVLVPYfXmE6mnf2rpXz-2SEB-UL8cebwdkQCEVUVIJmR2lmxeNxDiBZYFlcF9aeJ70-FPp_uzlDkSYHz6FHmIeT2jf4uMvJd5VuyD1b-3uEfnavcVG0WSjmr1Ru_rNdb9nN86IHpo3fxV__RyvE4yrOgUTdYnDbAglQq5gB8QjM4rswGiBPF2DbuAXL8AaEeL9Y0ovYtzjwJNxaEaCJuI-Q7WC1ULN2Z_b2wtsotqrDdfBbLHv5BpMB4uPcStpdr6nZmyJXFuq56sCzOLSXlBNxnsPMnP9_jlaJBwO1mOhPNq7C1y59m_GKDUmooQZweisbmJEY0cDA8usiN4zlqbiVq186-LmEci8Pd-dLrqYFKTGQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCOcbEU4ASZKC8Nc3F-gb-wLeICMme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNDY2Mzc1MzQ2Nzk5OTU5NMgBCakCAOdnHn-_sT7gAgCoAwGqBPoBT9DQmMnuoq3muaVA4bxM4gfBq7looj0SiKbJ9Q4uAogMtvrWKqP-ao0NsH3WMF58eVExlShXii2vumuD9hgKnjBAfXuPjDCnWuLZ9hFRAa_Ec9R5NT4CGAjaR5VHzKEU5rJiPjooqRlXSpP8b1wI_IqGkcb-6fNoHec-wOqowzcnkPqq0Jqbkx08s6gXwLMfyCpoN9HyLJ0U1LqVNHZMQTZjeuT4-jidd3LiJeBputRTzmU07aqcF7khLAEYoST9aIR7Soy2ex6DhK6BvkBCnrXrPzyH-N4gGEaztCo3YW-MtkMVHxr9hRd9HlVGepQft7aHk3FUHyz57OAEAYAGg5SY49Ss1K1doAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1YaJYZdyHAmD6X_3fOuWJvjivjKw%26client%3Dca-pub-4663753467999594%26adurl%3D
Requested by
Host: 3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com
URL: https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e42df85ef9ea62befa0291770dc731af6998c672b61cd1e0ff1478f47e103a41
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Thu, 16 Mar 2023 02:34:59 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=8GnTmZbAYzd9tt7lowD_idcm_Kg2k1-l1WZ26MTrwMB3ntufu5Hf1Xygwh9VojcJqhrQLk_gYtWkBeL--jqcDnkf9ZGFFsdJhChzpMC1tiXK5m8xqmpWS86Pjd4BJmhcYzz85qpOZM_NTrYiRByIeqLk4qj4RHjeoADEF47yWntTqUUdZFpdKLmGIBIuKOmZJdmTUDSDiCyn682umTNZWwR0sOEA4Edm2RNg4OnbJ48Zu-0zJH4BXHQCtVBP6R2VA9UGmQ"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
42558446
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230314/r20110914/client/ Frame 0E13 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230314/r20110914/client/window_focus_fy2021.js
Requested by
Host: 3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com
URL: https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 15 Mar 2023 22:31:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
14630
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 29 Mar 2023 22:31:10 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 635D 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com
URL: https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
51099
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 15 Mar 2023 12:23:21 GMT
etag
48472445140208031
expires
Thu, 16 Mar 2023 12:23:21 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230314/r20110914/client/ Frame 0E13 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230314/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com
URL: https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a9161954861bb1fd7d5044d99f9ce04137b3836979ce8c5c75d224642f57c3f9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 15 Mar 2023 18:10:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
30268
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8559
x-xss-protection
0
server
cafe
etag
11326455550778179109
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 29 Mar 2023 18:10:32 GMT
l
www.google.com/ads/measurement/ Frame 0E13 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTEUoYCBy8l0dyig6Fvn3GLVrs23rgg69Ct-ntZQkN5GqyMFyWPPoEkxGQdMXZxYbtL_FiWMNo9e4M5EIL_G0XQHEoWvw
Requested by
Host: 3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com
URL: https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 0E13 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com
URL: https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 09 Mar 2023 10:51:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
575011
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 08 Mar 2024 10:51:29 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 0E13 		158 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com
URL: https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3456dcd3eb25196e68e2822cca66a20c2f123bedf5986f159be674e4c40a05cb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:35:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49519
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1678880156327103"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 16 Mar 2023 02:35:00 GMT
generate_204
tpc.googlesyndication.com/ Frame 3F92 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?zjPBDw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:35:00 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
truncated
/ Frame 0E13 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
813845d3f42bbe1f946fbc0aaaf89d4fe7d0af303303612991ca095edae89300

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type
image/png
pixel
cm.g.doubleclick.net/ Frame 635D
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESECPd2fM973wE9XFfShjjkhU&google_cver=1&google_push=Aa02lx_f3OChJN7fTJmKCOijZjVvUD3c9JSdDko0DtaJWGzGZMN5HE2FxBu-k-JWHiNar-nFDJJvK52IqJSPVgRFfwpn...
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESECPd2fM973wE9XFfShjjkhU&google_cver=1&google_push=Aa02lx_f3OChJN7fTJmKCOijZjVvUD3c9JSdDko0DtaJWGzGZMN5HE2FxBu-k-JWHiNar-nFDJJvK52IqJSPVg...
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aa02lx_f3OChJN7fTJmKCOijZjVvUD3c9JSdDko0DtaJWGzGZMN5HE2FxBu-k-JWHiNar-nFDJJvK52IqJSPVgRFfwpniGCg3AygSQ&google_hm=61oV0SubRpeZ0qD2sK8LDA==
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aa02lx_f3OChJN7fTJmKCOijZjVvUD3c9JSdDko0DtaJWGzGZMN5HE2FxBu-k-JWHiNar-nFDJJvK52IqJSPVgRFfwpniGCg3AygSQ&google_hm=61oV0SubRpeZ0qD2sK8LDA==
Requested by
Host: 3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com
URL: https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Mar 2023 02:35:00 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
//cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aa02lx_f3OChJN7fTJmKCOijZjVvUD3c9JSdDko0DtaJWGzGZMN5HE2FxBu-k-JWHiNar-nFDJJvK52IqJSPVgRFfwpniGCg3AygSQ&google_hm=61oV0SubRpeZ0qD2sK8LDA==
date
Thu, 16 Mar 2023 02:35:00 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
dds
rtb.openx.net/sync/ Frame 635D 		43 B
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEJvT5cF-Q5DIMo9fe3K_BJY&google_cver=1&google_push=Aa02lx_d4seScUYqXOKMvIVqPpWICa7pFyICiKs3ZTsjgYvsJ67iHtj6G6cMd6GO5ygzC-K7_PLc3Yrxc6A2ObpTmXzttNjbN4_tKw
Requested by
Host: 3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com
URL: https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Mar 2023 02:35:00 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
hbethg8l7s3bs7cvd62jhtrfudnc38or
pixel
cm.g.doubleclick.net/ Frame 635D
Redirect Chain
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEA13GUoJzYIDswM3hN9v4WI&google_cver=1&google_push=Aa02lx8L9UnYwsQXRHfNWnEKlSDKv3EQq72FG6VbxfdweOEpKf9ZymNb532vXbMeMlc8BS2E4_RFCjKA6ZMOy3h7...
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=Aa02lx8L9UnYwsQXRHfNWnEKlSDKv3EQq72FG6VbxfdweOEpKf9ZymNb532vXbMeMlc8BS2E4_RFCjKA6ZMOy3h7n6B-BqgcUqr39A
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=Aa02lx8L9UnYwsQXRHfNWnEKlSDKv3EQq72FG6VbxfdweOEpKf9ZymNb532vXbMeMlc8BS2E4_RFCjKA6ZMOy3h7n6B-BqgcUqr39A
Requested by
Host: 3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com
URL: https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Mar 2023 02:35:00 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 16 Mar 2023 02:35:00 GMT
via
1.1 3d58896f901dbeed449603f5d2b4d9f0.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA56-C2
x-cache
FunctionGeneratedResponse from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=Aa02lx8L9UnYwsQXRHfNWnEKlSDKv3EQq72FG6VbxfdweOEpKf9ZymNb532vXbMeMlc8BS2E4_RFCjKA6ZMOy3h7n6B-BqgcUqr39A
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
YbRlV2uMhCrVI7SHxIORE22tzlygBEzzj5Gi3rxakPGQG2ktqhBS3g==
pixel
cm.g.doubleclick.net/ Frame 635D
Redirect Chain
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESELCIdYS103sDN2VfOQLeTLw&google_cver=1&google_push=Aa02lx8pKubTrLlFzANyKP5U3G-hmbHbJfHMtHCFAX4dgaozE2nKx16YxXOm233ND9BRB7fgx-FrlCIBMH0L...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx8pKubTrLlFzANyKP5U3G-hmbHbJfHMtHCFAX4dgaozE2nKx16YxXOm233ND9BRB7fgx-FrlCIBMH0L7G_qUTN1-empbJkLw8E
170 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx8pKubTrLlFzANyKP5U3G-hmbHbJfHMtHCFAX4dgaozE2nKx16YxXOm233ND9BRB7fgx-FrlCIBMH0L7G_qUTN1-empbJkLw8E
Requested by
Host: 3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com
URL: https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Mar 2023 02:35:00 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx8pKubTrLlFzANyKP5U3G-hmbHbJfHMtHCFAX4dgaozE2nKx16YxXOm233ND9BRB7fgx-FrlCIBMH0L7G_qUTN1-empbJkLw8E
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
pixel
cm.g.doubleclick.net/ Frame 635D
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEMSVKeEgIoh7bYWgrqk70WY&google_cver=1&google_push=Aa02lx_MwYmfirON7m_QaGRfTSuyxb-UCt7vEwL2osZp6n5zDK0llK4KcGmYR9Yvedwmziz_ihyY1XZvsL5xxT4nColUZEYdWE...
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=Aa02lx_MwYmfirON7m_QaGRfTSuyxb-UCt7vEwL2osZp6n5zDK0llK4KcGmYR9Yvedwmziz_ihyY1XZvsL5xxT4nColUZEYdWEv...
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTI4NDIyMzk1MzA2MzIxMzE4Mjc5&google_push=Aa02lx_MwYmfirON7m_QaGRfTSuyxb-UCt7vEwL2osZp6n5zDK0llK4KcGmYR9Yv...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTI4NDIyMzk1MzA2MzIxMzE4Mjc5&google_push=Aa02lx_MwYmfirON7m_QaGRfTSuyxb-UCt7vEwL2osZp6n5zDK0llK4KcGmYR9Yvedwmziz_ihyY1XZvsL5xxT4nColUZEYdWEv7OrQ
Requested by
Host: 3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com
URL: https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Mar 2023 02:35:00 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTI4NDIyMzk1MzA2MzIxMzE4Mjc5&google_push=Aa02lx_MwYmfirON7m_QaGRfTSuyxb-UCt7vEwL2osZp6n5zDK0llK4KcGmYR9Yvedwmziz_ihyY1XZvsL5xxT4nColUZEYdWEv7OrQ
date
Thu, 16 Mar 2023 02:35:00 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
onetag-sys.com/match/ Frame 635D
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESELCIdYS103sDN2VfOQLeTLw&google_cver=1&google_push=Aa02lx8trkjJr9NXmui917Nhy2GxM0hdQT3oyMhEzJX5jDcuBAjBQKd8oGig9aAEA3jqTBdCMJa2ZpO39dL...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx8trkjJr9NXmui917Nhy2GxM0hdQT3oyMhEzJX5jDcuBAjBQKd8oGig9aAEA3jqTBdCMJa2ZpO39dLn8HcOw1eTogsWlA1uUCE
  • https://onetag-sys.com/match/?int_id=19&google_error=5
0
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=19&google_error=5
Requested by
Host: 3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com
URL: https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Thu, 16 Mar 2023 02:35:00 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
255
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 635D
Redirect Chain
  • https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEAxtwdx1oFb2jbY0G_bNhys&google_cver=1&google_push=Aa02lx9QrAEvdr53e...
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dxandr_eb%26google_hm%3D%24%7BBASE64_UID_ENC%7D%26google_gid%3DCAESEAxtwdx1oFb2jbY0G_bNhys%26goo...
  • https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MzY1NzQ5MTg1OTMwOTk0MjQ4NA%3D%3D&google_gid=CAESEAxtwdx1oFb2jbY0G_bNhys&google_cver=1&google_push=Aa02lx9QrAEvdr53ePovcHQ6DyCLexyCuT...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MzY1NzQ5MTg1OTMwOTk0MjQ4NA%3D%3D&google_gid=CAESEAxtwdx1oFb2jbY0G_bNhys&google_cver=1&google_push=Aa02lx9QrAEvdr53ePovcHQ6DyCLexyCuTTR7dGyXAGVniTSl5RY2pbxWnNqVNEmy0ZAV6Y2GO0Y7rHuOugR9v7dGnKvEKdLScch5ynJ
Requested by
Host: 3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com
URL: https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Mar 2023 02:35:00 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Thu, 16 Mar 2023 02:35:00 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
185.213.155.141; 185.213.155.141; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
18c80199-525e-41a2-a3c3-9c8fb1754095
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MzY1NzQ5MTg1OTMwOTk0MjQ4NA%3D%3D&google_gid=CAESEAxtwdx1oFb2jbY0G_bNhys&google_cver=1&google_push=Aa02lx9QrAEvdr53ePovcHQ6DyCLexyCuTTR7dGyXAGVniTSl5RY2pbxWnNqVNEmy0ZAV6Y2GO0Y7rHuOugR9v7dGnKvEKdLScch5ynJ
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 635D 		0
130 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IC7fmHqmjXRr0c4OhCIYd9tRAwj7nlaf2ACiJVlnUVBnwOWrz0t0FiZqhi_rfDcUFPRBIlOJM
Requested by
Host: 3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com
URL: https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:35:00 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
privacy_small.svg
static.criteo.net/flash/icon/ Frame 990D 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZBKAUwANXiAK3qLNAA3gfkwLdVizVn9gd2pzKw&u=%7CuWCZiUy7qD%2FouEjlkhyXhB4%2B9MTr%2FywVV6%2Fl90EPonU%3D%7C&c1=YJ4X_nXZn4MS-Vyc1jpPlV4VTPO6xzWbMW9ePYRMUYXVfUoF4cAXWYg8h5DGKhCYavayMK6vuCSe5-sUe1T5ah415E2MEw3gENqPGRConXrdVx33HLPhrr7NhQkrGZs8bvaE_-cw6AHWJEBL6ruujjnee_mlAbTgMLghQ8fJhyr6Z1TH11uRb-4R8adOPKv6GzGtYYEZ6HRiY0hw6y3yOY3uIXrxh3yqDDp0vSPHHFWddFNJ-_X9tteYhnl1zksxS1rLK2H8x-CrTQ_O0k2dyPc62n9SSVLVPYfXmE6mnf2rpXz-2SEB-UL8cebwdkQCEVUVIJmR2lmxeNxDiBZYFlcF9aeJ70-FPp_uzlDkSYHz6FHmIeT2jf4uMvJd5VuyD1b-3uEfnavcVG0WSjmr1Ru_rNdb9nN86IHpo3fxV__RyvE4yrOgUTdYnDbAglQq5gB8QjM4rswGiBPF2DbuAXL8AaEeL9Y0ovYtzjwJNxaEaCJuI-Q7WC1ULN2Z_b2wtsotqrDdfBbLHv5BpMB4uPcStpdr6nZmyJXFuq56sCzOLSXlBNxnsPMnP9_jlaJBwO1mOhPNq7C1y59m_GKDUmooQZweisbmJEY0cDA8usiN4zlqbiVq186-LmEci8Pd-dLrqYFKTGQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCOcbEU4ASZKC8Nc3F-gb-wLeICMme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNDY2Mzc1MzQ2Nzk5OTU5NMgBCakCAOdnHn-_sT7gAgCoAwGqBPoBT9DQmMnuoq3muaVA4bxM4gfBq7looj0SiKbJ9Q4uAogMtvrWKqP-ao0NsH3WMF58eVExlShXii2vumuD9hgKnjBAfXuPjDCnWuLZ9hFRAa_Ec9R5NT4CGAjaR5VHzKEU5rJiPjooqRlXSpP8b1wI_IqGkcb-6fNoHec-wOqowzcnkPqq0Jqbkx08s6gXwLMfyCpoN9HyLJ0U1LqVNHZMQTZjeuT4-jidd3LiJeBputRTzmU07aqcF7khLAEYoST9aIR7Soy2ex6DhK6BvkBCnrXrPzyH-N4gGEaztCo3YW-MtkMVHxr9hRd9HlVGepQft7aHk3FUHyz57OAEAYAGg5SY49Ss1K1doAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1YaJYZdyHAmD6X_3fOuWJvjivjKw%26client%3Dca-pub-4663753467999594%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:35:00 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 10 Mar 2024 02:35:00 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame 990D 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZBKAUwANXiAK3qLNAA3gfkwLdVizVn9gd2pzKw&u=%7CuWCZiUy7qD%2FouEjlkhyXhB4%2B9MTr%2FywVV6%2Fl90EPonU%3D%7C&c1=YJ4X_nXZn4MS-Vyc1jpPlV4VTPO6xzWbMW9ePYRMUYXVfUoF4cAXWYg8h5DGKhCYavayMK6vuCSe5-sUe1T5ah415E2MEw3gENqPGRConXrdVx33HLPhrr7NhQkrGZs8bvaE_-cw6AHWJEBL6ruujjnee_mlAbTgMLghQ8fJhyr6Z1TH11uRb-4R8adOPKv6GzGtYYEZ6HRiY0hw6y3yOY3uIXrxh3yqDDp0vSPHHFWddFNJ-_X9tteYhnl1zksxS1rLK2H8x-CrTQ_O0k2dyPc62n9SSVLVPYfXmE6mnf2rpXz-2SEB-UL8cebwdkQCEVUVIJmR2lmxeNxDiBZYFlcF9aeJ70-FPp_uzlDkSYHz6FHmIeT2jf4uMvJd5VuyD1b-3uEfnavcVG0WSjmr1Ru_rNdb9nN86IHpo3fxV__RyvE4yrOgUTdYnDbAglQq5gB8QjM4rswGiBPF2DbuAXL8AaEeL9Y0ovYtzjwJNxaEaCJuI-Q7WC1ULN2Z_b2wtsotqrDdfBbLHv5BpMB4uPcStpdr6nZmyJXFuq56sCzOLSXlBNxnsPMnP9_jlaJBwO1mOhPNq7C1y59m_GKDUmooQZweisbmJEY0cDA8usiN4zlqbiVq186-LmEci8Pd-dLrqYFKTGQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCOcbEU4ASZKC8Nc3F-gb-wLeICMme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNDY2Mzc1MzQ2Nzk5OTU5NMgBCakCAOdnHn-_sT7gAgCoAwGqBPoBT9DQmMnuoq3muaVA4bxM4gfBq7looj0SiKbJ9Q4uAogMtvrWKqP-ao0NsH3WMF58eVExlShXii2vumuD9hgKnjBAfXuPjDCnWuLZ9hFRAa_Ec9R5NT4CGAjaR5VHzKEU5rJiPjooqRlXSpP8b1wI_IqGkcb-6fNoHec-wOqowzcnkPqq0Jqbkx08s6gXwLMfyCpoN9HyLJ0U1LqVNHZMQTZjeuT4-jidd3LiJeBputRTzmU07aqcF7khLAEYoST9aIR7Soy2ex6DhK6BvkBCnrXrPzyH-N4gGEaztCo3YW-MtkMVHxr9hRd9HlVGepQft7aHk3FUHyz57OAEAYAGg5SY49Ss1K1doAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1YaJYZdyHAmD6X_3fOuWJvjivjKw%26client%3Dca-pub-4663753467999594%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:35:00 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 10 Mar 2024 02:35:00 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 990D 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZBKAUwANXiAK3qLNAA3gfkwLdVizVn9gd2pzKw&u=%7CuWCZiUy7qD%2FouEjlkhyXhB4%2B9MTr%2FywVV6%2Fl90EPonU%3D%7C&c1=YJ4X_nXZn4MS-Vyc1jpPlV4VTPO6xzWbMW9ePYRMUYXVfUoF4cAXWYg8h5DGKhCYavayMK6vuCSe5-sUe1T5ah415E2MEw3gENqPGRConXrdVx33HLPhrr7NhQkrGZs8bvaE_-cw6AHWJEBL6ruujjnee_mlAbTgMLghQ8fJhyr6Z1TH11uRb-4R8adOPKv6GzGtYYEZ6HRiY0hw6y3yOY3uIXrxh3yqDDp0vSPHHFWddFNJ-_X9tteYhnl1zksxS1rLK2H8x-CrTQ_O0k2dyPc62n9SSVLVPYfXmE6mnf2rpXz-2SEB-UL8cebwdkQCEVUVIJmR2lmxeNxDiBZYFlcF9aeJ70-FPp_uzlDkSYHz6FHmIeT2jf4uMvJd5VuyD1b-3uEfnavcVG0WSjmr1Ru_rNdb9nN86IHpo3fxV__RyvE4yrOgUTdYnDbAglQq5gB8QjM4rswGiBPF2DbuAXL8AaEeL9Y0ovYtzjwJNxaEaCJuI-Q7WC1ULN2Z_b2wtsotqrDdfBbLHv5BpMB4uPcStpdr6nZmyJXFuq56sCzOLSXlBNxnsPMnP9_jlaJBwO1mOhPNq7C1y59m_GKDUmooQZweisbmJEY0cDA8usiN4zlqbiVq186-LmEci8Pd-dLrqYFKTGQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCOcbEU4ASZKC8Nc3F-gb-wLeICMme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNDY2Mzc1MzQ2Nzk5OTU5NMgBCakCAOdnHn-_sT7gAgCoAwGqBPoBT9DQmMnuoq3muaVA4bxM4gfBq7looj0SiKbJ9Q4uAogMtvrWKqP-ao0NsH3WMF58eVExlShXii2vumuD9hgKnjBAfXuPjDCnWuLZ9hFRAa_Ec9R5NT4CGAjaR5VHzKEU5rJiPjooqRlXSpP8b1wI_IqGkcb-6fNoHec-wOqowzcnkPqq0Jqbkx08s6gXwLMfyCpoN9HyLJ0U1LqVNHZMQTZjeuT4-jidd3LiJeBputRTzmU07aqcF7khLAEYoST9aIR7Soy2ex6DhK6BvkBCnrXrPzyH-N4gGEaztCo3YW-MtkMVHxr9hRd9HlVGepQft7aHk3FUHyz57OAEAYAGg5SY49Ss1K1doAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1YaJYZdyHAmD6X_3fOuWJvjivjKw%26client%3Dca-pub-4663753467999594%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:35:00 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Sun, 10 Mar 2024 02:35:00 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 990D 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZBKAUwANXiAK3qLNAA3gfkwLdVizVn9gd2pzKw&u=%7CuWCZiUy7qD%2FouEjlkhyXhB4%2B9MTr%2FywVV6%2Fl90EPonU%3D%7C&c1=YJ4X_nXZn4MS-Vyc1jpPlV4VTPO6xzWbMW9ePYRMUYXVfUoF4cAXWYg8h5DGKhCYavayMK6vuCSe5-sUe1T5ah415E2MEw3gENqPGRConXrdVx33HLPhrr7NhQkrGZs8bvaE_-cw6AHWJEBL6ruujjnee_mlAbTgMLghQ8fJhyr6Z1TH11uRb-4R8adOPKv6GzGtYYEZ6HRiY0hw6y3yOY3uIXrxh3yqDDp0vSPHHFWddFNJ-_X9tteYhnl1zksxS1rLK2H8x-CrTQ_O0k2dyPc62n9SSVLVPYfXmE6mnf2rpXz-2SEB-UL8cebwdkQCEVUVIJmR2lmxeNxDiBZYFlcF9aeJ70-FPp_uzlDkSYHz6FHmIeT2jf4uMvJd5VuyD1b-3uEfnavcVG0WSjmr1Ru_rNdb9nN86IHpo3fxV__RyvE4yrOgUTdYnDbAglQq5gB8QjM4rswGiBPF2DbuAXL8AaEeL9Y0ovYtzjwJNxaEaCJuI-Q7WC1ULN2Z_b2wtsotqrDdfBbLHv5BpMB4uPcStpdr6nZmyJXFuq56sCzOLSXlBNxnsPMnP9_jlaJBwO1mOhPNq7C1y59m_GKDUmooQZweisbmJEY0cDA8usiN4zlqbiVq186-LmEci8Pd-dLrqYFKTGQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCOcbEU4ASZKC8Nc3F-gb-wLeICMme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNDY2Mzc1MzQ2Nzk5OTU5NMgBCakCAOdnHn-_sT7gAgCoAwGqBPoBT9DQmMnuoq3muaVA4bxM4gfBq7looj0SiKbJ9Q4uAogMtvrWKqP-ao0NsH3WMF58eVExlShXii2vumuD9hgKnjBAfXuPjDCnWuLZ9hFRAa_Ec9R5NT4CGAjaR5VHzKEU5rJiPjooqRlXSpP8b1wI_IqGkcb-6fNoHec-wOqowzcnkPqq0Jqbkx08s6gXwLMfyCpoN9HyLJ0U1LqVNHZMQTZjeuT4-jidd3LiJeBputRTzmU07aqcF7khLAEYoST9aIR7Soy2ex6DhK6BvkBCnrXrPzyH-N4gGEaztCo3YW-MtkMVHxr9hRd9HlVGepQft7aHk3FUHyz57OAEAYAGg5SY49Ss1K1doAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1YaJYZdyHAmD6X_3fOuWJvjivjKw%26client%3Dca-pub-4663753467999594%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:35:00 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Sun, 10 Mar 2024 02:35:00 GMT
lg.php
cat.nl3.eu.criteo.com/delivery/ Frame 990D 		43 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=ASZhAA3Ty_gC4fw7O8cojJNXl2K6Yh3KFPStNmk1U-Wo8xPtFplRdZhzRRfbRrNcLvRaGksktFufuK5_9myPUdSia6oAZaoSrZuL0v841u6bGCuaK2WgWxLev4gl2gRePAVwd85H6qYtKOaLwFDwy5RZvgkOqM5EzRJbqDG5GwhVJ2hqFAf9FFbXn6l7QR4dYu9RLRoldHx_N1rKGS7dbKL_4Q3gQVAygG2m6XxTyT17cRklyuW30djH9nINRFPaGpuuD7yf9tQ1OOXz02259QJPMho7S6_cjXei0foMh4ukhn-YRxkZVTZh7PfQQn8VsRoefbI2tPPAJsHXmO6x91tC94Pv7mEB591ZmsT4CzmDsxLwnD19_MR2gf-R0SJhUEPEfTkVVpPkq5_Yvd9n7YVE15opCSLbNSPUw_r9XNqJoP0PoBGiQjPnF7WU6Brk3o5tJg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZBKAUwANXiAK3qLNAA3gfkwLdVizVn9gd2pzKw&u=%7CuWCZiUy7qD%2FouEjlkhyXhB4%2B9MTr%2FywVV6%2Fl90EPonU%3D%7C&c1=YJ4X_nXZn4MS-Vyc1jpPlV4VTPO6xzWbMW9ePYRMUYXVfUoF4cAXWYg8h5DGKhCYavayMK6vuCSe5-sUe1T5ah415E2MEw3gENqPGRConXrdVx33HLPhrr7NhQkrGZs8bvaE_-cw6AHWJEBL6ruujjnee_mlAbTgMLghQ8fJhyr6Z1TH11uRb-4R8adOPKv6GzGtYYEZ6HRiY0hw6y3yOY3uIXrxh3yqDDp0vSPHHFWddFNJ-_X9tteYhnl1zksxS1rLK2H8x-CrTQ_O0k2dyPc62n9SSVLVPYfXmE6mnf2rpXz-2SEB-UL8cebwdkQCEVUVIJmR2lmxeNxDiBZYFlcF9aeJ70-FPp_uzlDkSYHz6FHmIeT2jf4uMvJd5VuyD1b-3uEfnavcVG0WSjmr1Ru_rNdb9nN86IHpo3fxV__RyvE4yrOgUTdYnDbAglQq5gB8QjM4rswGiBPF2DbuAXL8AaEeL9Y0ovYtzjwJNxaEaCJuI-Q7WC1ULN2Z_b2wtsotqrDdfBbLHv5BpMB4uPcStpdr6nZmyJXFuq56sCzOLSXlBNxnsPMnP9_jlaJBwO1mOhPNq7C1y59m_GKDUmooQZweisbmJEY0cDA8usiN4zlqbiVq186-LmEci8Pd-dLrqYFKTGQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCOcbEU4ASZKC8Nc3F-gb-wLeICMme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNDY2Mzc1MzQ2Nzk5OTU5NMgBCakCAOdnHn-_sT7gAgCoAwGqBPoBT9DQmMnuoq3muaVA4bxM4gfBq7looj0SiKbJ9Q4uAogMtvrWKqP-ao0NsH3WMF58eVExlShXii2vumuD9hgKnjBAfXuPjDCnWuLZ9hFRAa_Ec9R5NT4CGAjaR5VHzKEU5rJiPjooqRlXSpP8b1wI_IqGkcb-6fNoHec-wOqowzcnkPqq0Jqbkx08s6gXwLMfyCpoN9HyLJ0U1LqVNHZMQTZjeuT4-jidd3LiJeBputRTzmU07aqcF7khLAEYoST9aIR7Soy2ex6DhK6BvkBCnrXrPzyH-N4gGEaztCo3YW-MtkMVHxr9hRd9HlVGepQft7aHk3FUHyz57OAEAYAGg5SY49Ss1K1doAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1YaJYZdyHAmD6X_3fOuWJvjivjKw%26client%3Dca-pub-4663753467999594%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Mar 2023 02:35:00 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1706260
expires
Mon, 26 Jul 1997 05:00:00 GMT
webfontloader.js
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 990D 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZBKAUwANXiAK3qLNAA3gfkwLdVizVn9gd2pzKw&u=%7CuWCZiUy7qD%2FouEjlkhyXhB4%2B9MTr%2FywVV6%2Fl90EPonU%3D%7C&c1=YJ4X_nXZn4MS-Vyc1jpPlV4VTPO6xzWbMW9ePYRMUYXVfUoF4cAXWYg8h5DGKhCYavayMK6vuCSe5-sUe1T5ah415E2MEw3gENqPGRConXrdVx33HLPhrr7NhQkrGZs8bvaE_-cw6AHWJEBL6ruujjnee_mlAbTgMLghQ8fJhyr6Z1TH11uRb-4R8adOPKv6GzGtYYEZ6HRiY0hw6y3yOY3uIXrxh3yqDDp0vSPHHFWddFNJ-_X9tteYhnl1zksxS1rLK2H8x-CrTQ_O0k2dyPc62n9SSVLVPYfXmE6mnf2rpXz-2SEB-UL8cebwdkQCEVUVIJmR2lmxeNxDiBZYFlcF9aeJ70-FPp_uzlDkSYHz6FHmIeT2jf4uMvJd5VuyD1b-3uEfnavcVG0WSjmr1Ru_rNdb9nN86IHpo3fxV__RyvE4yrOgUTdYnDbAglQq5gB8QjM4rswGiBPF2DbuAXL8AaEeL9Y0ovYtzjwJNxaEaCJuI-Q7WC1ULN2Z_b2wtsotqrDdfBbLHv5BpMB4uPcStpdr6nZmyJXFuq56sCzOLSXlBNxnsPMnP9_jlaJBwO1mOhPNq7C1y59m_GKDUmooQZweisbmJEY0cDA8usiN4zlqbiVq186-LmEci8Pd-dLrqYFKTGQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCOcbEU4ASZKC8Nc3F-gb-wLeICMme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNDY2Mzc1MzQ2Nzk5OTU5NMgBCakCAOdnHn-_sT7gAgCoAwGqBPoBT9DQmMnuoq3muaVA4bxM4gfBq7looj0SiKbJ9Q4uAogMtvrWKqP-ao0NsH3WMF58eVExlShXii2vumuD9hgKnjBAfXuPjDCnWuLZ9hFRAa_Ec9R5NT4CGAjaR5VHzKEU5rJiPjooqRlXSpP8b1wI_IqGkcb-6fNoHec-wOqowzcnkPqq0Jqbkx08s6gXwLMfyCpoN9HyLJ0U1LqVNHZMQTZjeuT4-jidd3LiJeBputRTzmU07aqcF7khLAEYoST9aIR7Soy2ex6DhK6BvkBCnrXrPzyH-N4gGEaztCo3YW-MtkMVHxr9hRd9HlVGepQft7aHk3FUHyz57OAEAYAGg5SY49Ss1K1doAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1YaJYZdyHAmD6X_3fOuWJvjivjKw%26client%3Dca-pub-4663753467999594%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:35:00 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
533532
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4420
last-modified
Mon, 04 May 2020 16:17:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04030-30d9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DIBjcKwNtChZ%2Bz9FNKLXrULuYUqR3ZVq2cZg%2Bu8XXjagTZLv3jBz1FBgQqNhmKcOxfzga7w0z0RzyEmj5Btp7HIEnjUBoN%2B2xtc1THxX17Cxg4RyVkNuB4ikFui4vIK1lasT1%2BYD71roD%2FJ8mvGb5Enf"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7a8999b04aaa9b4f-FRA
expires
Tue, 05 Mar 2024 02:35:00 GMT
animejs.js
static.criteo.net/animejs/ Frame 990D 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZBKAUwANXiAK3qLNAA3gfkwLdVizVn9gd2pzKw&u=%7CuWCZiUy7qD%2FouEjlkhyXhB4%2B9MTr%2FywVV6%2Fl90EPonU%3D%7C&c1=YJ4X_nXZn4MS-Vyc1jpPlV4VTPO6xzWbMW9ePYRMUYXVfUoF4cAXWYg8h5DGKhCYavayMK6vuCSe5-sUe1T5ah415E2MEw3gENqPGRConXrdVx33HLPhrr7NhQkrGZs8bvaE_-cw6AHWJEBL6ruujjnee_mlAbTgMLghQ8fJhyr6Z1TH11uRb-4R8adOPKv6GzGtYYEZ6HRiY0hw6y3yOY3uIXrxh3yqDDp0vSPHHFWddFNJ-_X9tteYhnl1zksxS1rLK2H8x-CrTQ_O0k2dyPc62n9SSVLVPYfXmE6mnf2rpXz-2SEB-UL8cebwdkQCEVUVIJmR2lmxeNxDiBZYFlcF9aeJ70-FPp_uzlDkSYHz6FHmIeT2jf4uMvJd5VuyD1b-3uEfnavcVG0WSjmr1Ru_rNdb9nN86IHpo3fxV__RyvE4yrOgUTdYnDbAglQq5gB8QjM4rswGiBPF2DbuAXL8AaEeL9Y0ovYtzjwJNxaEaCJuI-Q7WC1ULN2Z_b2wtsotqrDdfBbLHv5BpMB4uPcStpdr6nZmyJXFuq56sCzOLSXlBNxnsPMnP9_jlaJBwO1mOhPNq7C1y59m_GKDUmooQZweisbmJEY0cDA8usiN4zlqbiVq186-LmEci8Pd-dLrqYFKTGQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCOcbEU4ASZKC8Nc3F-gb-wLeICMme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNDY2Mzc1MzQ2Nzk5OTU5NMgBCakCAOdnHn-_sT7gAgCoAwGqBPoBT9DQmMnuoq3muaVA4bxM4gfBq7looj0SiKbJ9Q4uAogMtvrWKqP-ao0NsH3WMF58eVExlShXii2vumuD9hgKnjBAfXuPjDCnWuLZ9hFRAa_Ec9R5NT4CGAjaR5VHzKEU5rJiPjooqRlXSpP8b1wI_IqGkcb-6fNoHec-wOqowzcnkPqq0Jqbkx08s6gXwLMfyCpoN9HyLJ0U1LqVNHZMQTZjeuT4-jidd3LiJeBputRTzmU07aqcF7khLAEYoST9aIR7Soy2ex6DhK6BvkBCnrXrPzyH-N4gGEaztCo3YW-MtkMVHxr9hRd9HlVGepQft7aHk3FUHyz57OAEAYAGg5SY49Ss1K1doAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1YaJYZdyHAmD6X_3fOuWJvjivjKw%26client%3Dca-pub-4663753467999594%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:35:00 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 10 Mar 2024 02:35:00 GMT
bb3faf863f1b470cb6abbfbf9cd4e6c1_makeitsans-regular.woff
static.criteo.net/design/dt/ Frame 990D 		56 KB
56 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/dt/bb3faf863f1b470cb6abbfbf9cd4e6c1_makeitsans-regular.woff
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZBKAUwANXiAK3qLNAA3gfkwLdVizVn9gd2pzKw&u=%7CuWCZiUy7qD%2FouEjlkhyXhB4%2B9MTr%2FywVV6%2Fl90EPonU%3D%7C&c1=YJ4X_nXZn4MS-Vyc1jpPlV4VTPO6xzWbMW9ePYRMUYXVfUoF4cAXWYg8h5DGKhCYavayMK6vuCSe5-sUe1T5ah415E2MEw3gENqPGRConXrdVx33HLPhrr7NhQkrGZs8bvaE_-cw6AHWJEBL6ruujjnee_mlAbTgMLghQ8fJhyr6Z1TH11uRb-4R8adOPKv6GzGtYYEZ6HRiY0hw6y3yOY3uIXrxh3yqDDp0vSPHHFWddFNJ-_X9tteYhnl1zksxS1rLK2H8x-CrTQ_O0k2dyPc62n9SSVLVPYfXmE6mnf2rpXz-2SEB-UL8cebwdkQCEVUVIJmR2lmxeNxDiBZYFlcF9aeJ70-FPp_uzlDkSYHz6FHmIeT2jf4uMvJd5VuyD1b-3uEfnavcVG0WSjmr1Ru_rNdb9nN86IHpo3fxV__RyvE4yrOgUTdYnDbAglQq5gB8QjM4rswGiBPF2DbuAXL8AaEeL9Y0ovYtzjwJNxaEaCJuI-Q7WC1ULN2Z_b2wtsotqrDdfBbLHv5BpMB4uPcStpdr6nZmyJXFuq56sCzOLSXlBNxnsPMnP9_jlaJBwO1mOhPNq7C1y59m_GKDUmooQZweisbmJEY0cDA8usiN4zlqbiVq186-LmEci8Pd-dLrqYFKTGQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCOcbEU4ASZKC8Nc3F-gb-wLeICMme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNDY2Mzc1MzQ2Nzk5OTU5NMgBCakCAOdnHn-_sT7gAgCoAwGqBPoBT9DQmMnuoq3muaVA4bxM4gfBq7looj0SiKbJ9Q4uAogMtvrWKqP-ao0NsH3WMF58eVExlShXii2vumuD9hgKnjBAfXuPjDCnWuLZ9hFRAa_Ec9R5NT4CGAjaR5VHzKEU5rJiPjooqRlXSpP8b1wI_IqGkcb-6fNoHec-wOqowzcnkPqq0Jqbkx08s6gXwLMfyCpoN9HyLJ0U1LqVNHZMQTZjeuT4-jidd3LiJeBputRTzmU07aqcF7khLAEYoST9aIR7Soy2ex6DhK6BvkBCnrXrPzyH-N4gGEaztCo3YW-MtkMVHxr9hRd9HlVGepQft7aHk3FUHyz57OAEAYAGg5SY49Ss1K1doAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1YaJYZdyHAmD6X_3fOuWJvjivjKw%26client%3Dca-pub-4663753467999594%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
09fe7be89711f0dc0ba47ab8a1a1865df7b660a1f1359d29c4c3445683d2f61f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
Origin
https://ads.eu.criteo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:35:00 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 05 Feb 2020 10:30:18 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e3a993a-de74"
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 10 Mar 2024 02:35:00 GMT
img
pix.eu.criteo.net/img/ Frame 990D 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2000&q=80&r=2&u=https%3A%2F%2Fprod.pictures.autoscout24.net%2Flisting-images%2F83d32fcc-3557-478b-91e7-b29c5ddd5970_a126c953-90d7-4ab5-ab7e-21473d328ec8.jpg%2F1280x960.jpg&v=3&w=400&s=rqG08ZqjwT66r1qIbmgO9jN4&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZBKAUwANXiAK3qLNAA3gfkwLdVizVn9gd2pzKw&u=%7CuWCZiUy7qD%2FouEjlkhyXhB4%2B9MTr%2FywVV6%2Fl90EPonU%3D%7C&c1=YJ4X_nXZn4MS-Vyc1jpPlV4VTPO6xzWbMW9ePYRMUYXVfUoF4cAXWYg8h5DGKhCYavayMK6vuCSe5-sUe1T5ah415E2MEw3gENqPGRConXrdVx33HLPhrr7NhQkrGZs8bvaE_-cw6AHWJEBL6ruujjnee_mlAbTgMLghQ8fJhyr6Z1TH11uRb-4R8adOPKv6GzGtYYEZ6HRiY0hw6y3yOY3uIXrxh3yqDDp0vSPHHFWddFNJ-_X9tteYhnl1zksxS1rLK2H8x-CrTQ_O0k2dyPc62n9SSVLVPYfXmE6mnf2rpXz-2SEB-UL8cebwdkQCEVUVIJmR2lmxeNxDiBZYFlcF9aeJ70-FPp_uzlDkSYHz6FHmIeT2jf4uMvJd5VuyD1b-3uEfnavcVG0WSjmr1Ru_rNdb9nN86IHpo3fxV__RyvE4yrOgUTdYnDbAglQq5gB8QjM4rswGiBPF2DbuAXL8AaEeL9Y0ovYtzjwJNxaEaCJuI-Q7WC1ULN2Z_b2wtsotqrDdfBbLHv5BpMB4uPcStpdr6nZmyJXFuq56sCzOLSXlBNxnsPMnP9_jlaJBwO1mOhPNq7C1y59m_GKDUmooQZweisbmJEY0cDA8usiN4zlqbiVq186-LmEci8Pd-dLrqYFKTGQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCOcbEU4ASZKC8Nc3F-gb-wLeICMme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNDY2Mzc1MzQ2Nzk5OTU5NMgBCakCAOdnHn-_sT7gAgCoAwGqBPoBT9DQmMnuoq3muaVA4bxM4gfBq7looj0SiKbJ9Q4uAogMtvrWKqP-ao0NsH3WMF58eVExlShXii2vumuD9hgKnjBAfXuPjDCnWuLZ9hFRAa_Ec9R5NT4CGAjaR5VHzKEU5rJiPjooqRlXSpP8b1wI_IqGkcb-6fNoHec-wOqowzcnkPqq0Jqbkx08s6gXwLMfyCpoN9HyLJ0U1LqVNHZMQTZjeuT4-jidd3LiJeBputRTzmU07aqcF7khLAEYoST9aIR7Soy2ex6DhK6BvkBCnrXrPzyH-N4gGEaztCo3YW-MtkMVHxr9hRd9HlVGepQft7aHk3FUHyz57OAEAYAGg5SY49Ss1K1doAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1YaJYZdyHAmD6X_3fOuWJvjivjKw%26client%3Dca-pub-4663753467999594%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
2c7c9de844651cf98bef2eddd7dbdd5655297e226a2e1c43d2db4750eb4d3166
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:35:00 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=540020
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
39002
expires
Wed, 22 Mar 2023 08:35:21 GMT
img
pix.eu.criteo.net/img/ Frame 990D 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2000&q=80&r=2&u=https%3A%2F%2Fprod.pictures.autoscout24.net%2Flisting-images%2F6b9e95c7-5a46-4ac1-a4df-cb02e3bb7f0a_e13b2467-cb53-4933-b386-f5c74b360e79.jpg%2F1280x960.jpg&v=3&w=400&s=rN_ffDs-1-YnOunSKZYFmoRt&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZBKAUwANXiAK3qLNAA3gfkwLdVizVn9gd2pzKw&u=%7CuWCZiUy7qD%2FouEjlkhyXhB4%2B9MTr%2FywVV6%2Fl90EPonU%3D%7C&c1=YJ4X_nXZn4MS-Vyc1jpPlV4VTPO6xzWbMW9ePYRMUYXVfUoF4cAXWYg8h5DGKhCYavayMK6vuCSe5-sUe1T5ah415E2MEw3gENqPGRConXrdVx33HLPhrr7NhQkrGZs8bvaE_-cw6AHWJEBL6ruujjnee_mlAbTgMLghQ8fJhyr6Z1TH11uRb-4R8adOPKv6GzGtYYEZ6HRiY0hw6y3yOY3uIXrxh3yqDDp0vSPHHFWddFNJ-_X9tteYhnl1zksxS1rLK2H8x-CrTQ_O0k2dyPc62n9SSVLVPYfXmE6mnf2rpXz-2SEB-UL8cebwdkQCEVUVIJmR2lmxeNxDiBZYFlcF9aeJ70-FPp_uzlDkSYHz6FHmIeT2jf4uMvJd5VuyD1b-3uEfnavcVG0WSjmr1Ru_rNdb9nN86IHpo3fxV__RyvE4yrOgUTdYnDbAglQq5gB8QjM4rswGiBPF2DbuAXL8AaEeL9Y0ovYtzjwJNxaEaCJuI-Q7WC1ULN2Z_b2wtsotqrDdfBbLHv5BpMB4uPcStpdr6nZmyJXFuq56sCzOLSXlBNxnsPMnP9_jlaJBwO1mOhPNq7C1y59m_GKDUmooQZweisbmJEY0cDA8usiN4zlqbiVq186-LmEci8Pd-dLrqYFKTGQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCOcbEU4ASZKC8Nc3F-gb-wLeICMme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNDY2Mzc1MzQ2Nzk5OTU5NMgBCakCAOdnHn-_sT7gAgCoAwGqBPoBT9DQmMnuoq3muaVA4bxM4gfBq7looj0SiKbJ9Q4uAogMtvrWKqP-ao0NsH3WMF58eVExlShXii2vumuD9hgKnjBAfXuPjDCnWuLZ9hFRAa_Ec9R5NT4CGAjaR5VHzKEU5rJiPjooqRlXSpP8b1wI_IqGkcb-6fNoHec-wOqowzcnkPqq0Jqbkx08s6gXwLMfyCpoN9HyLJ0U1LqVNHZMQTZjeuT4-jidd3LiJeBputRTzmU07aqcF7khLAEYoST9aIR7Soy2ex6DhK6BvkBCnrXrPzyH-N4gGEaztCo3YW-MtkMVHxr9hRd9HlVGepQft7aHk3FUHyz57OAEAYAGg5SY49Ss1K1doAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1YaJYZdyHAmD6X_3fOuWJvjivjKw%26client%3Dca-pub-4663753467999594%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
f312cea10a700755cc0c5a7a471689e0f7ca9f8a0c09db43350838b499b79106
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:35:00 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=561375
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
35532
expires
Wed, 22 Mar 2023 14:31:15 GMT
img
pix.eu.criteo.net/img/ Frame 990D 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2000&q=80&r=2&u=https%3A%2F%2Fprod.pictures.autoscout24.net%2Flisting-images%2F9bdebedc-1324-4caf-a1fb-b03f7d768d4b_7f793a4c-49d5-4835-b4f4-14e2a0e9b094.jpg%2F1280x960.jpg&v=3&w=400&s=u8ROiINA3JddBvDX_RaWKfoz&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZBKAUwANXiAK3qLNAA3gfkwLdVizVn9gd2pzKw&u=%7CuWCZiUy7qD%2FouEjlkhyXhB4%2B9MTr%2FywVV6%2Fl90EPonU%3D%7C&c1=YJ4X_nXZn4MS-Vyc1jpPlV4VTPO6xzWbMW9ePYRMUYXVfUoF4cAXWYg8h5DGKhCYavayMK6vuCSe5-sUe1T5ah415E2MEw3gENqPGRConXrdVx33HLPhrr7NhQkrGZs8bvaE_-cw6AHWJEBL6ruujjnee_mlAbTgMLghQ8fJhyr6Z1TH11uRb-4R8adOPKv6GzGtYYEZ6HRiY0hw6y3yOY3uIXrxh3yqDDp0vSPHHFWddFNJ-_X9tteYhnl1zksxS1rLK2H8x-CrTQ_O0k2dyPc62n9SSVLVPYfXmE6mnf2rpXz-2SEB-UL8cebwdkQCEVUVIJmR2lmxeNxDiBZYFlcF9aeJ70-FPp_uzlDkSYHz6FHmIeT2jf4uMvJd5VuyD1b-3uEfnavcVG0WSjmr1Ru_rNdb9nN86IHpo3fxV__RyvE4yrOgUTdYnDbAglQq5gB8QjM4rswGiBPF2DbuAXL8AaEeL9Y0ovYtzjwJNxaEaCJuI-Q7WC1ULN2Z_b2wtsotqrDdfBbLHv5BpMB4uPcStpdr6nZmyJXFuq56sCzOLSXlBNxnsPMnP9_jlaJBwO1mOhPNq7C1y59m_GKDUmooQZweisbmJEY0cDA8usiN4zlqbiVq186-LmEci8Pd-dLrqYFKTGQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCOcbEU4ASZKC8Nc3F-gb-wLeICMme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNDY2Mzc1MzQ2Nzk5OTU5NMgBCakCAOdnHn-_sT7gAgCoAwGqBPoBT9DQmMnuoq3muaVA4bxM4gfBq7looj0SiKbJ9Q4uAogMtvrWKqP-ao0NsH3WMF58eVExlShXii2vumuD9hgKnjBAfXuPjDCnWuLZ9hFRAa_Ec9R5NT4CGAjaR5VHzKEU5rJiPjooqRlXSpP8b1wI_IqGkcb-6fNoHec-wOqowzcnkPqq0Jqbkx08s6gXwLMfyCpoN9HyLJ0U1LqVNHZMQTZjeuT4-jidd3LiJeBputRTzmU07aqcF7khLAEYoST9aIR7Soy2ex6DhK6BvkBCnrXrPzyH-N4gGEaztCo3YW-MtkMVHxr9hRd9HlVGepQft7aHk3FUHyz57OAEAYAGg5SY49Ss1K1doAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1YaJYZdyHAmD6X_3fOuWJvjivjKw%26client%3Dca-pub-4663753467999594%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
bcce350016351558ba10c39c15813b3f57d79bd01072dd7a064745175a208994
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:35:00 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=1155138
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
26714
expires
Wed, 29 Mar 2023 11:27:18 GMT
img
pix.eu.criteo.net/img/ Frame 990D 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2000&q=80&r=2&u=https%3A%2F%2Fprod.pictures.autoscout24.net%2Flisting-images%2F3b100d53-451e-48f3-a766-f09a4df351dc_ea9a9ae9-4b4f-433c-ae40-409e2ac5819f.jpg%2F1280x960.jpg&v=3&w=400&s=J-KkyFEhtvM4exnWKvChbY7g&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZBKAUwANXiAK3qLNAA3gfkwLdVizVn9gd2pzKw&u=%7CuWCZiUy7qD%2FouEjlkhyXhB4%2B9MTr%2FywVV6%2Fl90EPonU%3D%7C&c1=YJ4X_nXZn4MS-Vyc1jpPlV4VTPO6xzWbMW9ePYRMUYXVfUoF4cAXWYg8h5DGKhCYavayMK6vuCSe5-sUe1T5ah415E2MEw3gENqPGRConXrdVx33HLPhrr7NhQkrGZs8bvaE_-cw6AHWJEBL6ruujjnee_mlAbTgMLghQ8fJhyr6Z1TH11uRb-4R8adOPKv6GzGtYYEZ6HRiY0hw6y3yOY3uIXrxh3yqDDp0vSPHHFWddFNJ-_X9tteYhnl1zksxS1rLK2H8x-CrTQ_O0k2dyPc62n9SSVLVPYfXmE6mnf2rpXz-2SEB-UL8cebwdkQCEVUVIJmR2lmxeNxDiBZYFlcF9aeJ70-FPp_uzlDkSYHz6FHmIeT2jf4uMvJd5VuyD1b-3uEfnavcVG0WSjmr1Ru_rNdb9nN86IHpo3fxV__RyvE4yrOgUTdYnDbAglQq5gB8QjM4rswGiBPF2DbuAXL8AaEeL9Y0ovYtzjwJNxaEaCJuI-Q7WC1ULN2Z_b2wtsotqrDdfBbLHv5BpMB4uPcStpdr6nZmyJXFuq56sCzOLSXlBNxnsPMnP9_jlaJBwO1mOhPNq7C1y59m_GKDUmooQZweisbmJEY0cDA8usiN4zlqbiVq186-LmEci8Pd-dLrqYFKTGQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCOcbEU4ASZKC8Nc3F-gb-wLeICMme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNDY2Mzc1MzQ2Nzk5OTU5NMgBCakCAOdnHn-_sT7gAgCoAwGqBPoBT9DQmMnuoq3muaVA4bxM4gfBq7looj0SiKbJ9Q4uAogMtvrWKqP-ao0NsH3WMF58eVExlShXii2vumuD9hgKnjBAfXuPjDCnWuLZ9hFRAa_Ec9R5NT4CGAjaR5VHzKEU5rJiPjooqRlXSpP8b1wI_IqGkcb-6fNoHec-wOqowzcnkPqq0Jqbkx08s6gXwLMfyCpoN9HyLJ0U1LqVNHZMQTZjeuT4-jidd3LiJeBputRTzmU07aqcF7khLAEYoST9aIR7Soy2ex6DhK6BvkBCnrXrPzyH-N4gGEaztCo3YW-MtkMVHxr9hRd9HlVGepQft7aHk3FUHyz57OAEAYAGg5SY49Ss1K1doAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1YaJYZdyHAmD6X_3fOuWJvjivjKw%26client%3Dca-pub-4663753467999594%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
aed8e3888fc7201072fc8d5d05ffd6aa4ee86ceae974c6f755963a5077548472
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:35:00 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=541274
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
32844
expires
Wed, 22 Mar 2023 08:56:14 GMT
img
pix.eu.criteo.net/img/ Frame 990D 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2000&q=80&r=2&u=https%3A%2F%2Fprod.pictures.autoscout24.net%2Flisting-images%2Fc67efc99-4c6e-4111-9cd3-cdd78742c13c_c1a8c2c7-fde9-48b5-94a0-d74b7929d25f.jpg%2F1280x960.jpg&v=3&w=400&s=_iVDy2YvnRvxPAMOo4Nks8iZ&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZBKAUwANXiAK3qLNAA3gfkwLdVizVn9gd2pzKw&u=%7CuWCZiUy7qD%2FouEjlkhyXhB4%2B9MTr%2FywVV6%2Fl90EPonU%3D%7C&c1=YJ4X_nXZn4MS-Vyc1jpPlV4VTPO6xzWbMW9ePYRMUYXVfUoF4cAXWYg8h5DGKhCYavayMK6vuCSe5-sUe1T5ah415E2MEw3gENqPGRConXrdVx33HLPhrr7NhQkrGZs8bvaE_-cw6AHWJEBL6ruujjnee_mlAbTgMLghQ8fJhyr6Z1TH11uRb-4R8adOPKv6GzGtYYEZ6HRiY0hw6y3yOY3uIXrxh3yqDDp0vSPHHFWddFNJ-_X9tteYhnl1zksxS1rLK2H8x-CrTQ_O0k2dyPc62n9SSVLVPYfXmE6mnf2rpXz-2SEB-UL8cebwdkQCEVUVIJmR2lmxeNxDiBZYFlcF9aeJ70-FPp_uzlDkSYHz6FHmIeT2jf4uMvJd5VuyD1b-3uEfnavcVG0WSjmr1Ru_rNdb9nN86IHpo3fxV__RyvE4yrOgUTdYnDbAglQq5gB8QjM4rswGiBPF2DbuAXL8AaEeL9Y0ovYtzjwJNxaEaCJuI-Q7WC1ULN2Z_b2wtsotqrDdfBbLHv5BpMB4uPcStpdr6nZmyJXFuq56sCzOLSXlBNxnsPMnP9_jlaJBwO1mOhPNq7C1y59m_GKDUmooQZweisbmJEY0cDA8usiN4zlqbiVq186-LmEci8Pd-dLrqYFKTGQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCOcbEU4ASZKC8Nc3F-gb-wLeICMme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNDY2Mzc1MzQ2Nzk5OTU5NMgBCakCAOdnHn-_sT7gAgCoAwGqBPoBT9DQmMnuoq3muaVA4bxM4gfBq7looj0SiKbJ9Q4uAogMtvrWKqP-ao0NsH3WMF58eVExlShXii2vumuD9hgKnjBAfXuPjDCnWuLZ9hFRAa_Ec9R5NT4CGAjaR5VHzKEU5rJiPjooqRlXSpP8b1wI_IqGkcb-6fNoHec-wOqowzcnkPqq0Jqbkx08s6gXwLMfyCpoN9HyLJ0U1LqVNHZMQTZjeuT4-jidd3LiJeBputRTzmU07aqcF7khLAEYoST9aIR7Soy2ex6DhK6BvkBCnrXrPzyH-N4gGEaztCo3YW-MtkMVHxr9hRd9HlVGepQft7aHk3FUHyz57OAEAYAGg5SY49Ss1K1doAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1YaJYZdyHAmD6X_3fOuWJvjivjKw%26client%3Dca-pub-4663753467999594%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
aaac4a435c2ad3240cb7d250a9bd3395261f4529a6f429d1d27628d030caa91b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:34:59 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=729412
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
30560
expires
Fri, 24 Mar 2023 13:11:52 GMT
img
pix.eu.criteo.net/img/ Frame 990D 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2000&q=80&r=2&u=https%3A%2F%2Fprod.pictures.autoscout24.net%2Flisting-images%2F0d37489e-2e2c-4c85-b980-4ef75b6ad078_1a37162f-3393-4117-9434-01579750c358.jpg%2F1280x960.jpg&v=3&w=400&s=iJU52xaQAuqgP-1eWsuMpD_Y&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZBKAUwANXiAK3qLNAA3gfkwLdVizVn9gd2pzKw&u=%7CuWCZiUy7qD%2FouEjlkhyXhB4%2B9MTr%2FywVV6%2Fl90EPonU%3D%7C&c1=YJ4X_nXZn4MS-Vyc1jpPlV4VTPO6xzWbMW9ePYRMUYXVfUoF4cAXWYg8h5DGKhCYavayMK6vuCSe5-sUe1T5ah415E2MEw3gENqPGRConXrdVx33HLPhrr7NhQkrGZs8bvaE_-cw6AHWJEBL6ruujjnee_mlAbTgMLghQ8fJhyr6Z1TH11uRb-4R8adOPKv6GzGtYYEZ6HRiY0hw6y3yOY3uIXrxh3yqDDp0vSPHHFWddFNJ-_X9tteYhnl1zksxS1rLK2H8x-CrTQ_O0k2dyPc62n9SSVLVPYfXmE6mnf2rpXz-2SEB-UL8cebwdkQCEVUVIJmR2lmxeNxDiBZYFlcF9aeJ70-FPp_uzlDkSYHz6FHmIeT2jf4uMvJd5VuyD1b-3uEfnavcVG0WSjmr1Ru_rNdb9nN86IHpo3fxV__RyvE4yrOgUTdYnDbAglQq5gB8QjM4rswGiBPF2DbuAXL8AaEeL9Y0ovYtzjwJNxaEaCJuI-Q7WC1ULN2Z_b2wtsotqrDdfBbLHv5BpMB4uPcStpdr6nZmyJXFuq56sCzOLSXlBNxnsPMnP9_jlaJBwO1mOhPNq7C1y59m_GKDUmooQZweisbmJEY0cDA8usiN4zlqbiVq186-LmEci8Pd-dLrqYFKTGQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCOcbEU4ASZKC8Nc3F-gb-wLeICMme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNDY2Mzc1MzQ2Nzk5OTU5NMgBCakCAOdnHn-_sT7gAgCoAwGqBPoBT9DQmMnuoq3muaVA4bxM4gfBq7looj0SiKbJ9Q4uAogMtvrWKqP-ao0NsH3WMF58eVExlShXii2vumuD9hgKnjBAfXuPjDCnWuLZ9hFRAa_Ec9R5NT4CGAjaR5VHzKEU5rJiPjooqRlXSpP8b1wI_IqGkcb-6fNoHec-wOqowzcnkPqq0Jqbkx08s6gXwLMfyCpoN9HyLJ0U1LqVNHZMQTZjeuT4-jidd3LiJeBputRTzmU07aqcF7khLAEYoST9aIR7Soy2ex6DhK6BvkBCnrXrPzyH-N4gGEaztCo3YW-MtkMVHxr9hRd9HlVGepQft7aHk3FUHyz57OAEAYAGg5SY49Ss1K1doAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1YaJYZdyHAmD6X_3fOuWJvjivjKw%26client%3Dca-pub-4663753467999594%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
071e56fe3f3967f8312341ae975d3e716a31d2fb1dea8b8a12adbcb644ea0baf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:34:59 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=540005
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
35666
expires
Wed, 22 Mar 2023 08:35:05 GMT
img
pix.eu.criteo.net/img/ Frame 990D 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2000&q=80&r=2&u=https%3A%2F%2Fprod.pictures.autoscout24.net%2Flisting-images%2F8ef89797-6a3b-40a2-b06d-60056c7ecaa1_ee00922e-1873-40b3-99a0-b89a43556cd5.jpg%2F1280x960.jpg&v=3&w=400&s=eIHa7obbd7Ji4scAv1QZF1Kg&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZBKAUwANXiAK3qLNAA3gfkwLdVizVn9gd2pzKw&u=%7CuWCZiUy7qD%2FouEjlkhyXhB4%2B9MTr%2FywVV6%2Fl90EPonU%3D%7C&c1=YJ4X_nXZn4MS-Vyc1jpPlV4VTPO6xzWbMW9ePYRMUYXVfUoF4cAXWYg8h5DGKhCYavayMK6vuCSe5-sUe1T5ah415E2MEw3gENqPGRConXrdVx33HLPhrr7NhQkrGZs8bvaE_-cw6AHWJEBL6ruujjnee_mlAbTgMLghQ8fJhyr6Z1TH11uRb-4R8adOPKv6GzGtYYEZ6HRiY0hw6y3yOY3uIXrxh3yqDDp0vSPHHFWddFNJ-_X9tteYhnl1zksxS1rLK2H8x-CrTQ_O0k2dyPc62n9SSVLVPYfXmE6mnf2rpXz-2SEB-UL8cebwdkQCEVUVIJmR2lmxeNxDiBZYFlcF9aeJ70-FPp_uzlDkSYHz6FHmIeT2jf4uMvJd5VuyD1b-3uEfnavcVG0WSjmr1Ru_rNdb9nN86IHpo3fxV__RyvE4yrOgUTdYnDbAglQq5gB8QjM4rswGiBPF2DbuAXL8AaEeL9Y0ovYtzjwJNxaEaCJuI-Q7WC1ULN2Z_b2wtsotqrDdfBbLHv5BpMB4uPcStpdr6nZmyJXFuq56sCzOLSXlBNxnsPMnP9_jlaJBwO1mOhPNq7C1y59m_GKDUmooQZweisbmJEY0cDA8usiN4zlqbiVq186-LmEci8Pd-dLrqYFKTGQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCOcbEU4ASZKC8Nc3F-gb-wLeICMme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNDY2Mzc1MzQ2Nzk5OTU5NMgBCakCAOdnHn-_sT7gAgCoAwGqBPoBT9DQmMnuoq3muaVA4bxM4gfBq7looj0SiKbJ9Q4uAogMtvrWKqP-ao0NsH3WMF58eVExlShXii2vumuD9hgKnjBAfXuPjDCnWuLZ9hFRAa_Ec9R5NT4CGAjaR5VHzKEU5rJiPjooqRlXSpP8b1wI_IqGkcb-6fNoHec-wOqowzcnkPqq0Jqbkx08s6gXwLMfyCpoN9HyLJ0U1LqVNHZMQTZjeuT4-jidd3LiJeBputRTzmU07aqcF7khLAEYoST9aIR7Soy2ex6DhK6BvkBCnrXrPzyH-N4gGEaztCo3YW-MtkMVHxr9hRd9HlVGepQft7aHk3FUHyz57OAEAYAGg5SY49Ss1K1doAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1YaJYZdyHAmD6X_3fOuWJvjivjKw%26client%3Dca-pub-4663753467999594%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
8d06096e18b07b7e8f8ae4e5ee75d62d857b039bcb4e2eec077526815170bc74
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:35:00 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=540006
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
26720
expires
Wed, 22 Mar 2023 08:35:07 GMT
all
csm.eu.criteo.net/ Frame 990D 		0
128 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=8GnTmZbAYzd9tt7lowD_idcm_Kg2k1-l1WZ26MTrwMB3ntufu5Hf1Xygwh9VojcJqhrQLk_gYtWkBeL--jqcDnkf9ZGFFsdJhChzpMC1tiXK5m8xqmpWS86Pjd4BJmhcYzz85qpOZM_NTrYiRByIeqLk4qj4RHjeoADEF47yWntTqUUdZFpdKLmGIBIuKOmZJdmTUDSDiCyn682umTNZWwR0sOEA4Edm2RNg4OnbJ48Zu-0zJH4BXHQCtVBP6R2VA9UGmQ&sds=2&rev=85089&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZBKAUwANXiAK3qLNAA3gfkwLdVizVn9gd2pzKw&u=%7CuWCZiUy7qD%2FouEjlkhyXhB4%2B9MTr%2FywVV6%2Fl90EPonU%3D%7C&c1=YJ4X_nXZn4MS-Vyc1jpPlV4VTPO6xzWbMW9ePYRMUYXVfUoF4cAXWYg8h5DGKhCYavayMK6vuCSe5-sUe1T5ah415E2MEw3gENqPGRConXrdVx33HLPhrr7NhQkrGZs8bvaE_-cw6AHWJEBL6ruujjnee_mlAbTgMLghQ8fJhyr6Z1TH11uRb-4R8adOPKv6GzGtYYEZ6HRiY0hw6y3yOY3uIXrxh3yqDDp0vSPHHFWddFNJ-_X9tteYhnl1zksxS1rLK2H8x-CrTQ_O0k2dyPc62n9SSVLVPYfXmE6mnf2rpXz-2SEB-UL8cebwdkQCEVUVIJmR2lmxeNxDiBZYFlcF9aeJ70-FPp_uzlDkSYHz6FHmIeT2jf4uMvJd5VuyD1b-3uEfnavcVG0WSjmr1Ru_rNdb9nN86IHpo3fxV__RyvE4yrOgUTdYnDbAglQq5gB8QjM4rswGiBPF2DbuAXL8AaEeL9Y0ovYtzjwJNxaEaCJuI-Q7WC1ULN2Z_b2wtsotqrDdfBbLHv5BpMB4uPcStpdr6nZmyJXFuq56sCzOLSXlBNxnsPMnP9_jlaJBwO1mOhPNq7C1y59m_GKDUmooQZweisbmJEY0cDA8usiN4zlqbiVq186-LmEci8Pd-dLrqYFKTGQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCOcbEU4ASZKC8Nc3F-gb-wLeICMme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNDY2Mzc1MzQ2Nzk5OTU5NMgBCakCAOdnHn-_sT7gAgCoAwGqBPoBT9DQmMnuoq3muaVA4bxM4gfBq7looj0SiKbJ9Q4uAogMtvrWKqP-ao0NsH3WMF58eVExlShXii2vumuD9hgKnjBAfXuPjDCnWuLZ9hFRAa_Ec9R5NT4CGAjaR5VHzKEU5rJiPjooqRlXSpP8b1wI_IqGkcb-6fNoHec-wOqowzcnkPqq0Jqbkx08s6gXwLMfyCpoN9HyLJ0U1LqVNHZMQTZjeuT4-jidd3LiJeBputRTzmU07aqcF7khLAEYoST9aIR7Soy2ex6DhK6BvkBCnrXrPzyH-N4gGEaztCo3YW-MtkMVHxr9hRd9HlVGepQft7aHk3FUHyz57OAEAYAGg5SY49Ss1K1doAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1YaJYZdyHAmD6X_3fOuWJvjivjKw%26client%3Dca-pub-4663753467999594%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::21 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 16 Mar 2023 02:35:00 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 990D 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZBKAUwANXiAK3qLNAA3gfkwLdVizVn9gd2pzKw&u=%7CuWCZiUy7qD%2FouEjlkhyXhB4%2B9MTr%2FywVV6%2Fl90EPonU%3D%7C&c1=YJ4X_nXZn4MS-Vyc1jpPlV4VTPO6xzWbMW9ePYRMUYXVfUoF4cAXWYg8h5DGKhCYavayMK6vuCSe5-sUe1T5ah415E2MEw3gENqPGRConXrdVx33HLPhrr7NhQkrGZs8bvaE_-cw6AHWJEBL6ruujjnee_mlAbTgMLghQ8fJhyr6Z1TH11uRb-4R8adOPKv6GzGtYYEZ6HRiY0hw6y3yOY3uIXrxh3yqDDp0vSPHHFWddFNJ-_X9tteYhnl1zksxS1rLK2H8x-CrTQ_O0k2dyPc62n9SSVLVPYfXmE6mnf2rpXz-2SEB-UL8cebwdkQCEVUVIJmR2lmxeNxDiBZYFlcF9aeJ70-FPp_uzlDkSYHz6FHmIeT2jf4uMvJd5VuyD1b-3uEfnavcVG0WSjmr1Ru_rNdb9nN86IHpo3fxV__RyvE4yrOgUTdYnDbAglQq5gB8QjM4rswGiBPF2DbuAXL8AaEeL9Y0ovYtzjwJNxaEaCJuI-Q7WC1ULN2Z_b2wtsotqrDdfBbLHv5BpMB4uPcStpdr6nZmyJXFuq56sCzOLSXlBNxnsPMnP9_jlaJBwO1mOhPNq7C1y59m_GKDUmooQZweisbmJEY0cDA8usiN4zlqbiVq186-LmEci8Pd-dLrqYFKTGQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCOcbEU4ASZKC8Nc3F-gb-wLeICMme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNDY2Mzc1MzQ2Nzk5OTU5NMgBCakCAOdnHn-_sT7gAgCoAwGqBPoBT9DQmMnuoq3muaVA4bxM4gfBq7looj0SiKbJ9Q4uAogMtvrWKqP-ao0NsH3WMF58eVExlShXii2vumuD9hgKnjBAfXuPjDCnWuLZ9hFRAa_Ec9R5NT4CGAjaR5VHzKEU5rJiPjooqRlXSpP8b1wI_IqGkcb-6fNoHec-wOqowzcnkPqq0Jqbkx08s6gXwLMfyCpoN9HyLJ0U1LqVNHZMQTZjeuT4-jidd3LiJeBputRTzmU07aqcF7khLAEYoST9aIR7Soy2ex6DhK6BvkBCnrXrPzyH-N4gGEaztCo3YW-MtkMVHxr9hRd9HlVGepQft7aHk3FUHyz57OAEAYAGg5SY49Ss1K1doAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1YaJYZdyHAmD6X_3fOuWJvjivjKw%26client%3Dca-pub-4663753467999594%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:35:00 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 10 Mar 2024 02:35:00 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 990D 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZBKAUwANXiAK3qLNAA3gfkwLdVizVn9gd2pzKw&u=%7CuWCZiUy7qD%2FouEjlkhyXhB4%2B9MTr%2FywVV6%2Fl90EPonU%3D%7C&c1=YJ4X_nXZn4MS-Vyc1jpPlV4VTPO6xzWbMW9ePYRMUYXVfUoF4cAXWYg8h5DGKhCYavayMK6vuCSe5-sUe1T5ah415E2MEw3gENqPGRConXrdVx33HLPhrr7NhQkrGZs8bvaE_-cw6AHWJEBL6ruujjnee_mlAbTgMLghQ8fJhyr6Z1TH11uRb-4R8adOPKv6GzGtYYEZ6HRiY0hw6y3yOY3uIXrxh3yqDDp0vSPHHFWddFNJ-_X9tteYhnl1zksxS1rLK2H8x-CrTQ_O0k2dyPc62n9SSVLVPYfXmE6mnf2rpXz-2SEB-UL8cebwdkQCEVUVIJmR2lmxeNxDiBZYFlcF9aeJ70-FPp_uzlDkSYHz6FHmIeT2jf4uMvJd5VuyD1b-3uEfnavcVG0WSjmr1Ru_rNdb9nN86IHpo3fxV__RyvE4yrOgUTdYnDbAglQq5gB8QjM4rswGiBPF2DbuAXL8AaEeL9Y0ovYtzjwJNxaEaCJuI-Q7WC1ULN2Z_b2wtsotqrDdfBbLHv5BpMB4uPcStpdr6nZmyJXFuq56sCzOLSXlBNxnsPMnP9_jlaJBwO1mOhPNq7C1y59m_GKDUmooQZweisbmJEY0cDA8usiN4zlqbiVq186-LmEci8Pd-dLrqYFKTGQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCOcbEU4ASZKC8Nc3F-gb-wLeICMme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNDY2Mzc1MzQ2Nzk5OTU5NMgBCakCAOdnHn-_sT7gAgCoAwGqBPoBT9DQmMnuoq3muaVA4bxM4gfBq7looj0SiKbJ9Q4uAogMtvrWKqP-ao0NsH3WMF58eVExlShXii2vumuD9hgKnjBAfXuPjDCnWuLZ9hFRAa_Ec9R5NT4CGAjaR5VHzKEU5rJiPjooqRlXSpP8b1wI_IqGkcb-6fNoHec-wOqowzcnkPqq0Jqbkx08s6gXwLMfyCpoN9HyLJ0U1LqVNHZMQTZjeuT4-jidd3LiJeBputRTzmU07aqcF7khLAEYoST9aIR7Soy2ex6DhK6BvkBCnrXrPzyH-N4gGEaztCo3YW-MtkMVHxr9hRd9HlVGepQft7aHk3FUHyz57OAEAYAGg5SY49Ss1K1doAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1YaJYZdyHAmD6X_3fOuWJvjivjKw%26client%3Dca-pub-4663753467999594%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:35:00 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 10 Mar 2024 02:35:00 GMT
VideoBidRequestHandlerServlet
wf.taboola.com/ 		2 KB
937 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1678934100566&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=2&pv=1507&pt=-1799574963&tz=0&viewable=true&ddast=V7VG8CFgPW4ebAeYgwoQTW4ebAeYgwoQUAAAAGBvQHJGbxWCyuicUt8syWa9HMZlxLHJORWzlZ7WaWxcgw8q2MQGIWj8XimljcIs9suRbNbMa1xDEZuZWT1W5mWYwMI9_KChzGcpkMaoGEZfb7DkK-22UQFV1vi93hNHveUIGm0-Fz3euVntPfZdf43XaJ5S8HAAAAgIf___9_CAAAAIAIAAAAAAkAAAAAioCKfwuBCwAAAACM____fw0AKI4Dsrw8J5fdHwAAAAAgAAAAACQAA_a1JQAVa3Un__________8xA_SZNzL_____NwY9AA8-AA9CAAAAH0Mr5SafGw-4bkQFwkWMAAAAAHKrNxuPJnVCZVH1___fbwVwBQAQYIhexGORpTso8RYGAAAAMLZAD4vfb3bYNX63y_7_________zf7P_tGEmHri0oK64EjVfgEBANZ-AQEA2MYNAOBNAC7oCFoxGKwOQZar1WAymcwOAAAA4O7___9fD0R2G49xsVoMRibHZDIaroYTx2hk3MxMjsXI5Nxs71g3-J-zVQSlz0NYZr_vIOS7XQZR0fW22B1Os-cgPmgYlpNBML8JW4xWk8lmOZwtF5PBcDQcjfY3EIvFACdisFxOJovJbjVajTbD3Wg2WKBADCZI0aLBZDUaTRaT4Wo0Wc2Wi91ugxStWs1Gm8FwNZvMdrvVcDBcjkY4YYvRajLZLIez5WIyGI6Go9EQYcY22s1sk9Fa5LLY3KLFaLiWOHybtWbkWEwmy-XGNFisRa-P6WLYGFYjwxYFA0T2InlapBORy2OabVbGmXE3mCw8ruVk5ZyYHMvdcuFZLlyOiViiOVmkE9llX9ltPMbFajEYmRyTyWi4Gk4co5FxMzM5FiOTc7Pv2Ea7mW0yWotcFptbtBgN1xKHb7PWjByLyWS53JgGi7Xo9TFdDBvDamTYN2a74XIzGixn-8ZsN1xuRoPlbN9hMj1Tn7NReNxqPD7FM3aTWW8Og8JlsHh_EtNi2p0dTGff0WnzqZdFndHv9_v9fr_f7_f7DVrPwWxQ-LbRW7Z3DZpL17G5IDYYFLFEcJFOVCan6W95eNZKz-lvEUuUpot0oi_63S7Dw-fyV8QSwekinQj9bpdF_ceHGK7mksVmrlit5orRYpUAAAAAAAAAAJYwZ94EAAAA4DSQ1XI3W63zIEaDzW62Wi5AhJSp7s-xXMhZxi70LqMW-vwET0dQcePHDWVymv6Wh2et9Jz-VgaIkCpl3vyZINZqtawBAAAEsAEAAAK4dfMWmDrF_____8cBAADIyNEDAADQ7wNdwY9eK_TE8RfEYDTbDQ!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=8&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=1&dtagid=1403765&dpubid=259765&abtst=nonrv_vA!prp_vC!prp_vC!ufm_vG&mPre=0.033&cirf=https%3A%2F%2Fistoe.com.br&en=1&subu=3
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.9.9/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
53f294492662b2285c7ba665b7e1fa88407de3db2ba4bb7587e597842a59a531

Request headers

Referer
https://istoe.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-type
text/plain

Response headers

x-cache-hits
0
date
Thu, 16 Mar 2023 02:35:00 GMT
content-encoding
gzip
via
1.1 varnish
machineid
1470
x-cache
MISS
x-served-by
cache-fra-eddf8230115-FRA
pragma
no-cache
server
nginx
x-timer
S1678934101.566481,VS0,VE143
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://istoe.com.br
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
accept-ranges
bytes
expires
Sat, 26 Jul 1997 05:00:00 GMT
initcb
webservices.webspectator.com/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://webservices.webspectator.com/initcb?appId=2739&vId=6BBC6A4BF298085C&dads=0&lts=0&nv=1&s=4771&res=1600x1200&c=1&l=en&r=&sr=&ts=1678934100593&rs=0&h=https%3A%2F%2Fistoe.com.br%2F&npv=1&ltsss=0&ltsvs=0
Requested by
Host: webservices.webspectator.com
URL: https://webservices.webspectator.com/init?appId=CX7OAZHK&h=https%3A%2F%2Fistoe.com.br%2F&t=1678934099640
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.192.67.210 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-192-67-210.compute-1.amazonaws.com
Software
WildFly/10 / Undertow/1
Resource Hash
7af2743ea3709bf7a042f15fe8fe9e56b8fac5cbfac0f4163488d6fe124d0fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://istoe.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 16 Mar 2023 02:35:00 GMT
Content-Encoding
gzip
Server
WildFly/10
X-Powered-By
Undertow/1
Transfer-Encoding
chunked
Content-Type
application/javascript;charset=UTF-8
X-NoCache
true
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Jan 1970 00:00:00 GMT
container.html
3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame B6A1 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031301.js?cb=31073052
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://istoe.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 16 Mar 2023 02:34:59 GMT
expires
Fri, 15 Mar 2024 02:34:59 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
collect
p.clarity.ms/ 		0
292 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://p.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/eus2-sc/s/0.7.2/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.122.63.128 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://istoe.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://istoe.com.br
Date
Thu, 16 Mar 2023 02:35:00 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
adview
securepubads.g.doubleclick.net/pagead/ Frame B6A1 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CoSEKVIASZOC5D8fkx_APlvy9uAPJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2NjM3NTM0Njc5OTk1OTTIAQmpAmUyKe-Vw7E-4AIAqAMByAMCqgSFAk_QHBV5yLa5wqDyMfm-ZjscAXbIm4kbUI_y-WZgy6gFcX4DN25SyJbeFTwEot0Tnria8TolQmj5VR6GJCTAuiDaoKM57HkkYD1V7jTnyccn1YMDl14NsWJK3MnwG4l3F2FEBzzrMGYELG11vu6vwsyOWsvXO4O_sKyHEzU67JVZrEJWrn1SCXpKKxiAjE-ngin4F8JagL86ko9s24O7RyLXUieRa2zvps0y0jm4qBEwGR6hUzY9UN40sxiwVE7e5vJg2FP0SqMYl6YaBeRn5McFq9TEa58HZIaXk7yWQlaS34MhfL92iRDuZ9E4ni1c9NhKAeuv4hII0lCMVlFXVPdZ1Gx2F-AEAYAGg5SY49Ss1K1doAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQIAKAfoLAggBgAwB0BUBgBcBshccChoSFHB1Yi00NjYzNzUzNDY3OTk5NTk0GIewDg&sigh=sGnb51Woags&uach_m=[UACH]&cid=CAQSOwDUE5ymSA1bilSJjSLQce95NEW4E9krF_BpLu1jCUaJkxKaibVsbXfFxecpCL3ErjwqCTau7npWgcdLGAE
Requested by
Host: istoe.com.br
URL: https://istoe.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers
notify
rtb.nl3.eu.criteo.com/google/auction/ Frame B6A1 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.nl3.eu.criteo.com/google/auction/notify?profile=14&payload=kP79EuLBMMoH-gGdg2ICAgAAAHU6N8dud3yQEFOAEmRaSBQtMDpO2kfEAAASAAAKDkFRVUJBUVlCQVFFQkFR&wp=ZBKAVAAD3OAIEfJHAA9-Fl13UQfuy8fbJs0VWg
Requested by
Host: istoe.com.br
URL: https://istoe.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:35:00 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
176894
content-length
0
afr.php
ads.eu.criteo.com/delivery/r/ Frame C441 		149 KB
49 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=ZBKAVAAD3OAIEfJHAA9-Fl13UQfuy8fbJs0VWg&u=%7CrBqHi6DA9DlhYDPnWGXsCORbq2qKSqNY3Pch%2F0Ow9jE%3D%7C&c1=YJ4X_nXZn4MS-Vyc1jpPlV4VTPO6xzWbMW9ePYRMUYXVfUoF4cAXWYg8h5DGKhCYavayMK6vuCSe5-sUe1T5akJaCqlgW0l1Z8nIARLKiu92QefvKI7HuQ4HHw_rT1jfSENlurgkp1YrCeutHG4sfADuBXC9QTGKhsCgAUwiAzn8mIekejftBO8JQqyu7I3cuENusM8YmpDWFTDNLAhFXkubc8IQuq-xtpTQCX-IMzhed1aKACCWKmxbJXmqfNlEvliIAEW_eTC0laefqUUCwD2vnhWNWi8w_ZU_7OhIj5g7gYRxasctYCKglMRsRaVDy1QU4WqznHLRLOnZQC0A0cvbCQyGJSlVYgaXyB0NGsyY0LIZhuZPa9ewnaUScF8FzOUfyIuHn6SAfamK7qT4jallhsK2N0Xgc-qlw8OC0v7UGMTcECHwP565fbRzyrgmQW5CHtKCcv0BjGh6GfBjSeRIqjQvXNclgIF-cZ4QcYeF8juMn-yNxYrd6BNMeRKTTFiuuUQ3XQrIujPu99IXyrwz9je63LCJ4K73khib62RE93_96eIw3umACwzW-ZA2ZEOngyV19bGjut84cGNDDnPxDzUV1drx_eU3vFjmXj9CWrIfZPVRYtN34z4l49xz9lWRnxy47x0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCSs0GVIASZOC5D8fkx_APlvy9uAPJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2NjM3NTM0Njc5OTk1OTTIAQmpAmUyKe-Vw7E-4AIAqAMByAMCqgSIAk_QHBV5yLa5wqDyMfm-ZjscAXbIm4kbUI_y-WZgy6gFcX4DN25SyJbeFTwEot0Tnria8TolQmj5VR6GJCTAuiDaoKM57HkkYD1V7jTnyccn1YMDl14NsWJK3MnwG4l3F2FEBzzrMGYELG11vu6vwsyOWsvXO4O_sKyHEzU67JVZrEJWrn1SCXpKKxiAjE-ngin4F8JagL86ko9s24O7RyLXUieRa2zvps0y0jm4qBEwGR6hUzY9UN40sxiwVE7e5vJg2FP0SqMYl6YaBeRn5McFq9TEa58HZIaXk7yWQlbQ3aKz-zDqmq9yc3Loo4uk_cxAt-GB-pC8Gm0qpO5JeO_cfuhlqDr_-eAEAYAGg5SY49Ss1K1doAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0DFsJ9t4HclcN4W-y9GcYVadmMkw%26client%3Dca-pub-4663753467999594%26adurl%3D
Requested by
Host: 3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com
URL: https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
af92a6ad63702d33b96422d43168bba36aed82c30ede0824bc4e84ce03119fc6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Thu, 16 Mar 2023 02:35:00 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=J9FBMpbAYzd9tt7lR6TEB9ptd_mDnG5eBo7Kj_TZ0xtMc_0XOUn3g6b9QQ49F-L52ayWrQo6_6FEfqcStrtcbqjacjg-1Yko3cbleGm1ONmI80ykDRc_G10wVXAoQw-sFE38jQ2IPlJYmEIyPdKWAZSrgu4OVUF1UEvmF8Oa1UPqpbSJG3FqWvq_cNF6DxcsLQtPPeE5cFoud1z9RR2v3qssPZiHLFewKhyfIPuOjWI2gCvQAYr8PRCQlAo2QeUIPTgazw"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
41673875
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230314/r20110914/client/ Frame B6A1 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230314/r20110914/client/window_focus_fy2021.js
Requested by
Host: 3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com
URL: https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 15 Mar 2023 22:31:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
14630
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 29 Mar 2023 22:31:10 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 2502 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com
URL: https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
51099
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 15 Mar 2023 12:23:21 GMT
etag
48472445140208031
expires
Thu, 16 Mar 2023 12:23:21 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230314/r20110914/client/ Frame B6A1 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230314/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com
URL: https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a9161954861bb1fd7d5044d99f9ce04137b3836979ce8c5c75d224642f57c3f9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 15 Mar 2023 18:10:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
30268
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8559
x-xss-protection
0
server
cafe
etag
11326455550778179109
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 29 Mar 2023 18:10:32 GMT
l
www.google.com/ads/measurement/ Frame B6A1 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTmm8KrcjiEf-3-GnAMe2oyuM7Lbwrw-qXelXNH9-zcqkLB41CpyfbXzQ9HYsIlsfX1P27Yt5ZlAiHHNvSD8QXCErhpKg
Requested by
Host: 3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com
URL: https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame B6A1 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com
URL: https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 09 Mar 2023 10:51:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
575011
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 08 Mar 2024 10:51:29 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame B6A1 		158 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com
URL: https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3456dcd3eb25196e68e2822cca66a20c2f123bedf5986f159be674e4c40a05cb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:35:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49519
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1678880156327103"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 16 Mar 2023 02:35:00 GMT
ortc-heartbeat1sec-min.js
wfpscripts.webspectator.com/ 		76 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wfpscripts.webspectator.com/ortc-heartbeat1sec-min.js
Requested by
Host: webservices.webspectator.com
URL: https://webservices.webspectator.com/initcb?appId=2739&vId=6BBC6A4BF298085C&dads=0&lts=0&nv=1&s=4771&res=1600x1200&c=1&l=en&r=&sr=&ts=1678934100593&rs=0&h=https%3A%2F%2Fistoe.com.br%2F&npv=1&ltsss=0&ltsvs=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.1.252.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-252-251.compute-1.amazonaws.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
80a6c8fd3fd83054bdd51a596217f806cec456cd5b176ec5e44a407201a82d2a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://istoe.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:35:00 GMT
content-encoding
gzip
last-modified
Wed, 30 Nov 2016 17:07:44 GMT
server
nginx/1.10.3 (Ubuntu)
etag
"ae07ae40393a03d603b6341bf9f7f923"
x-cache-status
HIT
content-type
application/javascript
cache-control
max-age=2592000
content-length
19153
x-amz-meta-s3b-last-modified
20161130T162538Z
retargetly_univ_2.js
wfpscripts.webspectator.com/third_party/ 		612 B
578 B 		Script
General
Check archive.org
Download Go to
Full URL
https://wfpscripts.webspectator.com/third_party/retargetly_univ_2.js
Requested by
Host: webservices.webspectator.com
URL: https://webservices.webspectator.com/initcb?appId=2739&vId=6BBC6A4BF298085C&dads=0&lts=0&nv=1&s=4771&res=1600x1200&c=1&l=en&r=&sr=&ts=1678934100593&rs=0&h=https%3A%2F%2Fistoe.com.br%2F&npv=1&ltsss=0&ltsvs=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.1.252.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-252-251.compute-1.amazonaws.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
0d89ab019fdc4db07a89ba39546aa0ef86110eb0478c636a033e8ac5e5fb6acb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://istoe.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:35:00 GMT
content-encoding
gzip
last-modified
Thu, 09 Sep 2021 20:05:54 GMT
server
nginx/1.10.3 (Ubuntu)
etag
"302fb998d90e2452d81370c4e03fa940"
x-cache-status
MISS
content-type
application/javascript
content-length
394
swfobject.js
ajax.googleapis.com/ajax/libs/swfobject/2.2/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/swfobject/2.2/swfobject.js
Requested by
Host: webservices.webspectator.com
URL: https://webservices.webspectator.com/initcb?appId=2739&vId=6BBC6A4BF298085C&dads=0&lts=0&nv=1&s=4771&res=1600x1200&c=1&l=en&r=&sr=&ts=1678934100593&rs=0&h=https%3A%2F%2Fistoe.com.br%2F&npv=1&ltsss=0&ltsvs=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8677971b119ccdb82af697ff0e08f218490d15116f221d44301f1cc8797e67d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://istoe.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 10 Mar 2023 02:22:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
519142
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3974
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 09 Mar 2024 02:22:38 GMT
ws-4.4.62.js
wfpscripts.webspectator.com/ 		81 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wfpscripts.webspectator.com/ws-4.4.62.js
Requested by
Host: webservices.webspectator.com
URL: https://webservices.webspectator.com/initcb?appId=2739&vId=6BBC6A4BF298085C&dads=0&lts=0&nv=1&s=4771&res=1600x1200&c=1&l=en&r=&sr=&ts=1678934100593&rs=0&h=https%3A%2F%2Fistoe.com.br%2F&npv=1&ltsss=0&ltsvs=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.1.252.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-252-251.compute-1.amazonaws.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
2e8fac6fa9527aaae83a3fc6200472418e1aa0cf42d9ed4422683e8e0192a861

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://istoe.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:35:00 GMT
content-encoding
gzip
last-modified
Wed, 06 Mar 2019 17:07:49 GMT
server
nginx/1.10.3 (Ubuntu)
etag
"4e7c8880fbc1b585c27bd698eb84469f"
x-cache-status
HIT
content-type
application/javascript
cache-control
max-age=2592000
content-length
23796
truncated
/ Frame B6A1 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
84df21d422039e1a24bdf909c7537c0a335cebed9b250f3134f360ea1ff208d1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type
image/png
current
dclk-match.dotomi.com/match/bounce/ Frame 2502 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEAUAFVffT0SP5Xeyj7GMtlA&google_cver=1&google_push=Aa02lx9N_Flr2255rePXXqHAhHc4Y4daUQReZgK6xUm8qzr9SM1dAcbKNRNunMWUVg6Bm_6hgtTPOdWxo8ZRRSIWAFcpzDzlf9ew7W-1
Requested by
Host: 3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com
URL: https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:16::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Mar 2023 02:35:00 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
pixel
cm.g.doubleclick.net/ Frame 2502
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEFmyTzcJEhLuqsQ7Ch-kiY0&google_cver=1&google_push=Aa02lx8klCZtiaBkjl1Bi7UklIGjUt_BTUANAwHh8u6kOw5PdEoRqHjjefs4VTxNQiPFkrw0qO_9xEVtE9RwXunLKU9f2-pDScOX3TnG
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=D8ACA06350D24CF5A364B7DEDB2460F0&google_push=Aa02lx8klCZtiaBkjl1Bi7UklIGjUt_BTUANAwHh8u6kOw5PdEoRqHjjefs4VTxNQiPFkrw0qO_9xEVtE9RwXun...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=D8ACA06350D24CF5A364B7DEDB2460F0&google_push=Aa02lx8klCZtiaBkjl1Bi7UklIGjUt_BTUANAwHh8u6kOw5PdEoRqHjjefs4VTxNQiPFkrw0qO_9xEVtE9RwXunLKU9f2-pDScOX3TnG
Requested by
Host: 3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com
URL: https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Mar 2023 02:35:00 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 16 Mar 2023 02:35:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=D8ACA06350D24CF5A364B7DEDB2460F0&google_push=Aa02lx8klCZtiaBkjl1Bi7UklIGjUt_BTUANAwHh8u6kOw5PdEoRqHjjefs4VTxNQiPFkrw0qO_9xEVtE9RwXunLKU9f2-pDScOX3TnG
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Wed, 15 Mar 2023 02:35:00 GMT
pixel
cm.g.doubleclick.net/ Frame 2502
Redirect Chain
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEEpH1QRMm03x6LbmzZIfrMk&google_cver=1&google_push=Aa02lx_m64DqJGSWWDi60hzWmXb2qohTl0MZncT5RnNdAbs73gg1rgRzSmwSkXl25nqX1bGcTXbxoDEhL-BJT4Qn...
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=GAgVF0hATGSnbxIhnH0jiA2&google_push=Aa02lx_m64DqJGSWWDi60hzWmXb2qohTl0MZncT5RnNdAbs73gg1rgRzSmwSkXl25nqX1bGcTXbxoDEhL-BJT4QngoNy-WojGLZeQFeT
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=GAgVF0hATGSnbxIhnH0jiA2&google_push=Aa02lx_m64DqJGSWWDi60hzWmXb2qohTl0MZncT5RnNdAbs73gg1rgRzSmwSkXl25nqX1bGcTXbxoDEhL-BJT4QngoNy-WojGLZeQFeT
Requested by
Host: 3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com
URL: https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Mar 2023 02:35:00 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 16 Mar 2023 02:35:00 GMT
via
1.1 google
x-engine-version
0.0.0
server
nginx/1.21.6
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=GAgVF0hATGSnbxIhnH0jiA2&google_push=Aa02lx_m64DqJGSWWDi60hzWmXb2qohTl0MZncT5RnNdAbs73gg1rgRzSmwSkXl25nqX1bGcTXbxoDEhL-BJT4QngoNy-WojGLZeQFeT
x-host
tde-deliveryengine-production-86c874c4d8-tfs4b
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pixel
cm.g.doubleclick.net/ Frame 2502
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESELMUqqtsQMJ9Wfm-v_c1QaU&google_cver=1&google_push=Aa02lx_a1Uhb_UkDnLkX9Cf3-OjfgizycOZx2G1cXMgkKz_J_uYCZecoHyZqC7scBJJ_kzuIbZfu9oED...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESELMUqqtsQMJ9Wfm-v_c1QaU&google_cver=1&google_push=Aa02lx_a1Uhb_UkDnLkX9Cf3-OjfgizycOZx2G1cXMgkKz_J_uYCZecoHyZqC7scBJJ_kzuIbZf...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTI5NzMyMzM5Njg2NjMyNzE&google_push=Aa02lx_a1Uhb_UkDnLkX9Cf3-OjfgizycOZx2G1cXMgkKz_J_uYCZecoHyZqC7scBJJ_kzuIbZfu9oED4...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTI5NzMyMzM5Njg2NjMyNzE&google_push=Aa02lx_a1Uhb_UkDnLkX9Cf3-OjfgizycOZx2G1cXMgkKz_J_uYCZecoHyZqC7scBJJ_kzuIbZfu9oED4Rx4cOz18w5RI1jJCK8XEsnm
Protocol
H3
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Mar 2023 02:35:00 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 16 Mar 2023 02:35:00 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTI5NzMyMzM5Njg2NjMyNzE&google_push=Aa02lx_a1Uhb_UkDnLkX9Cf3-OjfgizycOZx2G1cXMgkKz_J_uYCZecoHyZqC7scBJJ_kzuIbZfu9oED4Rx4cOz18w5RI1jJCK8XEsnm
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame 2502
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=R2P-67vIS-uNSMH57vsZFQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=R2P-67vIS-uNSMH57vsZFQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aa02lx_Hfu0QQuBYD3LSa-2CJWoY4dg3zLeurb8iNRGKl3KOJZZjrMgpKBMRU3jO2x8AdS3R-4GtohNobwMYi3SXe6xibm12pQPhVaP-
Requested by
Host: 3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com
URL: https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Mar 2023 02:35:00 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=R2P-67vIS-uNSMH57vsZFQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aa02lx_Hfu0QQuBYD3LSa-2CJWoY4dg3zLeurb8iNRGKl3KOJZZjrMgpKBMRU3jO2x8AdS3R-4GtohNobwMYi3SXe6xibm12pQPhVaP-
date
Thu, 16 Mar 2023 02:35:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 2502
Redirect Chain
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEFBQAtuAAn7L_-lcaVbXVOU&google_cver=1&google_push=Aa02lx-MkxuREHQyMTAqlnyEFuSEc0uB1gpij9dU1jwHYTJyhze76QX8OuxWagxL4aVK6d1v9E8TFQDDC5f6...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx-MkxuREHQyMTAqlnyEFuSEc0uB1gpij9dU1jwHYTJyhze76QX8OuxWagxL4aVK6d1v9E8TFQDDC5f6eTC5aY3HUjx8kmkTHYL6
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx-MkxuREHQyMTAqlnyEFuSEc0uB1gpij9dU1jwHYTJyhze76QX8OuxWagxL4aVK6d1v9E8TFQDDC5f6eTC5aY3HUjx8kmkTHYL6
Requested by
Host: 3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com
URL: https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Mar 2023 02:35:00 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx-MkxuREHQyMTAqlnyEFuSEc0uB1gpij9dU1jwHYTJyhze76QX8OuxWagxL4aVK6d1v9E8TFQDDC5f6eTC5aY3HUjx8kmkTHYL6
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
pixel
cm.g.doubleclick.net/ Frame 2502
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEM4LAigo7LUa4YUhJgEvDKM&google_cver=1&google_push=Aa02lx-74QNzWMTODNUJ28o6XyOBB-W-oIOPHsaURsDzITbJM5TUg-UfhNmurMypaXgeBZVUxK...
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1lUDJSZ2VCRTJ1RU5aNHdkRHMxYzlUcS5CUjZ5NmVIMH5B&google_push=Aa02lx-74QNzWMTODNUJ28o6XyOBB-W-oIOPHsaURsDzITbJM5TUg-Ufh...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1lUDJSZ2VCRTJ1RU5aNHdkRHMxYzlUcS5CUjZ5NmVIMH5B&google_push=Aa02lx-74QNzWMTODNUJ28o6XyOBB-W-oIOPHsaURsDzITbJM5TUg-UfhNmurMypaXgeBZVUxKFyc-h9Gfx_PzPhlke8awxqvn2sB0xvlQ
Requested by
Host: 3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com
URL: https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Mar 2023 02:35:00 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1lUDJSZ2VCRTJ1RU5aNHdkRHMxYzlUcS5CUjZ5NmVIMH5B&google_push=Aa02lx-74QNzWMTODNUJ28o6XyOBB-W-oIOPHsaURsDzITbJM5TUg-UfhNmurMypaXgeBZVUxKFyc-h9Gfx_PzPhlke8awxqvn2sB0xvlQ
date
Thu, 16 Mar 2023 02:35:00 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
attr
cm.g.doubleclick.net/pixel/ Frame 2502 		0
40 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13L0a1maJ6NLnlEmc674Z8KT-cYzg8jCdB-K9e00TbC5-aMlMpsigfmSW_KqdYyY4-F0N9kydg
Requested by
Host: 3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com
URL: https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:35:00 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
privacy_small.svg
static.criteo.net/flash/icon/ Frame C441 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZBKAVAAD3OAIEfJHAA9-Fl13UQfuy8fbJs0VWg&u=%7CrBqHi6DA9DlhYDPnWGXsCORbq2qKSqNY3Pch%2F0Ow9jE%3D%7C&c1=YJ4X_nXZn4MS-Vyc1jpPlV4VTPO6xzWbMW9ePYRMUYXVfUoF4cAXWYg8h5DGKhCYavayMK6vuCSe5-sUe1T5akJaCqlgW0l1Z8nIARLKiu92QefvKI7HuQ4HHw_rT1jfSENlurgkp1YrCeutHG4sfADuBXC9QTGKhsCgAUwiAzn8mIekejftBO8JQqyu7I3cuENusM8YmpDWFTDNLAhFXkubc8IQuq-xtpTQCX-IMzhed1aKACCWKmxbJXmqfNlEvliIAEW_eTC0laefqUUCwD2vnhWNWi8w_ZU_7OhIj5g7gYRxasctYCKglMRsRaVDy1QU4WqznHLRLOnZQC0A0cvbCQyGJSlVYgaXyB0NGsyY0LIZhuZPa9ewnaUScF8FzOUfyIuHn6SAfamK7qT4jallhsK2N0Xgc-qlw8OC0v7UGMTcECHwP565fbRzyrgmQW5CHtKCcv0BjGh6GfBjSeRIqjQvXNclgIF-cZ4QcYeF8juMn-yNxYrd6BNMeRKTTFiuuUQ3XQrIujPu99IXyrwz9je63LCJ4K73khib62RE93_96eIw3umACwzW-ZA2ZEOngyV19bGjut84cGNDDnPxDzUV1drx_eU3vFjmXj9CWrIfZPVRYtN34z4l49xz9lWRnxy47x0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCSs0GVIASZOC5D8fkx_APlvy9uAPJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2NjM3NTM0Njc5OTk1OTTIAQmpAmUyKe-Vw7E-4AIAqAMByAMCqgSIAk_QHBV5yLa5wqDyMfm-ZjscAXbIm4kbUI_y-WZgy6gFcX4DN25SyJbeFTwEot0Tnria8TolQmj5VR6GJCTAuiDaoKM57HkkYD1V7jTnyccn1YMDl14NsWJK3MnwG4l3F2FEBzzrMGYELG11vu6vwsyOWsvXO4O_sKyHEzU67JVZrEJWrn1SCXpKKxiAjE-ngin4F8JagL86ko9s24O7RyLXUieRa2zvps0y0jm4qBEwGR6hUzY9UN40sxiwVE7e5vJg2FP0SqMYl6YaBeRn5McFq9TEa58HZIaXk7yWQlbQ3aKz-zDqmq9yc3Loo4uk_cxAt-GB-pC8Gm0qpO5JeO_cfuhlqDr_-eAEAYAGg5SY49Ss1K1doAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0DFsJ9t4HclcN4W-y9GcYVadmMkw%26client%3Dca-pub-4663753467999594%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:35:00 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 10 Mar 2024 02:35:00 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame C441 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZBKAVAAD3OAIEfJHAA9-Fl13UQfuy8fbJs0VWg&u=%7CrBqHi6DA9DlhYDPnWGXsCORbq2qKSqNY3Pch%2F0Ow9jE%3D%7C&c1=YJ4X_nXZn4MS-Vyc1jpPlV4VTPO6xzWbMW9ePYRMUYXVfUoF4cAXWYg8h5DGKhCYavayMK6vuCSe5-sUe1T5akJaCqlgW0l1Z8nIARLKiu92QefvKI7HuQ4HHw_rT1jfSENlurgkp1YrCeutHG4sfADuBXC9QTGKhsCgAUwiAzn8mIekejftBO8JQqyu7I3cuENusM8YmpDWFTDNLAhFXkubc8IQuq-xtpTQCX-IMzhed1aKACCWKmxbJXmqfNlEvliIAEW_eTC0laefqUUCwD2vnhWNWi8w_ZU_7OhIj5g7gYRxasctYCKglMRsRaVDy1QU4WqznHLRLOnZQC0A0cvbCQyGJSlVYgaXyB0NGsyY0LIZhuZPa9ewnaUScF8FzOUfyIuHn6SAfamK7qT4jallhsK2N0Xgc-qlw8OC0v7UGMTcECHwP565fbRzyrgmQW5CHtKCcv0BjGh6GfBjSeRIqjQvXNclgIF-cZ4QcYeF8juMn-yNxYrd6BNMeRKTTFiuuUQ3XQrIujPu99IXyrwz9je63LCJ4K73khib62RE93_96eIw3umACwzW-ZA2ZEOngyV19bGjut84cGNDDnPxDzUV1drx_eU3vFjmXj9CWrIfZPVRYtN34z4l49xz9lWRnxy47x0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCSs0GVIASZOC5D8fkx_APlvy9uAPJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2NjM3NTM0Njc5OTk1OTTIAQmpAmUyKe-Vw7E-4AIAqAMByAMCqgSIAk_QHBV5yLa5wqDyMfm-ZjscAXbIm4kbUI_y-WZgy6gFcX4DN25SyJbeFTwEot0Tnria8TolQmj5VR6GJCTAuiDaoKM57HkkYD1V7jTnyccn1YMDl14NsWJK3MnwG4l3F2FEBzzrMGYELG11vu6vwsyOWsvXO4O_sKyHEzU67JVZrEJWrn1SCXpKKxiAjE-ngin4F8JagL86ko9s24O7RyLXUieRa2zvps0y0jm4qBEwGR6hUzY9UN40sxiwVE7e5vJg2FP0SqMYl6YaBeRn5McFq9TEa58HZIaXk7yWQlbQ3aKz-zDqmq9yc3Loo4uk_cxAt-GB-pC8Gm0qpO5JeO_cfuhlqDr_-eAEAYAGg5SY49Ss1K1doAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0DFsJ9t4HclcN4W-y9GcYVadmMkw%26client%3Dca-pub-4663753467999594%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:35:00 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 10 Mar 2024 02:35:00 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame C441 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZBKAVAAD3OAIEfJHAA9-Fl13UQfuy8fbJs0VWg&u=%7CrBqHi6DA9DlhYDPnWGXsCORbq2qKSqNY3Pch%2F0Ow9jE%3D%7C&c1=YJ4X_nXZn4MS-Vyc1jpPlV4VTPO6xzWbMW9ePYRMUYXVfUoF4cAXWYg8h5DGKhCYavayMK6vuCSe5-sUe1T5akJaCqlgW0l1Z8nIARLKiu92QefvKI7HuQ4HHw_rT1jfSENlurgkp1YrCeutHG4sfADuBXC9QTGKhsCgAUwiAzn8mIekejftBO8JQqyu7I3cuENusM8YmpDWFTDNLAhFXkubc8IQuq-xtpTQCX-IMzhed1aKACCWKmxbJXmqfNlEvliIAEW_eTC0laefqUUCwD2vnhWNWi8w_ZU_7OhIj5g7gYRxasctYCKglMRsRaVDy1QU4WqznHLRLOnZQC0A0cvbCQyGJSlVYgaXyB0NGsyY0LIZhuZPa9ewnaUScF8FzOUfyIuHn6SAfamK7qT4jallhsK2N0Xgc-qlw8OC0v7UGMTcECHwP565fbRzyrgmQW5CHtKCcv0BjGh6GfBjSeRIqjQvXNclgIF-cZ4QcYeF8juMn-yNxYrd6BNMeRKTTFiuuUQ3XQrIujPu99IXyrwz9je63LCJ4K73khib62RE93_96eIw3umACwzW-ZA2ZEOngyV19bGjut84cGNDDnPxDzUV1drx_eU3vFjmXj9CWrIfZPVRYtN34z4l49xz9lWRnxy47x0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCSs0GVIASZOC5D8fkx_APlvy9uAPJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2NjM3NTM0Njc5OTk1OTTIAQmpAmUyKe-Vw7E-4AIAqAMByAMCqgSIAk_QHBV5yLa5wqDyMfm-ZjscAXbIm4kbUI_y-WZgy6gFcX4DN25SyJbeFTwEot0Tnria8TolQmj5VR6GJCTAuiDaoKM57HkkYD1V7jTnyccn1YMDl14NsWJK3MnwG4l3F2FEBzzrMGYELG11vu6vwsyOWsvXO4O_sKyHEzU67JVZrEJWrn1SCXpKKxiAjE-ngin4F8JagL86ko9s24O7RyLXUieRa2zvps0y0jm4qBEwGR6hUzY9UN40sxiwVE7e5vJg2FP0SqMYl6YaBeRn5McFq9TEa58HZIaXk7yWQlbQ3aKz-zDqmq9yc3Loo4uk_cxAt-GB-pC8Gm0qpO5JeO_cfuhlqDr_-eAEAYAGg5SY49Ss1K1doAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0DFsJ9t4HclcN4W-y9GcYVadmMkw%26client%3Dca-pub-4663753467999594%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:35:00 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Sun, 10 Mar 2024 02:35:00 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame C441 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZBKAVAAD3OAIEfJHAA9-Fl13UQfuy8fbJs0VWg&u=%7CrBqHi6DA9DlhYDPnWGXsCORbq2qKSqNY3Pch%2F0Ow9jE%3D%7C&c1=YJ4X_nXZn4MS-Vyc1jpPlV4VTPO6xzWbMW9ePYRMUYXVfUoF4cAXWYg8h5DGKhCYavayMK6vuCSe5-sUe1T5akJaCqlgW0l1Z8nIARLKiu92QefvKI7HuQ4HHw_rT1jfSENlurgkp1YrCeutHG4sfADuBXC9QTGKhsCgAUwiAzn8mIekejftBO8JQqyu7I3cuENusM8YmpDWFTDNLAhFXkubc8IQuq-xtpTQCX-IMzhed1aKACCWKmxbJXmqfNlEvliIAEW_eTC0laefqUUCwD2vnhWNWi8w_ZU_7OhIj5g7gYRxasctYCKglMRsRaVDy1QU4WqznHLRLOnZQC0A0cvbCQyGJSlVYgaXyB0NGsyY0LIZhuZPa9ewnaUScF8FzOUfyIuHn6SAfamK7qT4jallhsK2N0Xgc-qlw8OC0v7UGMTcECHwP565fbRzyrgmQW5CHtKCcv0BjGh6GfBjSeRIqjQvXNclgIF-cZ4QcYeF8juMn-yNxYrd6BNMeRKTTFiuuUQ3XQrIujPu99IXyrwz9je63LCJ4K73khib62RE93_96eIw3umACwzW-ZA2ZEOngyV19bGjut84cGNDDnPxDzUV1drx_eU3vFjmXj9CWrIfZPVRYtN34z4l49xz9lWRnxy47x0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCSs0GVIASZOC5D8fkx_APlvy9uAPJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2NjM3NTM0Njc5OTk1OTTIAQmpAmUyKe-Vw7E-4AIAqAMByAMCqgSIAk_QHBV5yLa5wqDyMfm-ZjscAXbIm4kbUI_y-WZgy6gFcX4DN25SyJbeFTwEot0Tnria8TolQmj5VR6GJCTAuiDaoKM57HkkYD1V7jTnyccn1YMDl14NsWJK3MnwG4l3F2FEBzzrMGYELG11vu6vwsyOWsvXO4O_sKyHEzU67JVZrEJWrn1SCXpKKxiAjE-ngin4F8JagL86ko9s24O7RyLXUieRa2zvps0y0jm4qBEwGR6hUzY9UN40sxiwVE7e5vJg2FP0SqMYl6YaBeRn5McFq9TEa58HZIaXk7yWQlbQ3aKz-zDqmq9yc3Loo4uk_cxAt-GB-pC8Gm0qpO5JeO_cfuhlqDr_-eAEAYAGg5SY49Ss1K1doAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0DFsJ9t4HclcN4W-y9GcYVadmMkw%26client%3Dca-pub-4663753467999594%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:35:00 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Sun, 10 Mar 2024 02:35:00 GMT
lg.php
cat.nl3.eu.criteo.com/delivery/ Frame C441 		43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=bw5FwmJX4yU836fzqVANYDoZ1hMp0xCkNDfFLr3MZRj3JsOIa82AVN_Xx61NJyjdYN2EfaAe5qmg-MtAyPfAwoU24GpTTuZQUR3-e9ioQQoUk5BhNqEYvbAOR8n-iBYiYJfZB-m90ANNrS3_RIdSuFU76rNX_X4OLx3OH_c4DmoNL15cZy959aevmAkDgYK4_rEMsq9xMCVrsVeFzP3tpbnsl9B69Zgr9459LRajcMKWlB4VJNdRkberzADqkyBB5mYrbIX3PQlSChACFjmjGpITF7czm6mKfGiKWd7Md_BbTTJSQUgcXBaLvhpCs7HvKoThulLZaJ8gSHmy_Hkpc0hxjBoDq1srpP_YQTEm49PHAkCWYiM4PgLkc18s9jgZdoZEr5yBVpJzkmm4v-l__97V5oHX3NrBPa5TY7SFHGCuOEF25vI7lyg3OaPWdE1iZgoKAQ
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZBKAVAAD3OAIEfJHAA9-Fl13UQfuy8fbJs0VWg&u=%7CrBqHi6DA9DlhYDPnWGXsCORbq2qKSqNY3Pch%2F0Ow9jE%3D%7C&c1=YJ4X_nXZn4MS-Vyc1jpPlV4VTPO6xzWbMW9ePYRMUYXVfUoF4cAXWYg8h5DGKhCYavayMK6vuCSe5-sUe1T5akJaCqlgW0l1Z8nIARLKiu92QefvKI7HuQ4HHw_rT1jfSENlurgkp1YrCeutHG4sfADuBXC9QTGKhsCgAUwiAzn8mIekejftBO8JQqyu7I3cuENusM8YmpDWFTDNLAhFXkubc8IQuq-xtpTQCX-IMzhed1aKACCWKmxbJXmqfNlEvliIAEW_eTC0laefqUUCwD2vnhWNWi8w_ZU_7OhIj5g7gYRxasctYCKglMRsRaVDy1QU4WqznHLRLOnZQC0A0cvbCQyGJSlVYgaXyB0NGsyY0LIZhuZPa9ewnaUScF8FzOUfyIuHn6SAfamK7qT4jallhsK2N0Xgc-qlw8OC0v7UGMTcECHwP565fbRzyrgmQW5CHtKCcv0BjGh6GfBjSeRIqjQvXNclgIF-cZ4QcYeF8juMn-yNxYrd6BNMeRKTTFiuuUQ3XQrIujPu99IXyrwz9je63LCJ4K73khib62RE93_96eIw3umACwzW-ZA2ZEOngyV19bGjut84cGNDDnPxDzUV1drx_eU3vFjmXj9CWrIfZPVRYtN34z4l49xz9lWRnxy47x0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCSs0GVIASZOC5D8fkx_APlvy9uAPJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2NjM3NTM0Njc5OTk1OTTIAQmpAmUyKe-Vw7E-4AIAqAMByAMCqgSIAk_QHBV5yLa5wqDyMfm-ZjscAXbIm4kbUI_y-WZgy6gFcX4DN25SyJbeFTwEot0Tnria8TolQmj5VR6GJCTAuiDaoKM57HkkYD1V7jTnyccn1YMDl14NsWJK3MnwG4l3F2FEBzzrMGYELG11vu6vwsyOWsvXO4O_sKyHEzU67JVZrEJWrn1SCXpKKxiAjE-ngin4F8JagL86ko9s24O7RyLXUieRa2zvps0y0jm4qBEwGR6hUzY9UN40sxiwVE7e5vJg2FP0SqMYl6YaBeRn5McFq9TEa58HZIaXk7yWQlbQ3aKz-zDqmq9yc3Loo4uk_cxAt-GB-pC8Gm0qpO5JeO_cfuhlqDr_-eAEAYAGg5SY49Ss1K1doAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0DFsJ9t4HclcN4W-y9GcYVadmMkw%26client%3Dca-pub-4663753467999594%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Mar 2023 02:35:00 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1749195
expires
Mon, 26 Jul 1997 05:00:00 GMT
webfontloader.js
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame C441 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZBKAVAAD3OAIEfJHAA9-Fl13UQfuy8fbJs0VWg&u=%7CrBqHi6DA9DlhYDPnWGXsCORbq2qKSqNY3Pch%2F0Ow9jE%3D%7C&c1=YJ4X_nXZn4MS-Vyc1jpPlV4VTPO6xzWbMW9ePYRMUYXVfUoF4cAXWYg8h5DGKhCYavayMK6vuCSe5-sUe1T5akJaCqlgW0l1Z8nIARLKiu92QefvKI7HuQ4HHw_rT1jfSENlurgkp1YrCeutHG4sfADuBXC9QTGKhsCgAUwiAzn8mIekejftBO8JQqyu7I3cuENusM8YmpDWFTDNLAhFXkubc8IQuq-xtpTQCX-IMzhed1aKACCWKmxbJXmqfNlEvliIAEW_eTC0laefqUUCwD2vnhWNWi8w_ZU_7OhIj5g7gYRxasctYCKglMRsRaVDy1QU4WqznHLRLOnZQC0A0cvbCQyGJSlVYgaXyB0NGsyY0LIZhuZPa9ewnaUScF8FzOUfyIuHn6SAfamK7qT4jallhsK2N0Xgc-qlw8OC0v7UGMTcECHwP565fbRzyrgmQW5CHtKCcv0BjGh6GfBjSeRIqjQvXNclgIF-cZ4QcYeF8juMn-yNxYrd6BNMeRKTTFiuuUQ3XQrIujPu99IXyrwz9je63LCJ4K73khib62RE93_96eIw3umACwzW-ZA2ZEOngyV19bGjut84cGNDDnPxDzUV1drx_eU3vFjmXj9CWrIfZPVRYtN34z4l49xz9lWRnxy47x0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCSs0GVIASZOC5D8fkx_APlvy9uAPJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2NjM3NTM0Njc5OTk1OTTIAQmpAmUyKe-Vw7E-4AIAqAMByAMCqgSIAk_QHBV5yLa5wqDyMfm-ZjscAXbIm4kbUI_y-WZgy6gFcX4DN25SyJbeFTwEot0Tnria8TolQmj5VR6GJCTAuiDaoKM57HkkYD1V7jTnyccn1YMDl14NsWJK3MnwG4l3F2FEBzzrMGYELG11vu6vwsyOWsvXO4O_sKyHEzU67JVZrEJWrn1SCXpKKxiAjE-ngin4F8JagL86ko9s24O7RyLXUieRa2zvps0y0jm4qBEwGR6hUzY9UN40sxiwVE7e5vJg2FP0SqMYl6YaBeRn5McFq9TEa58HZIaXk7yWQlbQ3aKz-zDqmq9yc3Loo4uk_cxAt-GB-pC8Gm0qpO5JeO_cfuhlqDr_-eAEAYAGg5SY49Ss1K1doAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0DFsJ9t4HclcN4W-y9GcYVadmMkw%26client%3Dca-pub-4663753467999594%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:35:00 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
533532
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4420
last-modified
Mon, 04 May 2020 16:17:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04030-30d9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dOeigteDYc52zXLFhqFQDp5Dqrx%2FRkBDk3ehfcnGxALBZnDjX4rvWM6OwvQ6tKfp3woD7BoK%2BH7TNhNDI%2FKUjbCHiYfkN0zEz4TKnRm%2BDGjONiI2xXcoh1TYO%2Fl%2BhQKOlha9vN7niPDz9VL42YeisJZY"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7a8999b1cb929b4f-FRA
expires
Tue, 05 Mar 2024 02:35:00 GMT
animejs.js
static.criteo.net/animejs/ Frame C441 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZBKAVAAD3OAIEfJHAA9-Fl13UQfuy8fbJs0VWg&u=%7CrBqHi6DA9DlhYDPnWGXsCORbq2qKSqNY3Pch%2F0Ow9jE%3D%7C&c1=YJ4X_nXZn4MS-Vyc1jpPlV4VTPO6xzWbMW9ePYRMUYXVfUoF4cAXWYg8h5DGKhCYavayMK6vuCSe5-sUe1T5akJaCqlgW0l1Z8nIARLKiu92QefvKI7HuQ4HHw_rT1jfSENlurgkp1YrCeutHG4sfADuBXC9QTGKhsCgAUwiAzn8mIekejftBO8JQqyu7I3cuENusM8YmpDWFTDNLAhFXkubc8IQuq-xtpTQCX-IMzhed1aKACCWKmxbJXmqfNlEvliIAEW_eTC0laefqUUCwD2vnhWNWi8w_ZU_7OhIj5g7gYRxasctYCKglMRsRaVDy1QU4WqznHLRLOnZQC0A0cvbCQyGJSlVYgaXyB0NGsyY0LIZhuZPa9ewnaUScF8FzOUfyIuHn6SAfamK7qT4jallhsK2N0Xgc-qlw8OC0v7UGMTcECHwP565fbRzyrgmQW5CHtKCcv0BjGh6GfBjSeRIqjQvXNclgIF-cZ4QcYeF8juMn-yNxYrd6BNMeRKTTFiuuUQ3XQrIujPu99IXyrwz9je63LCJ4K73khib62RE93_96eIw3umACwzW-ZA2ZEOngyV19bGjut84cGNDDnPxDzUV1drx_eU3vFjmXj9CWrIfZPVRYtN34z4l49xz9lWRnxy47x0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCSs0GVIASZOC5D8fkx_APlvy9uAPJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2NjM3NTM0Njc5OTk1OTTIAQmpAmUyKe-Vw7E-4AIAqAMByAMCqgSIAk_QHBV5yLa5wqDyMfm-ZjscAXbIm4kbUI_y-WZgy6gFcX4DN25SyJbeFTwEot0Tnria8TolQmj5VR6GJCTAuiDaoKM57HkkYD1V7jTnyccn1YMDl14NsWJK3MnwG4l3F2FEBzzrMGYELG11vu6vwsyOWsvXO4O_sKyHEzU67JVZrEJWrn1SCXpKKxiAjE-ngin4F8JagL86ko9s24O7RyLXUieRa2zvps0y0jm4qBEwGR6hUzY9UN40sxiwVE7e5vJg2FP0SqMYl6YaBeRn5McFq9TEa58HZIaXk7yWQlbQ3aKz-zDqmq9yc3Loo4uk_cxAt-GB-pC8Gm0qpO5JeO_cfuhlqDr_-eAEAYAGg5SY49Ss1K1doAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0DFsJ9t4HclcN4W-y9GcYVadmMkw%26client%3Dca-pub-4663753467999594%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:35:00 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 10 Mar 2024 02:35:00 GMT
9af63da692984f7884d89dad36906685_makeitsans-bold.woff
static.criteo.net/design/dt/ Frame C441 		58 KB
58 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/dt/9af63da692984f7884d89dad36906685_makeitsans-bold.woff
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZBKAVAAD3OAIEfJHAA9-Fl13UQfuy8fbJs0VWg&u=%7CrBqHi6DA9DlhYDPnWGXsCORbq2qKSqNY3Pch%2F0Ow9jE%3D%7C&c1=YJ4X_nXZn4MS-Vyc1jpPlV4VTPO6xzWbMW9ePYRMUYXVfUoF4cAXWYg8h5DGKhCYavayMK6vuCSe5-sUe1T5akJaCqlgW0l1Z8nIARLKiu92QefvKI7HuQ4HHw_rT1jfSENlurgkp1YrCeutHG4sfADuBXC9QTGKhsCgAUwiAzn8mIekejftBO8JQqyu7I3cuENusM8YmpDWFTDNLAhFXkubc8IQuq-xtpTQCX-IMzhed1aKACCWKmxbJXmqfNlEvliIAEW_eTC0laefqUUCwD2vnhWNWi8w_ZU_7OhIj5g7gYRxasctYCKglMRsRaVDy1QU4WqznHLRLOnZQC0A0cvbCQyGJSlVYgaXyB0NGsyY0LIZhuZPa9ewnaUScF8FzOUfyIuHn6SAfamK7qT4jallhsK2N0Xgc-qlw8OC0v7UGMTcECHwP565fbRzyrgmQW5CHtKCcv0BjGh6GfBjSeRIqjQvXNclgIF-cZ4QcYeF8juMn-yNxYrd6BNMeRKTTFiuuUQ3XQrIujPu99IXyrwz9je63LCJ4K73khib62RE93_96eIw3umACwzW-ZA2ZEOngyV19bGjut84cGNDDnPxDzUV1drx_eU3vFjmXj9CWrIfZPVRYtN34z4l49xz9lWRnxy47x0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCSs0GVIASZOC5D8fkx_APlvy9uAPJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2NjM3NTM0Njc5OTk1OTTIAQmpAmUyKe-Vw7E-4AIAqAMByAMCqgSIAk_QHBV5yLa5wqDyMfm-ZjscAXbIm4kbUI_y-WZgy6gFcX4DN25SyJbeFTwEot0Tnria8TolQmj5VR6GJCTAuiDaoKM57HkkYD1V7jTnyccn1YMDl14NsWJK3MnwG4l3F2FEBzzrMGYELG11vu6vwsyOWsvXO4O_sKyHEzU67JVZrEJWrn1SCXpKKxiAjE-ngin4F8JagL86ko9s24O7RyLXUieRa2zvps0y0jm4qBEwGR6hUzY9UN40sxiwVE7e5vJg2FP0SqMYl6YaBeRn5McFq9TEa58HZIaXk7yWQlbQ3aKz-zDqmq9yc3Loo4uk_cxAt-GB-pC8Gm0qpO5JeO_cfuhlqDr_-eAEAYAGg5SY49Ss1K1doAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0DFsJ9t4HclcN4W-y9GcYVadmMkw%26client%3Dca-pub-4663753467999594%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
ebb2026eba76b777cd1cc6d694a4609324304eeb1129a9fe0fb5a616590cc3ee
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
Origin
https://ads.eu.criteo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:35:00 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 05 Feb 2020 10:30:18 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e3a993a-e7e4"
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 10 Mar 2024 02:35:00 GMT
bb3faf863f1b470cb6abbfbf9cd4e6c1_makeitsans-regular.woff
static.criteo.net/design/dt/ Frame C441 		56 KB
56 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/dt/bb3faf863f1b470cb6abbfbf9cd4e6c1_makeitsans-regular.woff
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZBKAVAAD3OAIEfJHAA9-Fl13UQfuy8fbJs0VWg&u=%7CrBqHi6DA9DlhYDPnWGXsCORbq2qKSqNY3Pch%2F0Ow9jE%3D%7C&c1=YJ4X_nXZn4MS-Vyc1jpPlV4VTPO6xzWbMW9ePYRMUYXVfUoF4cAXWYg8h5DGKhCYavayMK6vuCSe5-sUe1T5akJaCqlgW0l1Z8nIARLKiu92QefvKI7HuQ4HHw_rT1jfSENlurgkp1YrCeutHG4sfADuBXC9QTGKhsCgAUwiAzn8mIekejftBO8JQqyu7I3cuENusM8YmpDWFTDNLAhFXkubc8IQuq-xtpTQCX-IMzhed1aKACCWKmxbJXmqfNlEvliIAEW_eTC0laefqUUCwD2vnhWNWi8w_ZU_7OhIj5g7gYRxasctYCKglMRsRaVDy1QU4WqznHLRLOnZQC0A0cvbCQyGJSlVYgaXyB0NGsyY0LIZhuZPa9ewnaUScF8FzOUfyIuHn6SAfamK7qT4jallhsK2N0Xgc-qlw8OC0v7UGMTcECHwP565fbRzyrgmQW5CHtKCcv0BjGh6GfBjSeRIqjQvXNclgIF-cZ4QcYeF8juMn-yNxYrd6BNMeRKTTFiuuUQ3XQrIujPu99IXyrwz9je63LCJ4K73khib62RE93_96eIw3umACwzW-ZA2ZEOngyV19bGjut84cGNDDnPxDzUV1drx_eU3vFjmXj9CWrIfZPVRYtN34z4l49xz9lWRnxy47x0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCSs0GVIASZOC5D8fkx_APlvy9uAPJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2NjM3NTM0Njc5OTk1OTTIAQmpAmUyKe-Vw7E-4AIAqAMByAMCqgSIAk_QHBV5yLa5wqDyMfm-ZjscAXbIm4kbUI_y-WZgy6gFcX4DN25SyJbeFTwEot0Tnria8TolQmj5VR6GJCTAuiDaoKM57HkkYD1V7jTnyccn1YMDl14NsWJK3MnwG4l3F2FEBzzrMGYELG11vu6vwsyOWsvXO4O_sKyHEzU67JVZrEJWrn1SCXpKKxiAjE-ngin4F8JagL86ko9s24O7RyLXUieRa2zvps0y0jm4qBEwGR6hUzY9UN40sxiwVE7e5vJg2FP0SqMYl6YaBeRn5McFq9TEa58HZIaXk7yWQlbQ3aKz-zDqmq9yc3Loo4uk_cxAt-GB-pC8Gm0qpO5JeO_cfuhlqDr_-eAEAYAGg5SY49Ss1K1doAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0DFsJ9t4HclcN4W-y9GcYVadmMkw%26client%3Dca-pub-4663753467999594%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
09fe7be89711f0dc0ba47ab8a1a1865df7b660a1f1359d29c4c3445683d2f61f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
Origin
https://ads.eu.criteo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:35:00 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 05 Feb 2020 10:30:18 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e3a993a-de74"
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 10 Mar 2024 02:35:00 GMT
img
pix.eu.criteo.net/img/ Frame C441 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?h=496&m=0&partner=2000&q=80&r=0&u=http%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F2000%2F200316%2Fc7db8369314c442a8dd94287a8ff8fb8_square.png&v=3&w=356&s=_YNTJvzvcO4UEwGGmdBc2Nz6
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZBKAVAAD3OAIEfJHAA9-Fl13UQfuy8fbJs0VWg&u=%7CrBqHi6DA9DlhYDPnWGXsCORbq2qKSqNY3Pch%2F0Ow9jE%3D%7C&c1=YJ4X_nXZn4MS-Vyc1jpPlV4VTPO6xzWbMW9ePYRMUYXVfUoF4cAXWYg8h5DGKhCYavayMK6vuCSe5-sUe1T5akJaCqlgW0l1Z8nIARLKiu92QefvKI7HuQ4HHw_rT1jfSENlurgkp1YrCeutHG4sfADuBXC9QTGKhsCgAUwiAzn8mIekejftBO8JQqyu7I3cuENusM8YmpDWFTDNLAhFXkubc8IQuq-xtpTQCX-IMzhed1aKACCWKmxbJXmqfNlEvliIAEW_eTC0laefqUUCwD2vnhWNWi8w_ZU_7OhIj5g7gYRxasctYCKglMRsRaVDy1QU4WqznHLRLOnZQC0A0cvbCQyGJSlVYgaXyB0NGsyY0LIZhuZPa9ewnaUScF8FzOUfyIuHn6SAfamK7qT4jallhsK2N0Xgc-qlw8OC0v7UGMTcECHwP565fbRzyrgmQW5CHtKCcv0BjGh6GfBjSeRIqjQvXNclgIF-cZ4QcYeF8juMn-yNxYrd6BNMeRKTTFiuuUQ3XQrIujPu99IXyrwz9je63LCJ4K73khib62RE93_96eIw3umACwzW-ZA2ZEOngyV19bGjut84cGNDDnPxDzUV1drx_eU3vFjmXj9CWrIfZPVRYtN34z4l49xz9lWRnxy47x0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCSs0GVIASZOC5D8fkx_APlvy9uAPJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2NjM3NTM0Njc5OTk1OTTIAQmpAmUyKe-Vw7E-4AIAqAMByAMCqgSIAk_QHBV5yLa5wqDyMfm-ZjscAXbIm4kbUI_y-WZgy6gFcX4DN25SyJbeFTwEot0Tnria8TolQmj5VR6GJCTAuiDaoKM57HkkYD1V7jTnyccn1YMDl14NsWJK3MnwG4l3F2FEBzzrMGYELG11vu6vwsyOWsvXO4O_sKyHEzU67JVZrEJWrn1SCXpKKxiAjE-ngin4F8JagL86ko9s24O7RyLXUieRa2zvps0y0jm4qBEwGR6hUzY9UN40sxiwVE7e5vJg2FP0SqMYl6YaBeRn5McFq9TEa58HZIaXk7yWQlbQ3aKz-zDqmq9yc3Loo4uk_cxAt-GB-pC8Gm0qpO5JeO_cfuhlqDr_-eAEAYAGg5SY49Ss1K1doAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0DFsJ9t4HclcN4W-y9GcYVadmMkw%26client%3Dca-pub-4663753467999594%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
a6a2bbb25e35a3caadefa56c84d28b9ef2b2a4bd2c69b6d745a0a77e78a0806c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:34:59 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=28623688
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
24954
expires
Sat, 10 Feb 2024 09:36:29 GMT
img
pix.eu.criteo.net/img/ Frame C441 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2000&q=80&r=0&u=https%3A%2F%2Fprod.pictures.autoscout24.net%2Flisting-images%2F0d37489e-2e2c-4c85-b980-4ef75b6ad078_1a37162f-3393-4117-9434-01579750c358.jpg%2F1280x960.jpg&v=3&w=400&s=zS_uPWE6w5KtLWmmLdVV-_V8&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZBKAVAAD3OAIEfJHAA9-Fl13UQfuy8fbJs0VWg&u=%7CrBqHi6DA9DlhYDPnWGXsCORbq2qKSqNY3Pch%2F0Ow9jE%3D%7C&c1=YJ4X_nXZn4MS-Vyc1jpPlV4VTPO6xzWbMW9ePYRMUYXVfUoF4cAXWYg8h5DGKhCYavayMK6vuCSe5-sUe1T5akJaCqlgW0l1Z8nIARLKiu92QefvKI7HuQ4HHw_rT1jfSENlurgkp1YrCeutHG4sfADuBXC9QTGKhsCgAUwiAzn8mIekejftBO8JQqyu7I3cuENusM8YmpDWFTDNLAhFXkubc8IQuq-xtpTQCX-IMzhed1aKACCWKmxbJXmqfNlEvliIAEW_eTC0laefqUUCwD2vnhWNWi8w_ZU_7OhIj5g7gYRxasctYCKglMRsRaVDy1QU4WqznHLRLOnZQC0A0cvbCQyGJSlVYgaXyB0NGsyY0LIZhuZPa9ewnaUScF8FzOUfyIuHn6SAfamK7qT4jallhsK2N0Xgc-qlw8OC0v7UGMTcECHwP565fbRzyrgmQW5CHtKCcv0BjGh6GfBjSeRIqjQvXNclgIF-cZ4QcYeF8juMn-yNxYrd6BNMeRKTTFiuuUQ3XQrIujPu99IXyrwz9je63LCJ4K73khib62RE93_96eIw3umACwzW-ZA2ZEOngyV19bGjut84cGNDDnPxDzUV1drx_eU3vFjmXj9CWrIfZPVRYtN34z4l49xz9lWRnxy47x0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCSs0GVIASZOC5D8fkx_APlvy9uAPJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2NjM3NTM0Njc5OTk1OTTIAQmpAmUyKe-Vw7E-4AIAqAMByAMCqgSIAk_QHBV5yLa5wqDyMfm-ZjscAXbIm4kbUI_y-WZgy6gFcX4DN25SyJbeFTwEot0Tnria8TolQmj5VR6GJCTAuiDaoKM57HkkYD1V7jTnyccn1YMDl14NsWJK3MnwG4l3F2FEBzzrMGYELG11vu6vwsyOWsvXO4O_sKyHEzU67JVZrEJWrn1SCXpKKxiAjE-ngin4F8JagL86ko9s24O7RyLXUieRa2zvps0y0jm4qBEwGR6hUzY9UN40sxiwVE7e5vJg2FP0SqMYl6YaBeRn5McFq9TEa58HZIaXk7yWQlbQ3aKz-zDqmq9yc3Loo4uk_cxAt-GB-pC8Gm0qpO5JeO_cfuhlqDr_-eAEAYAGg5SY49Ss1K1doAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0DFsJ9t4HclcN4W-y9GcYVadmMkw%26client%3Dca-pub-4663753467999594%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
b1940fa752525b29f1c1f709644e86ac309221bf851fd91bae1400650ad2653a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:35:00 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=540067
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
23394
expires
Wed, 22 Mar 2023 08:36:07 GMT
img
pix.eu.criteo.net/img/ Frame C441 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2000&q=80&r=0&u=https%3A%2F%2Fprod.pictures.autoscout24.net%2Flisting-images%2F83d32fcc-3557-478b-91e7-b29c5ddd5970_a126c953-90d7-4ab5-ab7e-21473d328ec8.jpg%2F1280x960.jpg&v=3&w=400&s=Kck8HLpazJ3tCFT5Qzgihonr&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZBKAVAAD3OAIEfJHAA9-Fl13UQfuy8fbJs0VWg&u=%7CrBqHi6DA9DlhYDPnWGXsCORbq2qKSqNY3Pch%2F0Ow9jE%3D%7C&c1=YJ4X_nXZn4MS-Vyc1jpPlV4VTPO6xzWbMW9ePYRMUYXVfUoF4cAXWYg8h5DGKhCYavayMK6vuCSe5-sUe1T5akJaCqlgW0l1Z8nIARLKiu92QefvKI7HuQ4HHw_rT1jfSENlurgkp1YrCeutHG4sfADuBXC9QTGKhsCgAUwiAzn8mIekejftBO8JQqyu7I3cuENusM8YmpDWFTDNLAhFXkubc8IQuq-xtpTQCX-IMzhed1aKACCWKmxbJXmqfNlEvliIAEW_eTC0laefqUUCwD2vnhWNWi8w_ZU_7OhIj5g7gYRxasctYCKglMRsRaVDy1QU4WqznHLRLOnZQC0A0cvbCQyGJSlVYgaXyB0NGsyY0LIZhuZPa9ewnaUScF8FzOUfyIuHn6SAfamK7qT4jallhsK2N0Xgc-qlw8OC0v7UGMTcECHwP565fbRzyrgmQW5CHtKCcv0BjGh6GfBjSeRIqjQvXNclgIF-cZ4QcYeF8juMn-yNxYrd6BNMeRKTTFiuuUQ3XQrIujPu99IXyrwz9je63LCJ4K73khib62RE93_96eIw3umACwzW-ZA2ZEOngyV19bGjut84cGNDDnPxDzUV1drx_eU3vFjmXj9CWrIfZPVRYtN34z4l49xz9lWRnxy47x0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCSs0GVIASZOC5D8fkx_APlvy9uAPJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2NjM3NTM0Njc5OTk1OTTIAQmpAmUyKe-Vw7E-4AIAqAMByAMCqgSIAk_QHBV5yLa5wqDyMfm-ZjscAXbIm4kbUI_y-WZgy6gFcX4DN25SyJbeFTwEot0Tnria8TolQmj5VR6GJCTAuiDaoKM57HkkYD1V7jTnyccn1YMDl14NsWJK3MnwG4l3F2FEBzzrMGYELG11vu6vwsyOWsvXO4O_sKyHEzU67JVZrEJWrn1SCXpKKxiAjE-ngin4F8JagL86ko9s24O7RyLXUieRa2zvps0y0jm4qBEwGR6hUzY9UN40sxiwVE7e5vJg2FP0SqMYl6YaBeRn5McFq9TEa58HZIaXk7yWQlbQ3aKz-zDqmq9yc3Loo4uk_cxAt-GB-pC8Gm0qpO5JeO_cfuhlqDr_-eAEAYAGg5SY49Ss1K1doAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0DFsJ9t4HclcN4W-y9GcYVadmMkw%26client%3Dca-pub-4663753467999594%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
2c7c9de844651cf98bef2eddd7dbdd5655297e226a2e1c43d2db4750eb4d3166
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:35:00 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=539983
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
39002
expires
Wed, 22 Mar 2023 08:34:44 GMT
img
pix.eu.criteo.net/img/ Frame C441 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2000&q=80&r=0&u=https%3A%2F%2Fprod.pictures.autoscout24.net%2Flisting-images%2F3b100d53-451e-48f3-a766-f09a4df351dc_ea9a9ae9-4b4f-433c-ae40-409e2ac5819f.jpg%2F1280x960.jpg&v=3&w=400&s=3o-XjctVwcdgY88pTNXhXF7o&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZBKAVAAD3OAIEfJHAA9-Fl13UQfuy8fbJs0VWg&u=%7CrBqHi6DA9DlhYDPnWGXsCORbq2qKSqNY3Pch%2F0Ow9jE%3D%7C&c1=YJ4X_nXZn4MS-Vyc1jpPlV4VTPO6xzWbMW9ePYRMUYXVfUoF4cAXWYg8h5DGKhCYavayMK6vuCSe5-sUe1T5akJaCqlgW0l1Z8nIARLKiu92QefvKI7HuQ4HHw_rT1jfSENlurgkp1YrCeutHG4sfADuBXC9QTGKhsCgAUwiAzn8mIekejftBO8JQqyu7I3cuENusM8YmpDWFTDNLAhFXkubc8IQuq-xtpTQCX-IMzhed1aKACCWKmxbJXmqfNlEvliIAEW_eTC0laefqUUCwD2vnhWNWi8w_ZU_7OhIj5g7gYRxasctYCKglMRsRaVDy1QU4WqznHLRLOnZQC0A0cvbCQyGJSlVYgaXyB0NGsyY0LIZhuZPa9ewnaUScF8FzOUfyIuHn6SAfamK7qT4jallhsK2N0Xgc-qlw8OC0v7UGMTcECHwP565fbRzyrgmQW5CHtKCcv0BjGh6GfBjSeRIqjQvXNclgIF-cZ4QcYeF8juMn-yNxYrd6BNMeRKTTFiuuUQ3XQrIujPu99IXyrwz9je63LCJ4K73khib62RE93_96eIw3umACwzW-ZA2ZEOngyV19bGjut84cGNDDnPxDzUV1drx_eU3vFjmXj9CWrIfZPVRYtN34z4l49xz9lWRnxy47x0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCSs0GVIASZOC5D8fkx_APlvy9uAPJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2NjM3NTM0Njc5OTk1OTTIAQmpAmUyKe-Vw7E-4AIAqAMByAMCqgSIAk_QHBV5yLa5wqDyMfm-ZjscAXbIm4kbUI_y-WZgy6gFcX4DN25SyJbeFTwEot0Tnria8TolQmj5VR6GJCTAuiDaoKM57HkkYD1V7jTnyccn1YMDl14NsWJK3MnwG4l3F2FEBzzrMGYELG11vu6vwsyOWsvXO4O_sKyHEzU67JVZrEJWrn1SCXpKKxiAjE-ngin4F8JagL86ko9s24O7RyLXUieRa2zvps0y0jm4qBEwGR6hUzY9UN40sxiwVE7e5vJg2FP0SqMYl6YaBeRn5McFq9TEa58HZIaXk7yWQlbQ3aKz-zDqmq9yc3Loo4uk_cxAt-GB-pC8Gm0qpO5JeO_cfuhlqDr_-eAEAYAGg5SY49Ss1K1doAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0DFsJ9t4HclcN4W-y9GcYVadmMkw%26client%3Dca-pub-4663753467999594%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
9c76b3793e27d16ff6f28246b56c13f12afd0fe4d82d86fb76c94bf0b6065634
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:35:00 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=541259
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
17762
expires
Wed, 22 Mar 2023 08:56:00 GMT
img
pix.eu.criteo.net/img/ Frame C441 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2000&q=80&r=0&u=https%3A%2F%2Fprod.pictures.autoscout24.net%2Flisting-images%2F5a992c0c-56d6-4b3b-b9c6-1452fa637a5e_ae09bf90-cf19-4e7c-b1dd-fbe1bcb63897.jpg%2F1280x960.jpg&v=3&w=400&s=Dv6rZRkG1x9XrNT4UowhujhW&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZBKAVAAD3OAIEfJHAA9-Fl13UQfuy8fbJs0VWg&u=%7CrBqHi6DA9DlhYDPnWGXsCORbq2qKSqNY3Pch%2F0Ow9jE%3D%7C&c1=YJ4X_nXZn4MS-Vyc1jpPlV4VTPO6xzWbMW9ePYRMUYXVfUoF4cAXWYg8h5DGKhCYavayMK6vuCSe5-sUe1T5akJaCqlgW0l1Z8nIARLKiu92QefvKI7HuQ4HHw_rT1jfSENlurgkp1YrCeutHG4sfADuBXC9QTGKhsCgAUwiAzn8mIekejftBO8JQqyu7I3cuENusM8YmpDWFTDNLAhFXkubc8IQuq-xtpTQCX-IMzhed1aKACCWKmxbJXmqfNlEvliIAEW_eTC0laefqUUCwD2vnhWNWi8w_ZU_7OhIj5g7gYRxasctYCKglMRsRaVDy1QU4WqznHLRLOnZQC0A0cvbCQyGJSlVYgaXyB0NGsyY0LIZhuZPa9ewnaUScF8FzOUfyIuHn6SAfamK7qT4jallhsK2N0Xgc-qlw8OC0v7UGMTcECHwP565fbRzyrgmQW5CHtKCcv0BjGh6GfBjSeRIqjQvXNclgIF-cZ4QcYeF8juMn-yNxYrd6BNMeRKTTFiuuUQ3XQrIujPu99IXyrwz9je63LCJ4K73khib62RE93_96eIw3umACwzW-ZA2ZEOngyV19bGjut84cGNDDnPxDzUV1drx_eU3vFjmXj9CWrIfZPVRYtN34z4l49xz9lWRnxy47x0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCSs0GVIASZOC5D8fkx_APlvy9uAPJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2NjM3NTM0Njc5OTk1OTTIAQmpAmUyKe-Vw7E-4AIAqAMByAMCqgSIAk_QHBV5yLa5wqDyMfm-ZjscAXbIm4kbUI_y-WZgy6gFcX4DN25SyJbeFTwEot0Tnria8TolQmj5VR6GJCTAuiDaoKM57HkkYD1V7jTnyccn1YMDl14NsWJK3MnwG4l3F2FEBzzrMGYELG11vu6vwsyOWsvXO4O_sKyHEzU67JVZrEJWrn1SCXpKKxiAjE-ngin4F8JagL86ko9s24O7RyLXUieRa2zvps0y0jm4qBEwGR6hUzY9UN40sxiwVE7e5vJg2FP0SqMYl6YaBeRn5McFq9TEa58HZIaXk7yWQlbQ3aKz-zDqmq9yc3Loo4uk_cxAt-GB-pC8Gm0qpO5JeO_cfuhlqDr_-eAEAYAGg5SY49Ss1K1doAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0DFsJ9t4HclcN4W-y9GcYVadmMkw%26client%3Dca-pub-4663753467999594%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
c2f0f360264e24fa97330d99cb63e4ec313fbcf66727a2626ad94688ad0110fb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:35:00 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=540043
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
36412
expires
Wed, 22 Mar 2023 08:35:43 GMT
img
pix.eu.criteo.net/img/ Frame C441 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2000&q=80&r=0&u=https%3A%2F%2Fprod.pictures.autoscout24.net%2Flisting-images%2Fc67efc99-4c6e-4111-9cd3-cdd78742c13c_c1a8c2c7-fde9-48b5-94a0-d74b7929d25f.jpg%2F1280x960.jpg&v=3&w=400&s=alQll0vEgbyskhyhT1hUBa3d&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZBKAVAAD3OAIEfJHAA9-Fl13UQfuy8fbJs0VWg&u=%7CrBqHi6DA9DlhYDPnWGXsCORbq2qKSqNY3Pch%2F0Ow9jE%3D%7C&c1=YJ4X_nXZn4MS-Vyc1jpPlV4VTPO6xzWbMW9ePYRMUYXVfUoF4cAXWYg8h5DGKhCYavayMK6vuCSe5-sUe1T5akJaCqlgW0l1Z8nIARLKiu92QefvKI7HuQ4HHw_rT1jfSENlurgkp1YrCeutHG4sfADuBXC9QTGKhsCgAUwiAzn8mIekejftBO8JQqyu7I3cuENusM8YmpDWFTDNLAhFXkubc8IQuq-xtpTQCX-IMzhed1aKACCWKmxbJXmqfNlEvliIAEW_eTC0laefqUUCwD2vnhWNWi8w_ZU_7OhIj5g7gYRxasctYCKglMRsRaVDy1QU4WqznHLRLOnZQC0A0cvbCQyGJSlVYgaXyB0NGsyY0LIZhuZPa9ewnaUScF8FzOUfyIuHn6SAfamK7qT4jallhsK2N0Xgc-qlw8OC0v7UGMTcECHwP565fbRzyrgmQW5CHtKCcv0BjGh6GfBjSeRIqjQvXNclgIF-cZ4QcYeF8juMn-yNxYrd6BNMeRKTTFiuuUQ3XQrIujPu99IXyrwz9je63LCJ4K73khib62RE93_96eIw3umACwzW-ZA2ZEOngyV19bGjut84cGNDDnPxDzUV1drx_eU3vFjmXj9CWrIfZPVRYtN34z4l49xz9lWRnxy47x0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCSs0GVIASZOC5D8fkx_APlvy9uAPJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2NjM3NTM0Njc5OTk1OTTIAQmpAmUyKe-Vw7E-4AIAqAMByAMCqgSIAk_QHBV5yLa5wqDyMfm-ZjscAXbIm4kbUI_y-WZgy6gFcX4DN25SyJbeFTwEot0Tnria8TolQmj5VR6GJCTAuiDaoKM57HkkYD1V7jTnyccn1YMDl14NsWJK3MnwG4l3F2FEBzzrMGYELG11vu6vwsyOWsvXO4O_sKyHEzU67JVZrEJWrn1SCXpKKxiAjE-ngin4F8JagL86ko9s24O7RyLXUieRa2zvps0y0jm4qBEwGR6hUzY9UN40sxiwVE7e5vJg2FP0SqMYl6YaBeRn5McFq9TEa58HZIaXk7yWQlbQ3aKz-zDqmq9yc3Loo4uk_cxAt-GB-pC8Gm0qpO5JeO_cfuhlqDr_-eAEAYAGg5SY49Ss1K1doAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0DFsJ9t4HclcN4W-y9GcYVadmMkw%26client%3Dca-pub-4663753467999594%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
b7aad2d168e74941373b0e6e18c7d95ed205dfdd5421d729212459e148b3514f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:35:00 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=708204
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
13364
expires
Fri, 24 Mar 2023 07:18:25 GMT
img
pix.eu.criteo.net/img/ Frame C441 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2000&q=80&r=0&u=https%3A%2F%2Fprod.pictures.autoscout24.net%2Flisting-images%2Fc28c0c96-ac26-4540-8fcf-bb1f497eb406_252e7c39-21ac-4f71-a287-f7edeb7c163a.jpg%2F1280x960.jpg&v=3&w=400&s=iR1MPzlasMmPYEwZY27G20v5&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZBKAVAAD3OAIEfJHAA9-Fl13UQfuy8fbJs0VWg&u=%7CrBqHi6DA9DlhYDPnWGXsCORbq2qKSqNY3Pch%2F0Ow9jE%3D%7C&c1=YJ4X_nXZn4MS-Vyc1jpPlV4VTPO6xzWbMW9ePYRMUYXVfUoF4cAXWYg8h5DGKhCYavayMK6vuCSe5-sUe1T5akJaCqlgW0l1Z8nIARLKiu92QefvKI7HuQ4HHw_rT1jfSENlurgkp1YrCeutHG4sfADuBXC9QTGKhsCgAUwiAzn8mIekejftBO8JQqyu7I3cuENusM8YmpDWFTDNLAhFXkubc8IQuq-xtpTQCX-IMzhed1aKACCWKmxbJXmqfNlEvliIAEW_eTC0laefqUUCwD2vnhWNWi8w_ZU_7OhIj5g7gYRxasctYCKglMRsRaVDy1QU4WqznHLRLOnZQC0A0cvbCQyGJSlVYgaXyB0NGsyY0LIZhuZPa9ewnaUScF8FzOUfyIuHn6SAfamK7qT4jallhsK2N0Xgc-qlw8OC0v7UGMTcECHwP565fbRzyrgmQW5CHtKCcv0BjGh6GfBjSeRIqjQvXNclgIF-cZ4QcYeF8juMn-yNxYrd6BNMeRKTTFiuuUQ3XQrIujPu99IXyrwz9je63LCJ4K73khib62RE93_96eIw3umACwzW-ZA2ZEOngyV19bGjut84cGNDDnPxDzUV1drx_eU3vFjmXj9CWrIfZPVRYtN34z4l49xz9lWRnxy47x0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCSs0GVIASZOC5D8fkx_APlvy9uAPJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2NjM3NTM0Njc5OTk1OTTIAQmpAmUyKe-Vw7E-4AIAqAMByAMCqgSIAk_QHBV5yLa5wqDyMfm-ZjscAXbIm4kbUI_y-WZgy6gFcX4DN25SyJbeFTwEot0Tnria8TolQmj5VR6GJCTAuiDaoKM57HkkYD1V7jTnyccn1YMDl14NsWJK3MnwG4l3F2FEBzzrMGYELG11vu6vwsyOWsvXO4O_sKyHEzU67JVZrEJWrn1SCXpKKxiAjE-ngin4F8JagL86ko9s24O7RyLXUieRa2zvps0y0jm4qBEwGR6hUzY9UN40sxiwVE7e5vJg2FP0SqMYl6YaBeRn5McFq9TEa58HZIaXk7yWQlbQ3aKz-zDqmq9yc3Loo4uk_cxAt-GB-pC8Gm0qpO5JeO_cfuhlqDr_-eAEAYAGg5SY49Ss1K1doAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0DFsJ9t4HclcN4W-y9GcYVadmMkw%26client%3Dca-pub-4663753467999594%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
aa3a0e111bb06caa53324a3d992b432fadfcb6ece52b9615c7e2800107f00550
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:35:00 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=544379
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
25594
expires
Wed, 22 Mar 2023 09:48:00 GMT
img
pix.eu.criteo.net/img/ Frame C441 		133 KB
133 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?h=1200&m=0&partner=2000&q=80&r=0&u=http%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F2000%2F220429%2F6a0067bf4afe49a0a7c182dac5a60db1_img_square_1.png&v=3&w=1200&s=LCf7rix-_tcdCgtoDKSCgzeJ
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZBKAVAAD3OAIEfJHAA9-Fl13UQfuy8fbJs0VWg&u=%7CrBqHi6DA9DlhYDPnWGXsCORbq2qKSqNY3Pch%2F0Ow9jE%3D%7C&c1=YJ4X_nXZn4MS-Vyc1jpPlV4VTPO6xzWbMW9ePYRMUYXVfUoF4cAXWYg8h5DGKhCYavayMK6vuCSe5-sUe1T5akJaCqlgW0l1Z8nIARLKiu92QefvKI7HuQ4HHw_rT1jfSENlurgkp1YrCeutHG4sfADuBXC9QTGKhsCgAUwiAzn8mIekejftBO8JQqyu7I3cuENusM8YmpDWFTDNLAhFXkubc8IQuq-xtpTQCX-IMzhed1aKACCWKmxbJXmqfNlEvliIAEW_eTC0laefqUUCwD2vnhWNWi8w_ZU_7OhIj5g7gYRxasctYCKglMRsRaVDy1QU4WqznHLRLOnZQC0A0cvbCQyGJSlVYgaXyB0NGsyY0LIZhuZPa9ewnaUScF8FzOUfyIuHn6SAfamK7qT4jallhsK2N0Xgc-qlw8OC0v7UGMTcECHwP565fbRzyrgmQW5CHtKCcv0BjGh6GfBjSeRIqjQvXNclgIF-cZ4QcYeF8juMn-yNxYrd6BNMeRKTTFiuuUQ3XQrIujPu99IXyrwz9je63LCJ4K73khib62RE93_96eIw3umACwzW-ZA2ZEOngyV19bGjut84cGNDDnPxDzUV1drx_eU3vFjmXj9CWrIfZPVRYtN34z4l49xz9lWRnxy47x0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCSs0GVIASZOC5D8fkx_APlvy9uAPJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2NjM3NTM0Njc5OTk1OTTIAQmpAmUyKe-Vw7E-4AIAqAMByAMCqgSIAk_QHBV5yLa5wqDyMfm-ZjscAXbIm4kbUI_y-WZgy6gFcX4DN25SyJbeFTwEot0Tnria8TolQmj5VR6GJCTAuiDaoKM57HkkYD1V7jTnyccn1YMDl14NsWJK3MnwG4l3F2FEBzzrMGYELG11vu6vwsyOWsvXO4O_sKyHEzU67JVZrEJWrn1SCXpKKxiAjE-ngin4F8JagL86ko9s24O7RyLXUieRa2zvps0y0jm4qBEwGR6hUzY9UN40sxiwVE7e5vJg2FP0SqMYl6YaBeRn5McFq9TEa58HZIaXk7yWQlbQ3aKz-zDqmq9yc3Loo4uk_cxAt-GB-pC8Gm0qpO5JeO_cfuhlqDr_-eAEAYAGg5SY49Ss1K1doAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0DFsJ9t4HclcN4W-y9GcYVadmMkw%26client%3Dca-pub-4663753467999594%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
053a545a2651da3eb3900d00bf4d2a71cd6963612e64bfac036ba55554b2672b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:35:00 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=28623861
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
136144
expires
Sat, 10 Feb 2024 09:39:22 GMT
all
csm.eu.criteo.net/ Frame C441 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=J9FBMpbAYzd9tt7lR6TEB9ptd_mDnG5eBo7Kj_TZ0xtMc_0XOUn3g6b9QQ49F-L52ayWrQo6_6FEfqcStrtcbqjacjg-1Yko3cbleGm1ONmI80ykDRc_G10wVXAoQw-sFE38jQ2IPlJYmEIyPdKWAZSrgu4OVUF1UEvmF8Oa1UPqpbSJG3FqWvq_cNF6DxcsLQtPPeE5cFoud1z9RR2v3qssPZiHLFewKhyfIPuOjWI2gCvQAYr8PRCQlAo2QeUIPTgazw&sds=2&rev=85089&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZBKAVAAD3OAIEfJHAA9-Fl13UQfuy8fbJs0VWg&u=%7CrBqHi6DA9DlhYDPnWGXsCORbq2qKSqNY3Pch%2F0Ow9jE%3D%7C&c1=YJ4X_nXZn4MS-Vyc1jpPlV4VTPO6xzWbMW9ePYRMUYXVfUoF4cAXWYg8h5DGKhCYavayMK6vuCSe5-sUe1T5akJaCqlgW0l1Z8nIARLKiu92QefvKI7HuQ4HHw_rT1jfSENlurgkp1YrCeutHG4sfADuBXC9QTGKhsCgAUwiAzn8mIekejftBO8JQqyu7I3cuENusM8YmpDWFTDNLAhFXkubc8IQuq-xtpTQCX-IMzhed1aKACCWKmxbJXmqfNlEvliIAEW_eTC0laefqUUCwD2vnhWNWi8w_ZU_7OhIj5g7gYRxasctYCKglMRsRaVDy1QU4WqznHLRLOnZQC0A0cvbCQyGJSlVYgaXyB0NGsyY0LIZhuZPa9ewnaUScF8FzOUfyIuHn6SAfamK7qT4jallhsK2N0Xgc-qlw8OC0v7UGMTcECHwP565fbRzyrgmQW5CHtKCcv0BjGh6GfBjSeRIqjQvXNclgIF-cZ4QcYeF8juMn-yNxYrd6BNMeRKTTFiuuUQ3XQrIujPu99IXyrwz9je63LCJ4K73khib62RE93_96eIw3umACwzW-ZA2ZEOngyV19bGjut84cGNDDnPxDzUV1drx_eU3vFjmXj9CWrIfZPVRYtN34z4l49xz9lWRnxy47x0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCSs0GVIASZOC5D8fkx_APlvy9uAPJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2NjM3NTM0Njc5OTk1OTTIAQmpAmUyKe-Vw7E-4AIAqAMByAMCqgSIAk_QHBV5yLa5wqDyMfm-ZjscAXbIm4kbUI_y-WZgy6gFcX4DN25SyJbeFTwEot0Tnria8TolQmj5VR6GJCTAuiDaoKM57HkkYD1V7jTnyccn1YMDl14NsWJK3MnwG4l3F2FEBzzrMGYELG11vu6vwsyOWsvXO4O_sKyHEzU67JVZrEJWrn1SCXpKKxiAjE-ngin4F8JagL86ko9s24O7RyLXUieRa2zvps0y0jm4qBEwGR6hUzY9UN40sxiwVE7e5vJg2FP0SqMYl6YaBeRn5McFq9TEa58HZIaXk7yWQlbQ3aKz-zDqmq9yc3Loo4uk_cxAt-GB-pC8Gm0qpO5JeO_cfuhlqDr_-eAEAYAGg5SY49Ss1K1doAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0DFsJ9t4HclcN4W-y9GcYVadmMkw%26client%3Dca-pub-4663753467999594%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::21 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 16 Mar 2023 02:35:00 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame C441 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZBKAVAAD3OAIEfJHAA9-Fl13UQfuy8fbJs0VWg&u=%7CrBqHi6DA9DlhYDPnWGXsCORbq2qKSqNY3Pch%2F0Ow9jE%3D%7C&c1=YJ4X_nXZn4MS-Vyc1jpPlV4VTPO6xzWbMW9ePYRMUYXVfUoF4cAXWYg8h5DGKhCYavayMK6vuCSe5-sUe1T5akJaCqlgW0l1Z8nIARLKiu92QefvKI7HuQ4HHw_rT1jfSENlurgkp1YrCeutHG4sfADuBXC9QTGKhsCgAUwiAzn8mIekejftBO8JQqyu7I3cuENusM8YmpDWFTDNLAhFXkubc8IQuq-xtpTQCX-IMzhed1aKACCWKmxbJXmqfNlEvliIAEW_eTC0laefqUUCwD2vnhWNWi8w_ZU_7OhIj5g7gYRxasctYCKglMRsRaVDy1QU4WqznHLRLOnZQC0A0cvbCQyGJSlVYgaXyB0NGsyY0LIZhuZPa9ewnaUScF8FzOUfyIuHn6SAfamK7qT4jallhsK2N0Xgc-qlw8OC0v7UGMTcECHwP565fbRzyrgmQW5CHtKCcv0BjGh6GfBjSeRIqjQvXNclgIF-cZ4QcYeF8juMn-yNxYrd6BNMeRKTTFiuuUQ3XQrIujPu99IXyrwz9je63LCJ4K73khib62RE93_96eIw3umACwzW-ZA2ZEOngyV19bGjut84cGNDDnPxDzUV1drx_eU3vFjmXj9CWrIfZPVRYtN34z4l49xz9lWRnxy47x0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCSs0GVIASZOC5D8fkx_APlvy9uAPJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2NjM3NTM0Njc5OTk1OTTIAQmpAmUyKe-Vw7E-4AIAqAMByAMCqgSIAk_QHBV5yLa5wqDyMfm-ZjscAXbIm4kbUI_y-WZgy6gFcX4DN25SyJbeFTwEot0Tnria8TolQmj5VR6GJCTAuiDaoKM57HkkYD1V7jTnyccn1YMDl14NsWJK3MnwG4l3F2FEBzzrMGYELG11vu6vwsyOWsvXO4O_sKyHEzU67JVZrEJWrn1SCXpKKxiAjE-ngin4F8JagL86ko9s24O7RyLXUieRa2zvps0y0jm4qBEwGR6hUzY9UN40sxiwVE7e5vJg2FP0SqMYl6YaBeRn5McFq9TEa58HZIaXk7yWQlbQ3aKz-zDqmq9yc3Loo4uk_cxAt-GB-pC8Gm0qpO5JeO_cfuhlqDr_-eAEAYAGg5SY49Ss1K1doAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0DFsJ9t4HclcN4W-y9GcYVadmMkw%26client%3Dca-pub-4663753467999594%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:35:00 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 10 Mar 2024 02:35:00 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame C441 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZBKAVAAD3OAIEfJHAA9-Fl13UQfuy8fbJs0VWg&u=%7CrBqHi6DA9DlhYDPnWGXsCORbq2qKSqNY3Pch%2F0Ow9jE%3D%7C&c1=YJ4X_nXZn4MS-Vyc1jpPlV4VTPO6xzWbMW9ePYRMUYXVfUoF4cAXWYg8h5DGKhCYavayMK6vuCSe5-sUe1T5akJaCqlgW0l1Z8nIARLKiu92QefvKI7HuQ4HHw_rT1jfSENlurgkp1YrCeutHG4sfADuBXC9QTGKhsCgAUwiAzn8mIekejftBO8JQqyu7I3cuENusM8YmpDWFTDNLAhFXkubc8IQuq-xtpTQCX-IMzhed1aKACCWKmxbJXmqfNlEvliIAEW_eTC0laefqUUCwD2vnhWNWi8w_ZU_7OhIj5g7gYRxasctYCKglMRsRaVDy1QU4WqznHLRLOnZQC0A0cvbCQyGJSlVYgaXyB0NGsyY0LIZhuZPa9ewnaUScF8FzOUfyIuHn6SAfamK7qT4jallhsK2N0Xgc-qlw8OC0v7UGMTcECHwP565fbRzyrgmQW5CHtKCcv0BjGh6GfBjSeRIqjQvXNclgIF-cZ4QcYeF8juMn-yNxYrd6BNMeRKTTFiuuUQ3XQrIujPu99IXyrwz9je63LCJ4K73khib62RE93_96eIw3umACwzW-ZA2ZEOngyV19bGjut84cGNDDnPxDzUV1drx_eU3vFjmXj9CWrIfZPVRYtN34z4l49xz9lWRnxy47x0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCSs0GVIASZOC5D8fkx_APlvy9uAPJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2NjM3NTM0Njc5OTk1OTTIAQmpAmUyKe-Vw7E-4AIAqAMByAMCqgSIAk_QHBV5yLa5wqDyMfm-ZjscAXbIm4kbUI_y-WZgy6gFcX4DN25SyJbeFTwEot0Tnria8TolQmj5VR6GJCTAuiDaoKM57HkkYD1V7jTnyccn1YMDl14NsWJK3MnwG4l3F2FEBzzrMGYELG11vu6vwsyOWsvXO4O_sKyHEzU67JVZrEJWrn1SCXpKKxiAjE-ngin4F8JagL86ko9s24O7RyLXUieRa2zvps0y0jm4qBEwGR6hUzY9UN40sxiwVE7e5vJg2FP0SqMYl6YaBeRn5McFq9TEa58HZIaXk7yWQlbQ3aKz-zDqmq9yc3Loo4uk_cxAt-GB-pC8Gm0qpO5JeO_cfuhlqDr_-eAEAYAGg5SY49Ss1K1doAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0DFsJ9t4HclcN4W-y9GcYVadmMkw%26client%3Dca-pub-4663753467999594%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:35:00 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 10 Mar 2024 02:35:00 GMT
container.html
3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 4A19 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031301.js?cb=31073052
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://istoe.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 16 Mar 2023 02:34:59 GMT
expires
Fri, 15 Mar 2024 02:34:59 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
adview
securepubads.g.doubleclick.net/pagead/ Frame 5965 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CWyfVVIASZN6uItfkx_AP1u6-uAKQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi00NjYzNzUzNDY3OTk5NTk0yAEJqQIA52cef7-xPuACAKgDAaoEgQJP0Ofdx4q8XBq5tJOnYvu7qF4_hkJEYKHfiPk5yQCVoNOY0YQZ2LZjk40MIoTZW9QcTgN0lVJ9Ynl5UEPEc8XPl2UN-kn0mKkHINdiG61ZFCuNEx2TOP1XL5GgmfM3AS0lylUlDYxLRkucklXuc2NzalwG7LpHqXx5pFmFaZqdYI9S1cVvc7mPRwQ41wTg0FGr2uXVxzmv4DMtwChOeM9Giq3IwajQ8jLOZ49Lcr1LxmwMwupkQDv6tx5d0lQK2B3TPScSJyyeIc-8bV6uv6G4JzDJ1Ckdl2YV23wya0TEU-WEHYoFV4yLgK7820XX-3RXOjIMPICFFMhloGv4E-aa8-AEAYAGmpb-sfuW9_XIAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgECACgH6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItNDY2Mzc1MzQ2Nzk5OTU5NBiHsA4&sigh=Q1rl1JNXXvM&uach_m=[UACH]&cid=CAQSOwDUE5ym4KNG9Ia7vc-xWDYI6txPV1iEnf6mi5BSAOiFW_c6zwiVzosonVX0_eTzmdAOjsopTAUqB_5YGAE
Requested by
Host: istoe.com.br
URL: https://istoe.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers
winResponse
prod-rtb.ad4mat.net/ Frame 5965 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prod-rtb.ad4mat.net/winResponse?a=1gnycj5q05khf6mefcsc9t172ne7m5bwm168d39v282ybvx1j1a8tt7f7yghfrw63kjah3srq4gfz6hz3tted0hqbg6mmjxg9jzk050jqm2zqjqsft7gmztz01vvms6rc0e3adw5n2jfddf23qaee8pfdncn6dakh8bwd6h5npey7smc1qj7cdtwn57236nzy4wvt0qt7wpx044naafdtkd7p1asnansgan34bh8dv8ws5gpb6a2vvjbf9mf004m5r74yhdp8t92jtw2sq7m319kd5mbpjdqake6a2tqpw13drrk243j6jxqtxkarbkw8x54r1twnja4arwd6ng7xh4cxqq8xpv3b3avf2ntrzkcdz9bdjw1dgsnhthgz9q60g76epmv1sp6320&b=ZBKAVAAIl14IEfJXAA-3VumUv1AKNqClyIiprA
Requested by
Host: istoe.com.br
URL: https://istoe.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 16 Mar 2023 02:35:01 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
image/gif
dr
as.ad4m.at/ad/ Frame D7D9 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/dr?ed=1ge6p0phj9812vb6rgfs87gz9fkff76m5dtcwvpawzenp68vcacfebk2jhvhd4s10kzwgx2q0es2qks9m3rfp25t4gxq493nrwmydbrk1d93rb8mdf7w37y3edtgsfzk86tejkzq80q2gkmw7f7phks39k2zhjj1e057dg24m9q012aapmzjzhp6ar6xpv5saxns760c3ybkweh4cejxtxqe95ncw6t083byyezqqrk86yp5pak9sqdvhtqemfpgwabh37c803gq3kqpy5qfwd85xyhhe0v9zdb5tsffwarvabr5thxkjkfznrc0t9mns9gdkdc68t4xcdbn5djm7j5p88e618y11d7ww3z2p57ye399vph0w6c3dvx1g2hrmrhpa2fe95pk6ghjk9jyq6dh5j9j7ypsrbgwaqrfdv0skg0b9j9a9t5kaehy0br0nc1g5mh3&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCqRdFVIASZN6uItfkx_AP1u6-uAKQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi00NjYzNzUzNDY3OTk5NTk0yAEJqQIA52cef7-xPuACAKgDAaoEhAJP0Ofdx4q8XBq5tJOnYvu7qF4_hkJEYKHfiPk5yQCVoNOY0YQZ2LZjk40MIoTZW9QcTgN0lVJ9Ynl5UEPEc8XPl2UN-kn0mKkHINdiG61ZFCuNEx2TOP1XL5GgmfM3AS0lylUlDYxLRkucklXuc2NzalwG7LpHqXx5pFmFaZqdYI9S1cVvc7mPRwQ41wTg0FGr2uXVxzmv4DMtwChOeM9Giq3IwajQ8jLOZ49Lcr1LxmwMwupkQDv6tx5d0lQK2B3TPScSJyyeIc-8bV6uv6G4JzDJ1Ckdl2YV23xwaWVWhBwDXUKCHxpRyTwO4lHdVn55Iu-M_skX7Fx7jHMtz3naO4hJs-AEAYAGmpb-sfuW9_XIAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3v7_XTkID9SZOrn-HTnhR28xABcg%26client%3Dca-pub-4663753467999594%26adurl%3D
Requested by
Host: istoe.com.br
URL: https://istoe.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb888f6df29d8510bf5c763e29473bbd7946d5b55dde846474b239e493a9a82d
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
7a8999b35c713a6d-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Thu, 16 Mar 2023 02:35:01 GMT
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230314/r20110914/client/ Frame 5965 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230314/r20110914/client/window_focus_fy2021.js
Requested by
Host: istoe.com.br
URL: https://istoe.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 15 Mar 2023 22:31:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
14630
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 29 Mar 2023 22:31:10 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 09AD 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: istoe.com.br
URL: https://istoe.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
51099
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 15 Mar 2023 12:23:21 GMT
etag
48472445140208031
expires
Thu, 16 Mar 2023 12:23:21 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230314/r20110914/client/ Frame 5965 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230314/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: istoe.com.br
URL: https://istoe.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a9161954861bb1fd7d5044d99f9ce04137b3836979ce8c5c75d224642f57c3f9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 15 Mar 2023 18:10:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
30268
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8559
x-xss-protection
0
server
cafe
etag
11326455550778179109
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 29 Mar 2023 18:10:32 GMT
l
www.google.com/ads/measurement/ Frame 5965 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSBZvdHZ-MSfaB8FF7J6ZrUOxXVl-1c8PZdb-5lFGnu80lC7YD8GQ2KAFyIY2YFEU7hKhqmdQ0wvrFVo2_fRsy6VJbuXg
Requested by
Host: istoe.com.br
URL: https://istoe.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 5965 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: istoe.com.br
URL: https://istoe.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 09 Mar 2023 10:51:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
575011
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 08 Mar 2024 10:51:29 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 5965 		158 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: istoe.com.br
URL: https://istoe.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3456dcd3eb25196e68e2822cca66a20c2f123bedf5986f159be674e4c40a05cb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:35:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49519
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1678880156327103"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 16 Mar 2023 02:35:00 GMT
container.html
3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 54AD 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031301.js?cb=31073052
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://istoe.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 16 Mar 2023 02:34:59 GMT
expires
Fri, 15 Mar 2024 02:34:59 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2023031301&jk=3102037318906712&bg=!urmlue3NAAZKh9k7aoc7ADkAdvg8WgnP2B2gTdqoMhENb8SD8Gjq9U0qprTejO2ButuhcsJntNNYsMpK6bJFd9YvbVkJFWzTy24CAAAAdFIAAAADaAEHmQKdK1TEw5ZY6GSs7lTeiFHtHlb1YWhuxpTZfXl9zTAG_og92FgJKZW94rxglhvW2wF6OeoR2ltG___FnAu53v_O-UbDDsaUBveYfuuKU5YbrWaYJpQiEgAl2xYjjhjbWOUMcoxf4jZDtVvfYuQ2xMtQSG6xqrOBwR5vmj8ee1lzU-BURpHn5aw9wvIlsqdgTV0oagdyw3guYdnIijBB__nPnTJGGF8mqrq24Ao7RZwH9aBf6oQhAOQev5ouPGCAiexUjPu7fHTNgyofHueP_bsFqXEIC_3i-dwGxL6GAvCcJPuh3R9rzq9MVtxyYPZDURCRMHdokhPULQiDQjAOdYuPEfiaJf7fuNx00MN8EvmTu_81Lnndf9X3hFeWVndyCP6KS_LoYKv4VdvS33P1RPjpuI15P-Q3v7eUzTRjMwOISJc_TS5wIDt2bcxwLzsNu3cbUs5W4igCno4mKyNo4PuQ8ksbqfknX0BxrXRiwf73Yz4qzZraVLQrKecNe_FQN-aMbTQNhoXhR9hZSJWTfcAfde80B_Mubw2SL28V0UuWPs0XnEjxUY_UWZOP4UM50c82I7b7ZBAnXb7zpYHjl9bleOl0lIrLq8nljb1LJsh-PcdIb-EXP7FveOmbEPeJGI_YYfA-jOYL-XpnYZlwFzkCnzZUGbgeb6TM4ktvrRAL20vhNz14VwpVwtY1vaxMCiEYoyMZJbWUof8QvN7pzvt9EazQdOrB4j3rNw6D6zZIkl5S68Rk8s_uCzxSrvbtA5W0DyJ9KdT71blaMf936B6xpD_FccSOPZ8mFG0kZc6Jk_UNrPIuqIiwETtyTvI3p9SpUBhAQLYAPiylPr7yMsl6amj1rcJBXKi1qHU6NGbIAN7-7fx6uqRvzxJqJKa5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://istoe.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers
adunitMapping
webservices.webspectator.com/ Frame 00B3 		727 B
768 B 		Script
General
Check archive.org
Download Go to
Full URL
https://webservices.webspectator.com/adunitMapping?appId=2739&eaup=/22452847/Istoe_Home&eolid=null&eci=null&ct=%7B%7D&w=300&h=250&wsRotSlot=&isda=1
Requested by
Host: wfpscripts.webspectator.com
URL: https://wfpscripts.webspectator.com/ws-4.4.62.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.192.67.210 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-192-67-210.compute-1.amazonaws.com
Software
WildFly/10 / Undertow/1
Resource Hash
4eb4d1d5bedb6805642bcdd713d83f53d23909bcb267fb84b2e48f8115e43019

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://istoe.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 16 Mar 2023 02:35:01 GMT
Content-Encoding
gzip
Server
WildFly/10
X-Powered-By
Undertow/1
Transfer-Encoding
chunked
Content-Type
text/javascript;charset=UTF-8
X-NoCache
true
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Jan 1970 00:00:00 GMT
adunitMapping
webservices.webspectator.com/ Frame DE32 		727 B
768 B 		Script
General
Check archive.org
Download Go to
Full URL
https://webservices.webspectator.com/adunitMapping?appId=2739&eaup=/22452847/Istoe_Home&eolid=null&eci=null&ct=%7B%7D&w=300&h=250&wsRotSlot=&isda=1
Requested by
Host: wfpscripts.webspectator.com
URL: https://wfpscripts.webspectator.com/ws-4.4.62.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.192.67.210 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-192-67-210.compute-1.amazonaws.com
Software
WildFly/10 / Undertow/1
Resource Hash
4eb4d1d5bedb6805642bcdd713d83f53d23909bcb267fb84b2e48f8115e43019

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://istoe.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 16 Mar 2023 02:35:01 GMT
Content-Encoding
gzip
Server
WildFly/10
X-Powered-By
Undertow/1
Transfer-Encoding
chunked
Content-Type
text/javascript;charset=UTF-8
X-NoCache
true
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Jan 1970 00:00:00 GMT
adunitMapping
webservices.webspectator.com/ Frame DD01 		733 B
776 B 		Script
General
Check archive.org
Download Go to
Full URL
https://webservices.webspectator.com/adunitMapping?appId=2739&eaup=/22452847/Istoe_Home&eolid=null&eci=null&ct=%7B%22pos%22%3A%5B%222%22%5D%7D&w=728&h=90&wsRotSlot=&isda=1
Requested by
Host: wfpscripts.webspectator.com
URL: https://wfpscripts.webspectator.com/ws-4.4.62.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.192.67.210 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-192-67-210.compute-1.amazonaws.com
Software
WildFly/10 / Undertow/1
Resource Hash
5e07088d53a0fe6c0c369b0de23e504097a7a729bed293a44eadd882e3d34879

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://istoe.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 16 Mar 2023 02:35:01 GMT
Content-Encoding
gzip
Server
WildFly/10
X-Powered-By
Undertow/1
Transfer-Encoding
chunked
Content-Type
text/javascript;charset=UTF-8
X-NoCache
true
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Jan 1970 00:00:00 GMT
adunitMapping
webservices.webspectator.com/ Frame F0D5 		735 B
777 B 		Script
General
Check archive.org
Download Go to
Full URL
https://webservices.webspectator.com/adunitMapping?appId=2739&eaup=/22452847/Istoe_Home&eolid=null&eci=null&ct=%7B%22pos%22%3A%5B%22top%22%5D%7D&w=728&h=90&wsRotSlot=&isda=1
Requested by
Host: wfpscripts.webspectator.com
URL: https://wfpscripts.webspectator.com/ws-4.4.62.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.192.67.210 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-192-67-210.compute-1.amazonaws.com
Software
WildFly/10 / Undertow/1
Resource Hash
c6759d555b51663bb43d537e4ee1b67a6286af8beba8780baa00147ec5e77f63

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://istoe.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 16 Mar 2023 02:35:01 GMT
Content-Encoding
gzip
Server
WildFly/10
X-Powered-By
Undertow/1
Transfer-Encoding
chunked
Content-Type
text/javascript;charset=UTF-8
X-NoCache
true
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Jan 1970 00:00:00 GMT
/
msgws.webspectator.com/server/ssl/2.1/ 		67 B
248 B 		Script
General
Check archive.org
Download Go to
Full URL
https://msgws.webspectator.com/server/ssl/2.1/?guid=838e4bf6-fe85-15fa-889f-904dc6ae1957&appkey=w5tlOg
Requested by
Host: wfpscripts.webspectator.com
URL: https://wfpscripts.webspectator.com/ortc-heartbeat1sec-min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.234.139.177 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-234-139-177.compute-1.amazonaws.com
Software
/ Express
Resource Hash
4a2a801c9c80fdddf923fc6b0c364467a102da2ca6a46afaffca59819f030539

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://istoe.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 16 Mar 2023 02:35:01 GMT
X-Powered-By
Express
Transfer-Encoding
chunked
Content-Type
text/javascript
dpixel
cms.quantserve.com/ Frame 09AD 		35 B
363 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEP7HKYbW87edDY_I7goo16U&google_cver=1&google_push=Aa02lx_DH09a3SplbB8Y5l6IvUsVnCnhIWcmkQIkTTk9fsu4JW_dkW_UWpRqo6P89KsVyxRQ7r2UDIJWBWspzfVWtRIs1gyu444iZHE
Requested by
Host: 3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com
URL: https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:de2e:c7b3:55c0:d5a0 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Mar 2023 02:35:01 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 09AD
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEOQTZoQNHdBEzsAoJA4JarA&google_push=Aa02lx-k3nf8E-Rup1wnWcWIpeJIlwy7xwT1wGUsGGWqUQxqCbNmQjXr7q...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEOQTZoQNHdBEzsAoJA4JarA&google_push=Aa02lx-k3nf8E-Rup1wnWcWIpeJIlwy7xwT1wGUsGGWqUQxqCbNmQjXr7qBqWMKoIs4fKY6E7W-_3HQBaznzn0KxzJNAOhmqzczM1UQ
Requested by
Host: 3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com
URL: https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Mar 2023 02:35:01 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by
cache-fra-eddf8230136-FRA
pragma
no-cache
date
Thu, 16 Mar 2023 02:35:01 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1678934101.099525,VS0,VE91
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEOQTZoQNHdBEzsAoJA4JarA&google_push=Aa02lx-k3nf8E-Rup1wnWcWIpeJIlwy7xwT1wGUsGGWqUQxqCbNmQjXr7qBqWMKoIs4fKY6E7W-_3HQBaznzn0KxzJNAOhmqzczM1UQ
cache-control
no-cache
accept-ranges
bytes
content-length
0
x-cache-hits
0
google
match.adsrvr.org/track/cmf/ Frame 09AD 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESELBtRWYRL6FNAxgkZAQBRBg&google_cver=1&google_push=Aa02lx_mxh2O2_-eVjjtuCsO1cD54kkjmSeZ0VhRmC500wZPuGaY7-yOkbW2gW24zImt4u3oMVmYeMhzWzfEmcug4SEmJRnar-H-kv8
Requested by
Host: 3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com
URL: https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 16 Mar 2023 02:35:01 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 09AD
Redirect Chain
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEDxrucS-iUCY8eEhVeMuwPI&google_cver=1&google_push=Aa02lx_qqQ_K_cy6Vm5YtSL5U9VcIDz5tICZjnrqiexoVq8kteXTOJuJRgyDH1-48hhTacbGf15N-_9zOuHSYPWG...
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=GAgVF0hATGSnbxIhnH0jiA2&google_push=Aa02lx_qqQ_K_cy6Vm5YtSL5U9VcIDz5tICZjnrqiexoVq8kteXTOJuJRgyDH1-48hhTacbGf15N-_9zOuHSYPWG3lfTS1YyUZ8OU2g
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=GAgVF0hATGSnbxIhnH0jiA2&google_push=Aa02lx_qqQ_K_cy6Vm5YtSL5U9VcIDz5tICZjnrqiexoVq8kteXTOJuJRgyDH1-48hhTacbGf15N-_9zOuHSYPWG3lfTS1YyUZ8OU2g
Requested by
Host: 3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com
URL: https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Mar 2023 02:35:01 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 16 Mar 2023 02:35:01 GMT
via
1.1 google
x-engine-version
0.0.0
server
nginx/1.21.6
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=GAgVF0hATGSnbxIhnH0jiA2&google_push=Aa02lx_qqQ_K_cy6Vm5YtSL5U9VcIDz5tICZjnrqiexoVq8kteXTOJuJRgyDH1-48hhTacbGf15N-_9zOuHSYPWG3lfTS1YyUZ8OU2g
x-host
tde-deliveryengine-production-86c874c4d8-klw8l
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
dds
rtb.openx.net/sync/ Frame 09AD 		43 B
135 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEB2DvmALjSPSROOiWO1b01I&google_cver=1&google_push=Aa02lx_XXlpOVaX4zJEuOMW6R4qoqDK3a7-BqE54XvWaZ6VJu4QyTQwWNZiZZNZnHyx6P2c2pEz6btp1hvgD7FmSNi4lyX4XMqyDFcw
Requested by
Host: 3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com
URL: https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Mar 2023 02:35:00 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
bhk9cid8rtcd79epts6jrhkepnkbmlh2
pixel
cm.g.doubleclick.net/ Frame 09AD
Redirect Chain
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEIW1UZPUzlfK-WVqhaZeB5M&google_cver=1&google_push=Aa02lx8hQQtUj0SXyN9F3RiVprySJxK23SNk7sXd1Uoj84H35s-k9XYlo-h9elntxRYAkCBF6vn2DN3dxwO43PGDH...
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEIW1UZPUzlfK-WVqhaZeB5M&google_cver=1&google_push=Aa02lx8hQQtUj0SXyN9F3RiVprySJxK23SNk7sXd1Uoj84H35s-k9XYlo-h9elntxRYAkCBF6vn2DN3dxwO43PGDH...
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=Aa02lx8hQQtUj0SXyN9F3RiVprySJxK23SNk7sXd1Uoj84H35s-k9XYlo-h9elntxRYAkCBF6vn2DN3dxwO43PGDH4RKMKH10AOo4mo&google_hm=GUVbuGZHvBNjuENaQKe...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=Aa02lx8hQQtUj0SXyN9F3RiVprySJxK23SNk7sXd1Uoj84H35s-k9XYlo-h9elntxRYAkCBF6vn2DN3dxwO43PGDH4RKMKH10AOo4mo&google_hm=GUVbuGZHvBNjuENaQKekY4O-
Requested by
Host: 3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com
URL: https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Mar 2023 02:35:01 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Thu, 16 Mar 2023 02:35:01 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=Aa02lx8hQQtUj0SXyN9F3RiVprySJxK23SNk7sXd1Uoj84H35s-k9XYlo-h9elntxRYAkCBF6vn2DN3dxwO43PGDH4RKMKH10AOo4mo&google_hm=GUVbuGZHvBNjuENaQKekY4O-
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap6ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 09AD
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEJLFHiO6FH9Kkb0z7QJoEgw&google_cver=1&google_push=Aa02lx_O_fWDmiZl19zlO24Eb-z0I6zs1FOOX1gq2aU4Td__lTI2z8YGEVL8nItHKWZtCTQtwBvFdS1cV0apyZCegO_-4L8YB6...
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTI4NDIyMzk1MzA2MzIxMzE4Mjc5&google_push=Aa02lx_O_fWDmiZl19zlO24Eb-z0I6zs1FOOX1gq2aU4Td__lTI2z8YGEVL8nItH...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTI4NDIyMzk1MzA2MzIxMzE4Mjc5&google_push=Aa02lx_O_fWDmiZl19zlO24Eb-z0I6zs1FOOX1gq2aU4Td__lTI2z8YGEVL8nItHKWZtCTQtwBvFdS1cV0apyZCegO_-4L8YB61Qmt8
Requested by
Host: 3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com
URL: https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Mar 2023 02:35:01 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTI4NDIyMzk1MzA2MzIxMzE4Mjc5&google_push=Aa02lx_O_fWDmiZl19zlO24Eb-z0I6zs1FOOX1gq2aU4Td__lTI2z8YGEVL8nItHKWZtCTQtwBvFdS1cV0apyZCegO_-4L8YB61Qmt8
date
Thu, 16 Mar 2023 02:35:01 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
attr
cm.g.doubleclick.net/pixel/ Frame 09AD 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13I13eRXE5PSsyRZWEIw7g8GqrpN5PrBUZG7HUaQmfxiW7cekqQiyby3g_2SkyTG1yI3jjUZ
Requested by
Host: 3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com
URL: https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:35:01 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
loader
api.retargetly.com/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.retargetly.com/loader?id=3368
Requested by
Host: wfpscripts.webspectator.com
URL: https://wfpscripts.webspectator.com/third_party/retargetly_univ_2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:118d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ea93bfd5dce538d0a8fc2b3fbafd7070f9c7758709a0d770e8228dee35719ce

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://istoe.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:35:01 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
content-type
application/javascript
access-control-allow-origin
*
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
cache-control
public, max-age=604800
cf-ray
7a8999b3da799a0f-FRA
expires
Thu Mar 23 2023 02:35:01 GMT+0000 (Coordinated Universal Time)
default.css
as.ad4m.at/ad/style/0.1.35/one-ad/ Frame D7D9 		94 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.35/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1ge6p0phj9812vb6rgfs87gz9fkff76m5dtcwvpawzenp68vcacfebk2jhvhd4s10kzwgx2q0es2qks9m3rfp25t4gxq493nrwmydbrk1d93rb8mdf7w37y3edtgsfzk86tejkzq80q2gkmw7f7phks39k2zhjj1e057dg24m9q012aapmzjzhp6ar6xpv5saxns760c3ybkweh4cejxtxqe95ncw6t083byyezqqrk86yp5pak9sqdvhtqemfpgwabh37c803gq3kqpy5qfwd85xyhhe0v9zdb5tsffwarvabr5thxkjkfznrc0t9mns9gdkdc68t4xcdbn5djm7j5p88e618y11d7ww3z2p57ye399vph0w6c3dvx1g2hrmrhpa2fe95pk6ghjk9jyq6dh5j9j7ypsrbgwaqrfdv0skg0b9j9a9t5kaehy0br0nc1g5mh3&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCqRdFVIASZN6uItfkx_AP1u6-uAKQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi00NjYzNzUzNDY3OTk5NTk0yAEJqQIA52cef7-xPuACAKgDAaoEhAJP0Ofdx4q8XBq5tJOnYvu7qF4_hkJEYKHfiPk5yQCVoNOY0YQZ2LZjk40MIoTZW9QcTgN0lVJ9Ynl5UEPEc8XPl2UN-kn0mKkHINdiG61ZFCuNEx2TOP1XL5GgmfM3AS0lylUlDYxLRkucklXuc2NzalwG7LpHqXx5pFmFaZqdYI9S1cVvc7mPRwQ41wTg0FGr2uXVxzmv4DMtwChOeM9Giq3IwajQ8jLOZ49Lcr1LxmwMwupkQDv6tx5d0lQK2B3TPScSJyyeIc-8bV6uv6G4JzDJ1Ckdl2YV23xwaWVWhBwDXUKCHxpRyTwO4lHdVn55Iu-M_skX7Fx7jHMtz3naO4hJs-AEAYAGmpb-sfuW9_XIAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3v7_XTkID9SZOrn-HTnhR28xABcg%26client%3Dca-pub-4663753467999594%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
926a4ca073c39c40cabffbf1b0371803f245f084cdb9177fc7b3f9d81c0e394d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1ge6p0phj9812vb6rgfs87gz9fkff76m5dtcwvpawzenp68vcacfebk2jhvhd4s10kzwgx2q0es2qks9m3rfp25t4gxq493nrwmydbrk1d93rb8mdf7w37y3edtgsfzk86tejkzq80q2gkmw7f7phks39k2zhjj1e057dg24m9q012aapmzjzhp6ar6xpv5saxns760c3ybkweh4cejxtxqe95ncw6t083byyezqqrk86yp5pak9sqdvhtqemfpgwabh37c803gq3kqpy5qfwd85xyhhe0v9zdb5tsffwarvabr5thxkjkfznrc0t9mns9gdkdc68t4xcdbn5djm7j5p88e618y11d7ww3z2p57ye399vph0w6c3dvx1g2hrmrhpa2fe95pk6ghjk9jyq6dh5j9j7ypsrbgwaqrfdv0skg0b9j9a9t5kaehy0br0nc1g5mh3&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCqRdFVIASZN6uItfkx_AP1u6-uAKQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi00NjYzNzUzNDY3OTk5NTk0yAEJqQIA52cef7-xPuACAKgDAaoEhAJP0Ofdx4q8XBq5tJOnYvu7qF4_hkJEYKHfiPk5yQCVoNOY0YQZ2LZjk40MIoTZW9QcTgN0lVJ9Ynl5UEPEc8XPl2UN-kn0mKkHINdiG61ZFCuNEx2TOP1XL5GgmfM3AS0lylUlDYxLRkucklXuc2NzalwG7LpHqXx5pFmFaZqdYI9S1cVvc7mPRwQ41wTg0FGr2uXVxzmv4DMtwChOeM9Giq3IwajQ8jLOZ49Lcr1LxmwMwupkQDv6tx5d0lQK2B3TPScSJyyeIc-8bV6uv6G4JzDJ1Ckdl2YV23xwaWVWhBwDXUKCHxpRyTwO4lHdVn55Iu-M_skX7Fx7jHMtz3naO4hJs-AEAYAGmpb-sfuW9_XIAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3v7_XTkID9SZOrn-HTnhR28xABcg%26client%3Dca-pub-4663753467999594%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:35:01 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime
1677666448
age
551350
cf-polished
origSize=96968
x-guploader-uploadid
ADPycduxnnyMRJTFaD4Dg7Hd8aRn6xTYu1PRy7TXWWh0GjCBxwAMZMkehaNAf-UCycuwqnGLPQWuj1EZCp5aL6ZRZOMYGSoR-sy7
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 01 Mar 2023 10:28:06 GMT
server
cloudflare
etag
W/"6110dc3a24c902508647a582294bcc25"
vary
Accept-Encoding
x-goog-generation
1677666486645030
content-type
text/css
x-goog-hash
crc32c=6qzuyQ==, md5=YRDcOiTJAlCGR6WCKUvMJQ==
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7g3j%2BVUior6IZq1m3oQldiWw60tNZZcx%2BLwWe0XkK0lxF5ep4klDfxX8gHBkQYHvFWg6MNHrVD6AD1gJ0fSxl9Gb3WiCc6YPh0ElfSxw9ahpAWA%2BIwgKEfJNZek5QQowFW%2BCqXQsJc4%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
96968
cf-ray
7a8999b3fcc83a6d-FRA
expires
Thu, 16 Mar 2023 03:35:01 GMT
r62eglto.js
ad4m.at/ Frame D7D9 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/r62eglto.js
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1ge6p0phj9812vb6rgfs87gz9fkff76m5dtcwvpawzenp68vcacfebk2jhvhd4s10kzwgx2q0es2qks9m3rfp25t4gxq493nrwmydbrk1d93rb8mdf7w37y3edtgsfzk86tejkzq80q2gkmw7f7phks39k2zhjj1e057dg24m9q012aapmzjzhp6ar6xpv5saxns760c3ybkweh4cejxtxqe95ncw6t083byyezqqrk86yp5pak9sqdvhtqemfpgwabh37c803gq3kqpy5qfwd85xyhhe0v9zdb5tsffwarvabr5thxkjkfznrc0t9mns9gdkdc68t4xcdbn5djm7j5p88e618y11d7ww3z2p57ye399vph0w6c3dvx1g2hrmrhpa2fe95pk6ghjk9jyq6dh5j9j7ypsrbgwaqrfdv0skg0b9j9a9t5kaehy0br0nc1g5mh3&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCqRdFVIASZN6uItfkx_AP1u6-uAKQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi00NjYzNzUzNDY3OTk5NTk0yAEJqQIA52cef7-xPuACAKgDAaoEhAJP0Ofdx4q8XBq5tJOnYvu7qF4_hkJEYKHfiPk5yQCVoNOY0YQZ2LZjk40MIoTZW9QcTgN0lVJ9Ynl5UEPEc8XPl2UN-kn0mKkHINdiG61ZFCuNEx2TOP1XL5GgmfM3AS0lylUlDYxLRkucklXuc2NzalwG7LpHqXx5pFmFaZqdYI9S1cVvc7mPRwQ41wTg0FGr2uXVxzmv4DMtwChOeM9Giq3IwajQ8jLOZ49Lcr1LxmwMwupkQDv6tx5d0lQK2B3TPScSJyyeIc-8bV6uv6G4JzDJ1Ckdl2YV23xwaWVWhBwDXUKCHxpRyTwO4lHdVn55Iu-M_skX7Fx7jHMtz3naO4hJs-AEAYAGmpb-sfuW9_XIAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3v7_XTkID9SZOrn-HTnhR28xABcg%26client%3Dca-pub-4663753467999594%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2d5e67a38c9a11424cac19ce192c9fd124a6d74e64d3791a01561dbd3e39c0b4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:35:01 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 14 Mar 2023 13:45:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
132563
etag
W/"fcb2a26b07bd76d9a925cae661d6d94d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Lx6WW92gdrJiIMoqi%2F69iyQFTVV7ye0l2qKfvxfFLj7bopVr5sajY%2FZFmkYTkdWzAXT1RR3fuRFJt%2BLHUdlEd6LVPK3j%2BQR9yj2Ug6PGMPxHWSZnKMcu9eAt%2BufvG3Hh1cf0T3w%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray
7a8999b40cdb3a6d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 14 Mar 2023 13:45:37 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 54AD 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CVJBqVIASZP_yLfHHgAeUp4-AC5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2NjM3NTM0Njc5OTk1OTTIAQmpAgDnZx5_v7E-4AIAqAMBqgSBAk_Q7gBQpO7JbEaAFZWRB0w-AEfP81mPmsCp4pOjHh1rQcP8rckbuVsDoLXI8iODWUE2TIpv8QxowbWYYgpCed8kHfWMG736AaY1Mdd3N15owzKRbkis_hU68GN8ol96m_otgE3NL8FAqRWCTcxNTsSMqhxB8c25r5G7Qh1qlyAmHvpjHNQi3lom2ZKWxHnQsjen57_3zlcaBTKnclM72K1yuvNgEeLEUMvTzKV558rbIZuwKsJgASfQhJYM7Sgc3Zf-dL7eGxMAar5jAGLV0e50v7-nRdOhgk7ujzym8z-jiGJkQK9HuS4y_wtEpgrik0puX6-6HuegKjmggiyWwA4D4AQBgAa1_JHwlYSy7-IBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQIAKAfoLAggBgAwB0BUBgBcBshccChoSFHB1Yi00NjYzNzUzNDY3OTk5NTk0GIewDg&sigh=sOTfpFdE798&uach_m=[UACH]&cid=CAQSPADUE5ymXbuGqGO81dgVJi3Hx7bHW4R5auEz7RZ7iEog0FwZqScqJsVEpwe99OQHzOc-rGD4ltVEUh3mqhgB
Requested by
Host: istoe.com.br
URL: https://istoe.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers
winResponse
prod-rtb.ad4mat.net/ Frame 54AD 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prod-rtb.ad4mat.net/winResponse?a=1j72846xqktyw67xadc02wej8egknnycse84dkxc9eyryd34wgehqm5gpp0b916q4hd90fd4t33bm3sb168nwk20veqsw56pvv5cf0z0hmv2c1d0c5htdf01413c1bk0j2nd96qc2ztydr31774hr5htdfn8ayhqf5586ybc68vppmgaw5zn93qjykq3nkfkmjafq48f4m72ee5dyj4smqenvczq3esr0cg2se5gy5jjqwkvaf5sbjwzdsec28m5y6zx187vtyv3fjjy3yjqkcfegycvr3gt3ghhs5q24m6p2ea3jserssjt0h9yzeeab5kjn6s2gj6b2twgrzh1vdyyt41c41gf5dvq8hnhq1dj7nmv0jw97ap7wrjzrg5xdkdgvwj5aad5t0g&b=ZBKAVAALeX8K4CPxAAPTlGqhLD455mD87eBzOg
Requested by
Host: istoe.com.br
URL: https://istoe.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 16 Mar 2023 02:35:01 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
image/gif
dr
as.ad4m.at/ad/ Frame 1047 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/dr?ed=1kr6g6ejqyc6a7fr67cemxs8jyjbmtnvq692tqbpsb2khzz7j4rbf3rrxw7s1c2769e87rzb29bdp0c483wp1g10yntensmny0hjvnm96zgfmnezjb7wnzj4wzr565cmvx8rmzynxzagtwy7dg065f50txgne4xkskf8jr424859chj3svprxecr7a1n963rh0vextjksz4z7ywnt2yptsjwxw57b4aa2wb8zdc37grrckfv84jspwvfrbjr9v898fcb768dqtj0g8cfqwsdbj1rraq14tx1cdh31vgr79rryr16j2fksmm0hw80x0jr32my33f44n892e7bdadkf22hsjr3bj52mvchrztpd12tgav4rp3b7s2r9c3bj2bw07znw1d4sdna3c7hcjmyzgcf2ksap54rnpcaa3fa6rw9m3vyvrjy5mfzvc8msph2kfe0p43p58&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCiEQdVIASZP_yLfHHgAeUp4-AC5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2NjM3NTM0Njc5OTk1OTTIAQmpAgDnZx5_v7E-4AIAqAMBqgSEAk_Q7gBQpO7JbEaAFZWRB0w-AEfP81mPmsCp4pOjHh1rQcP8rckbuVsDoLXI8iODWUE2TIpv8QxowbWYYgpCed8kHfWMG736AaY1Mdd3N15owzKRbkis_hU68GN8ol96m_otgE3NL8FAqRWCTcxNTsSMqhxB8c25r5G7Qh1qlyAmHvpjHNQi3lom2ZKWxHnQsjen57_3zlcaBTKnclM72K1yuvNgEeLEUMvTzKV558rbIZuwKsJgASfQhJYM7Sgc3Zf-dL7eGxMAar5jAGLV0e50v7-nRdOhgk7uj36k0q10ceUkiCgPL_R7bfl9sgBPmWR2gi94V3VYvieMmvlKX07Luxq_4AQBgAa1_JHwlYSy7-IBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1EJRfbFprEuTn7cAn6LhfHQw5NlQ%26client%3Dca-pub-4663753467999594%26adurl%3D
Requested by
Host: 3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com
URL: https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1ef9eb1233bfaa6a0827c89f3f5a427c446f84033d172144e8a6abee84d5e39f
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
7a8999b3fcce3a6d-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Thu, 16 Mar 2023 02:35:01 GMT
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230314/r20110914/client/ Frame 54AD 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230314/r20110914/client/window_focus_fy2021.js
Requested by
Host: 3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com
URL: https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 15 Mar 2023 22:31:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
14631
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 29 Mar 2023 22:31:10 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 0920 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com
URL: https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
51100
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 15 Mar 2023 12:23:21 GMT
etag
48472445140208031
expires
Thu, 16 Mar 2023 12:23:21 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230314/r20110914/client/ Frame 54AD 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230314/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com
URL: https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a9161954861bb1fd7d5044d99f9ce04137b3836979ce8c5c75d224642f57c3f9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 15 Mar 2023 18:10:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
30269
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8559
x-xss-protection
0
server
cafe
etag
11326455550778179109
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 29 Mar 2023 18:10:32 GMT
l
www.google.com/ads/measurement/ Frame 54AD 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ3P5gBA8fxJdCwvY-N3RHOJ1xycAYzEzXAkd52vL17_EmOgdHRCNW36VuPjDq3wtBHkigGPZ2qYxFLVuy508r2kgPHaw
Requested by
Host: 3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com
URL: https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 54AD 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com
URL: https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 09 Mar 2023 10:51:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
575012
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 08 Mar 2024 10:51:29 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 54AD 		158 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com
URL: https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3456dcd3eb25196e68e2822cca66a20c2f123bedf5986f159be674e4c40a05cb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:35:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49519
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1678880156327103"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 16 Mar 2023 02:35:01 GMT
default.css
as.ad4m.at/ad/style/0.1.35/one-ad/ Frame 1047 		94 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.35/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1kr6g6ejqyc6a7fr67cemxs8jyjbmtnvq692tqbpsb2khzz7j4rbf3rrxw7s1c2769e87rzb29bdp0c483wp1g10yntensmny0hjvnm96zgfmnezjb7wnzj4wzr565cmvx8rmzynxzagtwy7dg065f50txgne4xkskf8jr424859chj3svprxecr7a1n963rh0vextjksz4z7ywnt2yptsjwxw57b4aa2wb8zdc37grrckfv84jspwvfrbjr9v898fcb768dqtj0g8cfqwsdbj1rraq14tx1cdh31vgr79rryr16j2fksmm0hw80x0jr32my33f44n892e7bdadkf22hsjr3bj52mvchrztpd12tgav4rp3b7s2r9c3bj2bw07znw1d4sdna3c7hcjmyzgcf2ksap54rnpcaa3fa6rw9m3vyvrjy5mfzvc8msph2kfe0p43p58&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCiEQdVIASZP_yLfHHgAeUp4-AC5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2NjM3NTM0Njc5OTk1OTTIAQmpAgDnZx5_v7E-4AIAqAMBqgSEAk_Q7gBQpO7JbEaAFZWRB0w-AEfP81mPmsCp4pOjHh1rQcP8rckbuVsDoLXI8iODWUE2TIpv8QxowbWYYgpCed8kHfWMG736AaY1Mdd3N15owzKRbkis_hU68GN8ol96m_otgE3NL8FAqRWCTcxNTsSMqhxB8c25r5G7Qh1qlyAmHvpjHNQi3lom2ZKWxHnQsjen57_3zlcaBTKnclM72K1yuvNgEeLEUMvTzKV558rbIZuwKsJgASfQhJYM7Sgc3Zf-dL7eGxMAar5jAGLV0e50v7-nRdOhgk7uj36k0q10ceUkiCgPL_R7bfl9sgBPmWR2gi94V3VYvieMmvlKX07Luxq_4AQBgAa1_JHwlYSy7-IBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1EJRfbFprEuTn7cAn6LhfHQw5NlQ%26client%3Dca-pub-4663753467999594%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
926a4ca073c39c40cabffbf1b0371803f245f084cdb9177fc7b3f9d81c0e394d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1kr6g6ejqyc6a7fr67cemxs8jyjbmtnvq692tqbpsb2khzz7j4rbf3rrxw7s1c2769e87rzb29bdp0c483wp1g10yntensmny0hjvnm96zgfmnezjb7wnzj4wzr565cmvx8rmzynxzagtwy7dg065f50txgne4xkskf8jr424859chj3svprxecr7a1n963rh0vextjksz4z7ywnt2yptsjwxw57b4aa2wb8zdc37grrckfv84jspwvfrbjr9v898fcb768dqtj0g8cfqwsdbj1rraq14tx1cdh31vgr79rryr16j2fksmm0hw80x0jr32my33f44n892e7bdadkf22hsjr3bj52mvchrztpd12tgav4rp3b7s2r9c3bj2bw07znw1d4sdna3c7hcjmyzgcf2ksap54rnpcaa3fa6rw9m3vyvrjy5mfzvc8msph2kfe0p43p58&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCiEQdVIASZP_yLfHHgAeUp4-AC5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2NjM3NTM0Njc5OTk1OTTIAQmpAgDnZx5_v7E-4AIAqAMBqgSEAk_Q7gBQpO7JbEaAFZWRB0w-AEfP81mPmsCp4pOjHh1rQcP8rckbuVsDoLXI8iODWUE2TIpv8QxowbWYYgpCed8kHfWMG736AaY1Mdd3N15owzKRbkis_hU68GN8ol96m_otgE3NL8FAqRWCTcxNTsSMqhxB8c25r5G7Qh1qlyAmHvpjHNQi3lom2ZKWxHnQsjen57_3zlcaBTKnclM72K1yuvNgEeLEUMvTzKV558rbIZuwKsJgASfQhJYM7Sgc3Zf-dL7eGxMAar5jAGLV0e50v7-nRdOhgk7uj36k0q10ceUkiCgPL_R7bfl9sgBPmWR2gi94V3VYvieMmvlKX07Luxq_4AQBgAa1_JHwlYSy7-IBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1EJRfbFprEuTn7cAn6LhfHQw5NlQ%26client%3Dca-pub-4663753467999594%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:35:01 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime
1677666448
age
57689
cf-polished
origSize=96968
x-guploader-uploadid
ADPycduxnnyMRJTFaD4Dg7Hd8aRn6xTYu1PRy7TXWWh0GjCBxwAMZMkehaNAf-UCycuwqnGLPQWuj1EZCp5aL6ZRZOMYGSoR-sy7
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 01 Mar 2023 10:28:06 GMT
server
cloudflare
etag
W/"6110dc3a24c902508647a582294bcc25"
vary
Accept-Encoding
x-goog-generation
1677666486645030
content-type
text/css
x-goog-hash
crc32c=6qzuyQ==, md5=YRDcOiTJAlCGR6WCKUvMJQ==
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YymaoaKkKH%2BMwEw3xfI7xfPQMEQTeYtmrP8RaiH5pLSCY94AkUqIPgLOKJqmyPSeaCcTi6qn1jRtBR79CIQ7ds2DoLe%2FDinXiqaDia1y5BwGp017Zx%2BCJBNgLdyf7hRLKPxIkucBHNM%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
96968
cf-ray
7a8999b46fd59213-FRA
expires
Thu, 16 Mar 2023 03:35:01 GMT
r62eglto.js
ad4m.at/ Frame 1047 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/r62eglto.js
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1kr6g6ejqyc6a7fr67cemxs8jyjbmtnvq692tqbpsb2khzz7j4rbf3rrxw7s1c2769e87rzb29bdp0c483wp1g10yntensmny0hjvnm96zgfmnezjb7wnzj4wzr565cmvx8rmzynxzagtwy7dg065f50txgne4xkskf8jr424859chj3svprxecr7a1n963rh0vextjksz4z7ywnt2yptsjwxw57b4aa2wb8zdc37grrckfv84jspwvfrbjr9v898fcb768dqtj0g8cfqwsdbj1rraq14tx1cdh31vgr79rryr16j2fksmm0hw80x0jr32my33f44n892e7bdadkf22hsjr3bj52mvchrztpd12tgav4rp3b7s2r9c3bj2bw07znw1d4sdna3c7hcjmyzgcf2ksap54rnpcaa3fa6rw9m3vyvrjy5mfzvc8msph2kfe0p43p58&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCiEQdVIASZP_yLfHHgAeUp4-AC5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2NjM3NTM0Njc5OTk1OTTIAQmpAgDnZx5_v7E-4AIAqAMBqgSEAk_Q7gBQpO7JbEaAFZWRB0w-AEfP81mPmsCp4pOjHh1rQcP8rckbuVsDoLXI8iODWUE2TIpv8QxowbWYYgpCed8kHfWMG736AaY1Mdd3N15owzKRbkis_hU68GN8ol96m_otgE3NL8FAqRWCTcxNTsSMqhxB8c25r5G7Qh1qlyAmHvpjHNQi3lom2ZKWxHnQsjen57_3zlcaBTKnclM72K1yuvNgEeLEUMvTzKV558rbIZuwKsJgASfQhJYM7Sgc3Zf-dL7eGxMAar5jAGLV0e50v7-nRdOhgk7uj36k0q10ceUkiCgPL_R7bfl9sgBPmWR2gi94V3VYvieMmvlKX07Luxq_4AQBgAa1_JHwlYSy7-IBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1EJRfbFprEuTn7cAn6LhfHQw5NlQ%26client%3Dca-pub-4663753467999594%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2d5e67a38c9a11424cac19ce192c9fd124a6d74e64d3791a01561dbd3e39c0b4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:35:01 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 14 Mar 2023 13:45:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
132564
etag
W/"fcb2a26b07bd76d9a925cae661d6d94d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SibYqelk5O5RstOqKGU1IMUh1VdMb835cz4RAQBqQtYMYOytsWqk2tWk8YEKAl92mxrMAGcXZ5WfLLfZNkLZeIeZyf%2Fm4YZ3Y9xkhi4BFHSOob135JbN2JN7t8QW5POxIbAD%2FEM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray
7a8999b46fd69213-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 14 Mar 2023 13:45:37 GMT
System
www.dataunion.com.br/home/ 		145 B
336 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.dataunion.com.br/home/System?system=b8937c6a-e6fc-4276-a974-73656d502a37&callback=jsonp_callback_23288
Requested by
Host: www.dataunion.com.br
URL: https://www.dataunion.com.br/6e5a2071-a481-4f87-a09b-4f996121ee30
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
187.72.39.252 São Paulo, Brazil, ASN16735 (ALGAR TELECOM SA, BR),
Reverse DNS
www.dataunion.com.br
Software
/
Resource Hash
350f98951fa87bbd8b395a96d265fa9e4bbce056f193065edf8f71cbd56bcfe1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://istoe.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:35:00 GMT
content-encoding
gzip
access-control-allow-methods
GET, POST
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
content-length
148
ws-ad.js
wfpscripts.webspectator.com/ Frame 00B3 		21 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wfpscripts.webspectator.com/ws-ad.js
Requested by
Host: webservices.webspectator.com
URL: https://webservices.webspectator.com/adunitMapping?appId=2739&eaup=/22452847/Istoe_Home&eolid=null&eci=null&ct=%7B%7D&w=300&h=250&wsRotSlot=&isda=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.1.252.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-252-251.compute-1.amazonaws.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
9d02c3facc410ee6a9dceade80ce0bc710f6037df881453124d3f5c83a6241b5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://istoe.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:35:01 GMT
content-encoding
gzip
last-modified
Tue, 12 Feb 2019 15:34:42 GMT
server
nginx/1.10.3 (Ubuntu)
etag
"5134affc2f01c20ef17e399c5c7cbfbd"
x-cache-status
HIT
content-type
application/javascript
cache-control
max-age=300
content-length
8492
truncated
/ Frame 54AD 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f07619f52ec7903a7fe5c9725c9b742a44376c677bb67b3f58f0e5b0368d03d8

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type
image/png
pixel
cm.g.doubleclick.net/ Frame 0920
Redirect Chain
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEBQAEmbQlyIMXv9xJ8u4VAM&google_cver=1&google_push=Aa02lx-Hd8mbuevGeOqeIkSNjia9pMMGpL_7mUmAJviZYLjJQ5e3GGIxpl...
  • https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=Aa02lx-Hd8mbuevGeOqeIkSNjia9pMMGpL_7mUmAJviZYLjJQ5e3GGIxpl6vj21GgLfdgbtQGSFag2CyEMk0NyNtdhiLpXL9rUm1&google_hm=RRHcez6TAyIA...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=Aa02lx-Hd8mbuevGeOqeIkSNjia9pMMGpL_7mUmAJviZYLjJQ5e3GGIxpl6vj21GgLfdgbtQGSFag2CyEMk0NyNtdhiLpXL9rUm1&google_hm=RRHcez6TAyIA49RpZJ4gmQ
Requested by
Host: 3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com
URL: https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Mar 2023 02:35:01 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=Aa02lx-Hd8mbuevGeOqeIkSNjia9pMMGpL_7mUmAJviZYLjJQ5e3GGIxpl6vj21GgLfdgbtQGSFag2CyEMk0NyNtdhiLpXL9rUm1&google_hm=RRHcez6TAyIA49RpZJ4gmQ
pragma
no-cache
date
Thu, 16 Mar 2023 02:35:01 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
strict-transport-security
max-age=86400
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
466606.gif
id.rlcdn.com/ Frame 0920 		0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/466606.gif?cparams=google_push%3DAa02lx8Qz6i-8PI6vAISfejaEDfj-A4srJbHb6QF5H1Rqa95dtmwbIKNEH_0A8HJYyzzgoThK_A5qv5LNAssGmj4uLnU-n7ARio&google_gid=CAESEMQ6JMWPMmsMSAqUmMKkOYc&google_cver=1
Requested by
Host: 3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com
URL: https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:35:01 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
dds
rtb.openx.net/sync/ Frame 0920 		43 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEPeHcUIlsCt3xWHlcjGdQL4&google_cver=1&google_push=Aa02lx-i-EpgcH1SVkLxqJRtHfTyqnmxEYXhbHLBx6xCtP2rHe2RCrfSzEFpRFXyw69MCc3cm5puu5L-0tQCsgxGsUXNKn1jaP7_
Requested by
Host: 3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com
URL: https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Mar 2023 02:35:00 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
2uf4rb33jj1sp1n49njqs1imnm7e32mi
pixel
cm.g.doubleclick.net/ Frame 0920
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=R2P-67vIS-uNSMH57vsZFQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=R2P-67vIS-uNSMH57vsZFQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aa02lx8gQv5227PO6zn3MBhy6BGTi2eodaRCAFsknpp4fd0ihza0qVwF7cMEA4DeTtCHtbm1twFmkw08Y8OSNAkQ0HlOJ3rIVFf-
Requested by
Host: 3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com
URL: https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Mar 2023 02:35:01 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=R2P-67vIS-uNSMH57vsZFQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aa02lx8gQv5227PO6zn3MBhy6BGTi2eodaRCAFsknpp4fd0ihza0qVwF7cMEA4DeTtCHtbm1twFmkw08Y8OSNAkQ0HlOJ3rIVFf-
date
Thu, 16 Mar 2023 02:35:01 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 0920
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESELOOnR3Or4tGNfqO-ZuswaA&google_cver=1&google_push=Aa02lx85E8rOQu4lkCttf0xwdwm_bc0vg7NbMPVuYPQ3_xD5gvMbiibdmmwnrmqyFqQ6cHkYMLO...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEZBSTBKS1MtMi0yV0FE&google_push=Aa02lx85E8rOQu4lkCttf0xwdwm_bc0vg7NbMPVuYPQ3_xD5gvMbiibdmmwnrmqyFqQ6cHkYMLOGGNjeoQvbJaEHmoJQQ3Reaxs
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEZBSTBKS1MtMi0yV0FE&google_push=Aa02lx85E8rOQu4lkCttf0xwdwm_bc0vg7NbMPVuYPQ3_xD5gvMbiibdmmwnrmqyFqQ6cHkYMLOGGNjeoQvbJaEHmoJQQ3Reaxs
Requested by
Host: 3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com
URL: https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Mar 2023 02:35:01 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEZBSTBKS1MtMi0yV0FE&google_push=Aa02lx85E8rOQu4lkCttf0xwdwm_bc0vg7NbMPVuYPQ3_xD5gvMbiibdmmwnrmqyFqQ6cHkYMLOGGNjeoQvbJaEHmoJQQ3Reaxs
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
66ef90d06496cfd000aab8206f2b6221
Expires
0
pixel
cm.g.doubleclick.net/ Frame 0920
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEA4gwKpoxe-yiswdCzBKdo8&google_cver=1&googl...
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEA4gwKpoxe-yiswdCzBKdo8&google_push=Aa...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEA4gwKpoxe-yiswdCzBKdo8&google_hm=ZBKAVfho4sdd9xtVFr86WwAAFJkAAAIB&google_nid=index&google_push=Aa02lx8E78Q2cUQdJ1hM_vQAEvyNdAvlfaxgL...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEA4gwKpoxe-yiswdCzBKdo8&google_hm=ZBKAVfho4sdd9xtVFr86WwAAFJkAAAIB&google_nid=index&google_push=Aa02lx8E78Q2cUQdJ1hM_vQAEvyNdAvlfaxgLg_61Oi5ZmGA_I3NCirdDVM9-Ap8AiLpb4JhyDm3gDvy1RsMXOMoSJi50-6fJmXc
Protocol
H3
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Mar 2023 02:35:01 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 16 Mar 2023 02:35:01 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEA4gwKpoxe-yiswdCzBKdo8&google_hm=ZBKAVfho4sdd9xtVFr86WwAAFJkAAAIB&google_nid=index&google_push=Aa02lx8E78Q2cUQdJ1hM_vQAEvyNdAvlfaxgLg_61Oi5ZmGA_I3NCirdDVM9-Ap8AiLpb4JhyDm3gDvy1RsMXOMoSJi50-6fJmXc
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
0
Expires
0
trk
ag.innovid.com/ Frame 0920 		43 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ag.innovid.com/trk?tid=11711&google_gid=CAESEKeIaT3YMyMLj8drVOLgHhM&google_cver=1&google_push=Aa02lx9q5OV-mxxB2ZBnYFYkQNvrc7ilhf3am2UuYX_N5ijx0mcyqLF2d_Pmmmtc5V9rLRnqfscvysrBYBJFDfeSbPUD8lm5zjn5
Requested by
Host: 3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com
URL: https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d01c:1d8:8102:54e2:82c3:807e:8ba London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 16 Mar 2023 02:35:01 GMT
cache-control
no-cache
content-length
43
request-time
0
expires
-1
attr
cm.g.doubleclick.net/pixel/ Frame 0920 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JdZPF46egPqIEidcwVBcmgvMm4QbR--42G4dZ4xnUwQhcKvW6L7B3rPw2DfKDM0UVdynTI
Requested by
Host: 3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com
URL: https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:35:01 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
frame.html
ad4m.at/ Frame 8EB4 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
293466
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
public, max-age=3600
cf-cache-status
HIT
cf-ray
7a8999b4bfeb9213-FRA
content-encoding
br
content-language
en
content-type
text/html; charset=utf-8
date
Thu, 16 Mar 2023 02:35:01 GMT
expires
Mon, 27 Feb 2023 21:37:06 GMT
last-modified
Thu, 25 Aug 2022 14:12:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1%2Ft2SfwxBIp0q3sr2d9ZiXpirYs%2FjpZV2q7nf14iny%2FK2NqOt5a%2BGq3aL4ldfdhTismSP0zW%2BqJAWbhsOTdSB5vfTk9V2oQU8hEE0OPRfNp7vAuunetYrRow5A90jx0%2BwFPahnQ%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 1047 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.35/one-ad/default.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:444e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:35:01 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
959
x-guploader-uploadid
ADPycdvwP-NwgXqNEbyI2qkcz3h5-Ehsvrbo1BzPr2w5R7YEx4A4494G82MbZGb67-CgTESrTtVZjLf5PX4N9CeItuw
x-goog-storage-class
STANDARD
x-goog-custom-time
1970-01-01T00:00:00Z
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3262
x-goog-meta-
last-modified
Wed, 09 Jun 2021 12:35:14 GMT
server
cloudflare
etag
"794c84d30e213ec6a144d64215f07551"
vary
Accept-Encoding
x-goog-generation
1623242114099744
content-type
image/png
x-goog-hash
crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
cache-control
public, max-age=31536000, immutable
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x9Syz%2BfDs1XwagkDuP5KQ5n2pHWYbZWduFDfZlGMqmYNetwVFLr94%2BbahZ%2Fxs3J6E9qvU2dBY25JbiwHFXG9mrntAdW3GoUe%2BZ1XCHfYXLB4Yy9%2BeoSAplMcQuAGXfAWwphSdXL3uCmBzEfbjXze5eV8"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
3262
accept-ranges
bytes
cf-ray
7a8999b4efe1901c-FRA
expires
Thu, 16 Mar 2023 03:09:11 GMT
frame.html
ad4m.at/ Frame 6CF5 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
293466
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
public, max-age=3600
cf-cache-status
HIT
cf-ray
7a8999b4bff09213-FRA
content-encoding
br
content-language
en
content-type
text/html; charset=utf-8
date
Thu, 16 Mar 2023 02:35:01 GMT
expires
Mon, 27 Feb 2023 21:37:06 GMT
last-modified
Thu, 25 Aug 2022 14:12:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JD31xWkpLsye29nJTRdWFySncreb2x95ryYMzC2mH%2Ff89FRpr%2Fmfw1Ni9n6pWNzp%2BfBuY%2FKzMgFC%2B%2FYgeokQv8q2nSLEdmUL6tifJ5w04MALu7ZgpuPC3r%2BmiAU5qTMV0QGlI8k%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
ws-ad.js
wfpscripts.webspectator.com/ Frame DE32 		21 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wfpscripts.webspectator.com/ws-ad.js
Requested by
Host: webservices.webspectator.com
URL: https://webservices.webspectator.com/adunitMapping?appId=2739&eaup=/22452847/Istoe_Home&eolid=null&eci=null&ct=%7B%7D&w=300&h=250&wsRotSlot=&isda=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.1.252.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-252-251.compute-1.amazonaws.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
9d02c3facc410ee6a9dceade80ce0bc710f6037df881453124d3f5c83a6241b5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://istoe.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:35:01 GMT
content-encoding
gzip
last-modified
Tue, 12 Feb 2019 15:34:42 GMT
server
nginx/1.10.3 (Ubuntu)
etag
"5134affc2f01c20ef17e399c5c7cbfbd"
x-cache-status
HIT
content-type
application/javascript
cache-control
max-age=300
content-length
8492
rs
ad4m.at/ Frame 1047 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8b099db3da1b8df039a52f312d3c11cadb45738036cbcb1d27bd693c698a585c

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 16 Mar 2023 02:35:01 GMT
via
1.1 google
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9yJduNdK%2BzyVh2KL9Jpk4WxOLsgXwL8H7q9nXgpGvSzPIRfaWHFmMQgWXObtsG%2FoSn%2BFVUXjFnM5RLPGbyHa9asXIWcC8hJfn%2FVSPYDruvsOqzKG3%2B3R9MZFf%2BIfBZJcvUkAAgU%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://as.ad4m.at
access-control-allow-credentials
true
cf-ray
7a8999b58fc99295-FRA
x-backend-server
aa-reachservice-group-europe-west1-8tkt
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
rs
ad4m.at/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin
https://as.ad4m.at
access-control-max-age
1800
allow
HEAD,POST,GET,OPTIONS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7a8999b53fab9295-FRA
content-length
24
content-type
text/plain
date
Thu, 16 Mar 2023 02:35:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XIE7osV5aU3QMhXb01ngFAm8SkkdkcZNhjxOWUepHjyWrTRpMyvQQuonxx3H%2FflWVfUhxXM%2BMq4w4cOsVabQjjWP1R17kFcN9thhDCh105KLIczECeJVUoRbPyOZnLDVkvtuFas%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
via
1.1 google
x-backend-server
aa-reachservice-group-europe-west1-8tkt
rs
ad4m.at/ Frame D7D9 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc451e9c012385a447dc5f65ccdf0f5c3e06932bdf734f8842c184439b2ce7d6

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 16 Mar 2023 02:35:01 GMT
via
1.1 google
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BJhWJyhfjTnJyiLwLUWNTtEUlIAmtohW1IBNB4JxQEJsWmyOW0pwjezbskWVEQlRFGtBHgW9WO3m%2FwVcCWwd5Cc%2B6P%2FCxfuAnxvAaqnfkieH0JV%2BIRthTV3Y2qisucIE7x0ABEg%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://as.ad4m.at
access-control-allow-credentials
true
cf-ray
7a8999b58fc89295-FRA
x-backend-server
aa-reachservice-group-europe-west1-8tkt
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
rs
ad4m.at/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin
https://as.ad4m.at
access-control-max-age
1800
allow
HEAD,POST,GET,OPTIONS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7a8999b53faa9295-FRA
content-length
24
content-type
text/plain
date
Thu, 16 Mar 2023 02:35:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w0ErdEPKmmAaIvOi1jKU5bOxmKGZeO2IX%2BrV%2BmZ8gVOIpYXEnO0UnRsWU4aSQ6cD5O3kguQYXn7dq6uk5fDix748NTjR0fR8VRlNmv9nRZfFupQ7FabouqPQ%2B8Ho5%2BnN%2FNuyRWc%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
via
1.1 google
x-backend-server
aa-reachservice-group-europe-west1-8tkt
T2.min.js
resources-rt.idx.lat/ 		21 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources-rt.idx.lat/T2.min.js
Requested by
Host: api.retargetly.com
URL: https://api.retargetly.com/loader?id=3368
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4acb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8efa0eab429a14422a4ac296450bac0e25c5df201ff1cb8702428de7db12e38d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://istoe.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:35:01 GMT
content-encoding
gzip
via
1.1 b26b931354407da013ac53d2c1c55034.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-cf-pop
FRA56-P6
age
943
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Fri, 24 Feb 2023 15:55:49 GMT
server
cloudflare
etag
W/"8e0df47ad15b6ffe9c938c99281a87da"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=86400
cf-ray
7a8999b59962bbda-FRA
x-amz-cf-id
7UDcYtbHDSH_zoFOU51gUrEQLd1h2W6X-KlzgUBpfygsVKGqa3fTsg==
api
api.retargetly.com/ Frame A8BB
Redirect Chain
  • https://api.retargetly.com/api?id=3368&src=0&url=https%3A%2F%2Fistoe.com.br%2F&browserUrl=undefined&ref=&utmz=&n=ISTO%C3%89%20Independente&md=A%20mais%20combativa%20revista%20semanal%20de%20informa...
  • https://api.retargetly.com/api?id=3368&src=0&url=https%3A%2F%2Fistoe.com.br%2F&browserUrl=undefined&ref=&utmz=&n=ISTO%C3%89%20Independente&md=A%20mais%20combativa%20revista%20semanal%20de%20informa...
3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://api.retargetly.com/api?id=3368&src=0&url=https%3A%2F%2Fistoe.com.br%2F&browserUrl=undefined&ref=&utmz=&n=ISTO%C3%89%20Independente&md=A%20mais%20combativa%20revista%20semanal%20de%20informa%C3%A7%C3%A3o%20e%20interesse%20geral%20do%20Brasil&mk=&il=0&limit_drop=&userid=925d32e2-f5b2-4194-978f-0a1081db4ee1&idx=&fullVersionList=&platform=&_rlid=925d32e2-f5b2-4194-978f-0a1081db4ee1
Requested by
Host: api.retargetly.com
URL: https://api.retargetly.com/loader?id=3368
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:118d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b50e47cb27a315b852f291b6e3c63d64397154965b7cf3971d1ac17cfdc477c4

Request headers

Referer
https://istoe.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
7a8999b5eb8d9a0f-FRA
content-encoding
gzip
content-type
text/html
date
Thu, 16 Mar 2023 02:35:01 GMT
expires
0
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
pragma
no-cache
server
cloudflare

Redirect headers

access-control-allow-origin
*
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
7a8999b54b309a0f-FRA
content-type
application/javascript
date
Thu, 16 Mar 2023 02:35:01 GMT
expires
0
location
/api?id=3368&src=0&url=https%3A%2F%2Fistoe.com.br%2F&browserUrl=undefined&ref=&utmz=&n=ISTO%C3%89%20Independente&md=A%20mais%20combativa%20revista%20semanal%20de%20informa%C3%A7%C3%A3o%20e%20interesse%20geral%20do%20Brasil&mk=&il=0&limit_drop=&userid=925d32e2-f5b2-4194-978f-0a1081db4ee1&idx=&fullVersionList=&platform=&_rlid=925d32e2-f5b2-4194-978f-0a1081db4ee1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
pragma
no-cache
server
cloudflare
ws-ad.js
wfpscripts.webspectator.com/ Frame DD01 		21 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wfpscripts.webspectator.com/ws-ad.js
Requested by
Host: webservices.webspectator.com
URL: https://webservices.webspectator.com/adunitMapping?appId=2739&eaup=/22452847/Istoe_Home&eolid=null&eci=null&ct=%7B%22pos%22%3A%5B%222%22%5D%7D&w=728&h=90&wsRotSlot=&isda=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.1.252.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-252-251.compute-1.amazonaws.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
9d02c3facc410ee6a9dceade80ce0bc710f6037df881453124d3f5c83a6241b5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://istoe.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:35:01 GMT
content-encoding
gzip
last-modified
Tue, 12 Feb 2019 15:34:42 GMT
server
nginx/1.10.3 (Ubuntu)
etag
"5134affc2f01c20ef17e399c5c7cbfbd"
x-cache-status
HIT
content-type
application/javascript
cache-control
max-age=300
content-length
8492
ws-ad.js
wfpscripts.webspectator.com/ Frame F0D5 		21 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wfpscripts.webspectator.com/ws-ad.js
Requested by
Host: webservices.webspectator.com
URL: https://webservices.webspectator.com/adunitMapping?appId=2739&eaup=/22452847/Istoe_Home&eolid=null&eci=null&ct=%7B%22pos%22%3A%5B%22top%22%5D%7D&w=728&h=90&wsRotSlot=&isda=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.1.252.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-252-251.compute-1.amazonaws.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
9d02c3facc410ee6a9dceade80ce0bc710f6037df881453124d3f5c83a6241b5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://istoe.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:35:01 GMT
content-encoding
gzip
last-modified
Tue, 12 Feb 2019 15:34:42 GMT
server
nginx/1.10.3 (Ubuntu)
etag
"5134affc2f01c20ef17e399c5c7cbfbd"
x-cache-status
HIT
content-type
application/javascript
cache-control
max-age=300
content-length
8492
/
rt.idx.lat/idx/ 		182 B
500 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rt.idx.lat/idx/
Requested by
Host: resources-rt.idx.lat
URL: https://resources-rt.idx.lat/T2.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.0.154.92 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-0-154-92.compute-1.amazonaws.com
Software
awselb/2.0 /
Resource Hash
38cf0f0a1ddbfe3571789926232369a2e69394522990c08511ff1b12ec62b6e1

Request headers

Referer
https://istoe.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 16 Mar 2023 02:35:02 GMT
server
awselb/2.0
access-control-allow-methods
OPTIONS,POST
content-type
application/json
access-control-allow-origin
https://istoe.com.br
access-control-allow-credentials
true
access-control-allow-headers
content-type
content-length
182
/
rt.idx.lat/idx/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://rt.idx.lat/idx/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.0.154.92 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-0-154-92.compute-1.amazonaws.com
Software
awselb/2.0 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://istoe.com.br
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
OPTIONS,POST
access-control-allow-origin
https://istoe.com.br
content-length
0
content-type
application/json
date
Thu, 16 Mar 2023 02:35:01 GMT
server
awselb/2.0
rar
as.ad4m.at/ad/ Frame 2F13 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/rar?a=117569%2C23576%2C188429&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2C1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQ%2CmD8hefGfWJ6jsmHZHZtztJGjTKSwTeezuGgw2&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2Cw7DHdfjf8V8cEHRH2tEC447HzSATmm3aKJ23%2C791CqfzfjD9JarHXHgtECVdXS4S1TQQ2f2kBW&c=300&d=250&e=&g=25e6c7aeb1b44dbbf8c55b0596511241%2F2691818786668666848&i=29981%2C20774%2C21596&j=16%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1678934101377&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j5gkp344grpf1az49ek8szpjtqymffqs7q44mc3bdg7shr3s98w09eh25ajbta2rj5bm3awpwxh63vzj6e8fp8y882rm3mf4py61h1fesdvqba6w1vsh1jpxb813pvanyka1nd0vwkm34xss9d00dhj2rsth217nzhj4pp5wc3d1nk03gpejbxz9r66ab7hwzq2wrf4d04nbgtgpxedfggytktscsy6zwj7cx769vhx5kj9grr1qt6hqtsbjbhk7j0e1jjc9argefpw8qgtbbbs%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCiEQdVIASZP_yLfHHgAeUp4-AC5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2NjM3NTM0Njc5OTk1OTTIAQmpAgDnZx5_v7E-4AIAqAMBqgSEAk_Q7gBQpO7JbEaAFZWRB0w-AEfP81mPmsCp4pOjHh1rQcP8rckbuVsDoLXI8iODWUE2TIpv8QxowbWYYgpCed8kHfWMG736AaY1Mdd3N15owzKRbkis_hU68GN8ol96m_otgE3NL8FAqRWCTcxNTsSMqhxB8c25r5G7Qh1qlyAmHvpjHNQi3lom2ZKWxHnQsjen57_3zlcaBTKnclM72K1yuvNgEeLEUMvTzKV558rbIZuwKsJgASfQhJYM7Sgc3Zf-dL7eGxMAar5jAGLV0e50v7-nRdOhgk7uj36k0q10ceUkiCgPL_R7bfl9sgBPmWR2gi94V3VYvieMmvlKX07Luxq_4AQBgAa1_JHwlYSy7-IBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1EJRfbFprEuTn7cAn6LhfHQw5NlQ%2526client%253Dca-pub-4663753467999594%2526adurl%253D&y=1&s=&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6ffa18de6a57d80459476d5bb52bbb417c61e77d2f92b1328431b4e27cb83141
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://as.ad4m.at/ad/dr?ed=1kr6g6ejqyc6a7fr67cemxs8jyjbmtnvq692tqbpsb2khzz7j4rbf3rrxw7s1c2769e87rzb29bdp0c483wp1g10yntensmny0hjvnm96zgfmnezjb7wnzj4wzr565cmvx8rmzynxzagtwy7dg065f50txgne4xkskf8jr424859chj3svprxecr7a1n963rh0vextjksz4z7ywnt2yptsjwxw57b4aa2wb8zdc37grrckfv84jspwvfrbjr9v898fcb768dqtj0g8cfqwsdbj1rraq14tx1cdh31vgr79rryr16j2fksmm0hw80x0jr32my33f44n892e7bdadkf22hsjr3bj52mvchrztpd12tgav4rp3b7s2r9c3bj2bw07znw1d4sdna3c7hcjmyzgcf2ksap54rnpcaa3fa6rw9m3vyvrjy5mfzvc8msph2kfe0p43p58&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCiEQdVIASZP_yLfHHgAeUp4-AC5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2NjM3NTM0Njc5OTk1OTTIAQmpAgDnZx5_v7E-4AIAqAMBqgSEAk_Q7gBQpO7JbEaAFZWRB0w-AEfP81mPmsCp4pOjHh1rQcP8rckbuVsDoLXI8iODWUE2TIpv8QxowbWYYgpCed8kHfWMG736AaY1Mdd3N15owzKRbkis_hU68GN8ol96m_otgE3NL8FAqRWCTcxNTsSMqhxB8c25r5G7Qh1qlyAmHvpjHNQi3lom2ZKWxHnQsjen57_3zlcaBTKnclM72K1yuvNgEeLEUMvTzKV558rbIZuwKsJgASfQhJYM7Sgc3Zf-dL7eGxMAar5jAGLV0e50v7-nRdOhgk7uj36k0q10ceUkiCgPL_R7bfl9sgBPmWR2gi94V3VYvieMmvlKX07Luxq_4AQBgAa1_JHwlYSy7-IBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1EJRfbFprEuTn7cAn6LhfHQw5NlQ%26client%3Dca-pub-4663753467999594%26adurl%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
7a8999b5c8669213-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Thu, 16 Mar 2023 02:35:01 GMT
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
rar
as.ad4m.at/ad/ Frame EA63 		3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/rar?a=117569&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=300&d=50&e=&g=3fd3a9e393a89ccf7cfc346b485cc1e6%2F13706121768195100782&i=29981&j=16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1678934101378&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gdmwkbp2zn0k1wpnbk3dxy7hw8vx5q3nx00a79f0w25fpky3e8bddm2dht5qbq2vew0za126z8jcrbazydrwxwmx55w0ka0cdz6mexmnfykambxeprqpj82krntj5x2v2m812vmhxzk97cttztv2xdwh51ft329rkavk7rntpz63drqqscs08m3cm0me4866c612adggdcmxsrckns5hdtzh7jpbmggqnvxhj54s75ksrhnz0xp0aj7nvh9bvrt6sx0redw3kwxhsddrz4fahdc%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCqRdFVIASZN6uItfkx_AP1u6-uAKQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi00NjYzNzUzNDY3OTk5NTk0yAEJqQIA52cef7-xPuACAKgDAaoEhAJP0Ofdx4q8XBq5tJOnYvu7qF4_hkJEYKHfiPk5yQCVoNOY0YQZ2LZjk40MIoTZW9QcTgN0lVJ9Ynl5UEPEc8XPl2UN-kn0mKkHINdiG61ZFCuNEx2TOP1XL5GgmfM3AS0lylUlDYxLRkucklXuc2NzalwG7LpHqXx5pFmFaZqdYI9S1cVvc7mPRwQ41wTg0FGr2uXVxzmv4DMtwChOeM9Giq3IwajQ8jLOZ49Lcr1LxmwMwupkQDv6tx5d0lQK2B3TPScSJyyeIc-8bV6uv6G4JzDJ1Ckdl2YV23xwaWVWhBwDXUKCHxpRyTwO4lHdVn55Iu-M_skX7Fx7jHMtz3naO4hJs-AEAYAGmpb-sfuW9_XIAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3v7_XTkID9SZOrn-HTnhR28xABcg%2526client%253Dca-pub-4663753467999594%2526adurl%253D&y=1&s=&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5e34069049c0537d4f9e88f2af7b9cf4ec04fed90365f2ef2e8dbd2ed8fc784
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://as.ad4m.at/ad/dr?ed=1ge6p0phj9812vb6rgfs87gz9fkff76m5dtcwvpawzenp68vcacfebk2jhvhd4s10kzwgx2q0es2qks9m3rfp25t4gxq493nrwmydbrk1d93rb8mdf7w37y3edtgsfzk86tejkzq80q2gkmw7f7phks39k2zhjj1e057dg24m9q012aapmzjzhp6ar6xpv5saxns760c3ybkweh4cejxtxqe95ncw6t083byyezqqrk86yp5pak9sqdvhtqemfpgwabh37c803gq3kqpy5qfwd85xyhhe0v9zdb5tsffwarvabr5thxkjkfznrc0t9mns9gdkdc68t4xcdbn5djm7j5p88e618y11d7ww3z2p57ye399vph0w6c3dvx1g2hrmrhpa2fe95pk6ghjk9jyq6dh5j9j7ypsrbgwaqrfdv0skg0b9j9a9t5kaehy0br0nc1g5mh3&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCqRdFVIASZN6uItfkx_AP1u6-uAKQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi00NjYzNzUzNDY3OTk5NTk0yAEJqQIA52cef7-xPuACAKgDAaoEhAJP0Ofdx4q8XBq5tJOnYvu7qF4_hkJEYKHfiPk5yQCVoNOY0YQZ2LZjk40MIoTZW9QcTgN0lVJ9Ynl5UEPEc8XPl2UN-kn0mKkHINdiG61ZFCuNEx2TOP1XL5GgmfM3AS0lylUlDYxLRkucklXuc2NzalwG7LpHqXx5pFmFaZqdYI9S1cVvc7mPRwQ41wTg0FGr2uXVxzmv4DMtwChOeM9Giq3IwajQ8jLOZ49Lcr1LxmwMwupkQDv6tx5d0lQK2B3TPScSJyyeIc-8bV6uv6G4JzDJ1Ckdl2YV23xwaWVWhBwDXUKCHxpRyTwO4lHdVn55Iu-M_skX7Fx7jHMtz3naO4hJs-AEAYAGmpb-sfuW9_XIAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3v7_XTkID9SZOrn-HTnhR28xABcg%26client%3Dca-pub-4663753467999594%26adurl%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
7a8999b5c8679213-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Thu, 16 Mar 2023 02:35:01 GMT
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
container.html
3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame D90A 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031301.js?cb=31073052
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://istoe.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 16 Mar 2023 02:34:59 GMT
expires
Fri, 15 Mar 2024 02:34:59 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
SystemObject
www.dataunion.com.br/Home/ 		93 B
251 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.dataunion.com.br/Home/SystemObject
Requested by
Host: www.dataunion.com.br
URL: https://www.dataunion.com.br/6e5a2071-a481-4f87-a09b-4f996121ee30
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
187.72.39.252 São Paulo, Brazil, ASN16735 (ALGAR TELECOM SA, BR),
Reverse DNS
www.dataunion.com.br
Software
/
Resource Hash
b639deaa2722cec90d6103c6e70b21d8836db3e2a6c5a5fe1624c9c73eb4dd6d

Request headers

Referer
https://istoe.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Thu, 16 Mar 2023 02:35:01 GMT
content-encoding
gzip
access-control-allow-methods
GET, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
content-length
94
default.css
as.ad4m.at/ad/style/0.1.35/one-ad/ Frame EA63 		94 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.35/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=300&d=50&e=&g=3fd3a9e393a89ccf7cfc346b485cc1e6%2F13706121768195100782&i=29981&j=16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1678934101378&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gdmwkbp2zn0k1wpnbk3dxy7hw8vx5q3nx00a79f0w25fpky3e8bddm2dht5qbq2vew0za126z8jcrbazydrwxwmx55w0ka0cdz6mexmnfykambxeprqpj82krntj5x2v2m812vmhxzk97cttztv2xdwh51ft329rkavk7rntpz63drqqscs08m3cm0me4866c612adggdcmxsrckns5hdtzh7jpbmggqnvxhj54s75ksrhnz0xp0aj7nvh9bvrt6sx0redw3kwxhsddrz4fahdc%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCqRdFVIASZN6uItfkx_AP1u6-uAKQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi00NjYzNzUzNDY3OTk5NTk0yAEJqQIA52cef7-xPuACAKgDAaoEhAJP0Ofdx4q8XBq5tJOnYvu7qF4_hkJEYKHfiPk5yQCVoNOY0YQZ2LZjk40MIoTZW9QcTgN0lVJ9Ynl5UEPEc8XPl2UN-kn0mKkHINdiG61ZFCuNEx2TOP1XL5GgmfM3AS0lylUlDYxLRkucklXuc2NzalwG7LpHqXx5pFmFaZqdYI9S1cVvc7mPRwQ41wTg0FGr2uXVxzmv4DMtwChOeM9Giq3IwajQ8jLOZ49Lcr1LxmwMwupkQDv6tx5d0lQK2B3TPScSJyyeIc-8bV6uv6G4JzDJ1Ckdl2YV23xwaWVWhBwDXUKCHxpRyTwO4lHdVn55Iu-M_skX7Fx7jHMtz3naO4hJs-AEAYAGmpb-sfuW9_XIAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3v7_XTkID9SZOrn-HTnhR28xABcg%2526client%253Dca-pub-4663753467999594%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
926a4ca073c39c40cabffbf1b0371803f245f084cdb9177fc7b3f9d81c0e394d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/rar?a=117569&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=300&d=50&e=&g=3fd3a9e393a89ccf7cfc346b485cc1e6%2F13706121768195100782&i=29981&j=16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1678934101378&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gdmwkbp2zn0k1wpnbk3dxy7hw8vx5q3nx00a79f0w25fpky3e8bddm2dht5qbq2vew0za126z8jcrbazydrwxwmx55w0ka0cdz6mexmnfykambxeprqpj82krntj5x2v2m812vmhxzk97cttztv2xdwh51ft329rkavk7rntpz63drqqscs08m3cm0me4866c612adggdcmxsrckns5hdtzh7jpbmggqnvxhj54s75ksrhnz0xp0aj7nvh9bvrt6sx0redw3kwxhsddrz4fahdc%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCqRdFVIASZN6uItfkx_AP1u6-uAKQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi00NjYzNzUzNDY3OTk5NTk0yAEJqQIA52cef7-xPuACAKgDAaoEhAJP0Ofdx4q8XBq5tJOnYvu7qF4_hkJEYKHfiPk5yQCVoNOY0YQZ2LZjk40MIoTZW9QcTgN0lVJ9Ynl5UEPEc8XPl2UN-kn0mKkHINdiG61ZFCuNEx2TOP1XL5GgmfM3AS0lylUlDYxLRkucklXuc2NzalwG7LpHqXx5pFmFaZqdYI9S1cVvc7mPRwQ41wTg0FGr2uXVxzmv4DMtwChOeM9Giq3IwajQ8jLOZ49Lcr1LxmwMwupkQDv6tx5d0lQK2B3TPScSJyyeIc-8bV6uv6G4JzDJ1Ckdl2YV23xwaWVWhBwDXUKCHxpRyTwO4lHdVn55Iu-M_skX7Fx7jHMtz3naO4hJs-AEAYAGmpb-sfuW9_XIAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3v7_XTkID9SZOrn-HTnhR28xABcg%2526client%253Dca-pub-4663753467999594%2526adurl%253D&y=1&s=&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:35:01 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime
1677666448
age
57689
cf-polished
origSize=96968
x-guploader-uploadid
ADPycduxnnyMRJTFaD4Dg7Hd8aRn6xTYu1PRy7TXWWh0GjCBxwAMZMkehaNAf-UCycuwqnGLPQWuj1EZCp5aL6ZRZOMYGSoR-sy7
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 01 Mar 2023 10:28:06 GMT
server
cloudflare
etag
W/"6110dc3a24c902508647a582294bcc25"
vary
Accept-Encoding
x-goog-generation
1677666486645030
content-type
text/css
x-goog-hash
crc32c=6qzuyQ==, md5=YRDcOiTJAlCGR6WCKUvMJQ==
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kUfk4IPFQM71icXa2G011q4Av87oqMDbACtgHSVMwPXZ%2F2TK4b9fShs6VX8gr9i4v5hsLOV%2Fzz1DL%2FlBFxmHx8DpTmm5Qas2gwi%2FnIu0KvRuReO6zPRBf4OcO9wiHrn3ywCetiTjpzY%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
96968
cf-ray
7a8999b6088d9213-FRA
expires
Thu, 16 Mar 2023 03:35:01 GMT
A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266
assets.ad4m.at/logo/ Frame EA63 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=300&d=50&e=&g=3fd3a9e393a89ccf7cfc346b485cc1e6%2F13706121768195100782&i=29981&j=16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1678934101378&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gdmwkbp2zn0k1wpnbk3dxy7hw8vx5q3nx00a79f0w25fpky3e8bddm2dht5qbq2vew0za126z8jcrbazydrwxwmx55w0ka0cdz6mexmnfykambxeprqpj82krntj5x2v2m812vmhxzk97cttztv2xdwh51ft329rkavk7rntpz63drqqscs08m3cm0me4866c612adggdcmxsrckns5hdtzh7jpbmggqnvxhj54s75ksrhnz0xp0aj7nvh9bvrt6sx0redw3kwxhsddrz4fahdc%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCqRdFVIASZN6uItfkx_AP1u6-uAKQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi00NjYzNzUzNDY3OTk5NTk0yAEJqQIA52cef7-xPuACAKgDAaoEhAJP0Ofdx4q8XBq5tJOnYvu7qF4_hkJEYKHfiPk5yQCVoNOY0YQZ2LZjk40MIoTZW9QcTgN0lVJ9Ynl5UEPEc8XPl2UN-kn0mKkHINdiG61ZFCuNEx2TOP1XL5GgmfM3AS0lylUlDYxLRkucklXuc2NzalwG7LpHqXx5pFmFaZqdYI9S1cVvc7mPRwQ41wTg0FGr2uXVxzmv4DMtwChOeM9Giq3IwajQ8jLOZ49Lcr1LxmwMwupkQDv6tx5d0lQK2B3TPScSJyyeIc-8bV6uv6G4JzDJ1Ckdl2YV23xwaWVWhBwDXUKCHxpRyTwO4lHdVn55Iu-M_skX7Fx7jHMtz3naO4hJs-AEAYAGmpb-sfuW9_XIAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3v7_XTkID9SZOrn-HTnhR28xABcg%2526client%253Dca-pub-4663753467999594%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af7a66542220ecfb2b8fa0286b60ffa95c1c8047df094654a90e1ff75f848ef5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:35:01 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1033717
cf-polished
origFmt=png, origSize=9357
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2330
cf-bgj
imgq:85,h2pri
last-modified
Thu, 08 Apr 2021 14:26:03 GMT
server
cloudflare
etag
"8cc161b392f5744da5319a4da549b763"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W2UK2O2vYxxmC01YxkpNKD2mQIk2Uozv5btuO4FI9YrKEScndW8heM1VvH5e9sEfMYnYSgzEl9BIGYF3tKuXhLXritr7%2FXdqN5ivTHqZq82nGjXvVzC8MPDjCERWTsyM%2BWjDfSh0btMiPgha"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7a8999b61e2d3a6d-FRA
expires
Fri, 17 Mar 2023 02:35:01 GMT
B0EFBB0208E9EF8D30A7C89B72C086F1DD36F5D7A5F0A9551729DDFC67E85BCDECDB196EB4EAB3FEC6BC55A4A1442682559F8312D8959CED1C6B0F52B22CF45C
assets.ad4m.at/product_image/ Frame EA63 		339 KB
340 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/B0EFBB0208E9EF8D30A7C89B72C086F1DD36F5D7A5F0A9551729DDFC67E85BCDECDB196EB4EAB3FEC6BC55A4A1442682559F8312D8959CED1C6B0F52B22CF45C
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=300&d=50&e=&g=3fd3a9e393a89ccf7cfc346b485cc1e6%2F13706121768195100782&i=29981&j=16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1678934101378&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gdmwkbp2zn0k1wpnbk3dxy7hw8vx5q3nx00a79f0w25fpky3e8bddm2dht5qbq2vew0za126z8jcrbazydrwxwmx55w0ka0cdz6mexmnfykambxeprqpj82krntj5x2v2m812vmhxzk97cttztv2xdwh51ft329rkavk7rntpz63drqqscs08m3cm0me4866c612adggdcmxsrckns5hdtzh7jpbmggqnvxhj54s75ksrhnz0xp0aj7nvh9bvrt6sx0redw3kwxhsddrz4fahdc%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCqRdFVIASZN6uItfkx_AP1u6-uAKQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi00NjYzNzUzNDY3OTk5NTk0yAEJqQIA52cef7-xPuACAKgDAaoEhAJP0Ofdx4q8XBq5tJOnYvu7qF4_hkJEYKHfiPk5yQCVoNOY0YQZ2LZjk40MIoTZW9QcTgN0lVJ9Ynl5UEPEc8XPl2UN-kn0mKkHINdiG61ZFCuNEx2TOP1XL5GgmfM3AS0lylUlDYxLRkucklXuc2NzalwG7LpHqXx5pFmFaZqdYI9S1cVvc7mPRwQ41wTg0FGr2uXVxzmv4DMtwChOeM9Giq3IwajQ8jLOZ49Lcr1LxmwMwupkQDv6tx5d0lQK2B3TPScSJyyeIc-8bV6uv6G4JzDJ1Ckdl2YV23xwaWVWhBwDXUKCHxpRyTwO4lHdVn55Iu-M_skX7Fx7jHMtz3naO4hJs-AEAYAGmpb-sfuW9_XIAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3v7_XTkID9SZOrn-HTnhR28xABcg%2526client%253Dca-pub-4663753467999594%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
42e8de9192dee3b3ee8a7529c5883dac20b868000168362d9f287125c95e18a8

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:35:01 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1033714
cf-polished
origFmt=png, origSize=563367
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
347098
cf-bgj
imgq:85,h2pri
last-modified
Fri, 09 Apr 2021 07:22:09 GMT
server
cloudflare
etag
"ff5ac113643d20bec15acfffe32cb75e"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O83dRcyZI25oy1ObvsjUSsh9V0ekH3JjpLfGPHG8M8Iunz0UNX6DqPFBhKfBoQeQlsh9nSSNtMFS0x0GIZ9qoecq5pHJbxD9QOlOuiGd7QoKyfOdvx3XWYKTkSfg%2BKjjS7%2FJSRgdvnhRP8Zt"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7a8999b61e313a6d-FRA
expires
Fri, 17 Mar 2023 02:35:01 GMT
cshow.php
www.awin1.com/ Frame EA63 		43 B
704 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=2904924&v=20044&q=415363&r=412871&pv=1&pref3=oneidJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eYoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=300&d=50&e=&g=3fd3a9e393a89ccf7cfc346b485cc1e6%2F13706121768195100782&i=29981&j=16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1678934101378&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gdmwkbp2zn0k1wpnbk3dxy7hw8vx5q3nx00a79f0w25fpky3e8bddm2dht5qbq2vew0za126z8jcrbazydrwxwmx55w0ka0cdz6mexmnfykambxeprqpj82krntj5x2v2m812vmhxzk97cttztv2xdwh51ft329rkavk7rntpz63drqqscs08m3cm0me4866c612adggdcmxsrckns5hdtzh7jpbmggqnvxhj54s75ksrhnz0xp0aj7nvh9bvrt6sx0redw3kwxhsddrz4fahdc%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCqRdFVIASZN6uItfkx_AP1u6-uAKQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi00NjYzNzUzNDY3OTk5NTk0yAEJqQIA52cef7-xPuACAKgDAaoEhAJP0Ofdx4q8XBq5tJOnYvu7qF4_hkJEYKHfiPk5yQCVoNOY0YQZ2LZjk40MIoTZW9QcTgN0lVJ9Ynl5UEPEc8XPl2UN-kn0mKkHINdiG61ZFCuNEx2TOP1XL5GgmfM3AS0lylUlDYxLRkucklXuc2NzalwG7LpHqXx5pFmFaZqdYI9S1cVvc7mPRwQ41wTg0FGr2uXVxzmv4DMtwChOeM9Giq3IwajQ8jLOZ49Lcr1LxmwMwupkQDv6tx5d0lQK2B3TPScSJyyeIc-8bV6uv6G4JzDJ1Ckdl2YV23xwaWVWhBwDXUKCHxpRyTwO4lHdVn55Iu-M_skX7Fx7jHMtz3naO4hJs-AEAYAGmpb-sfuW9_XIAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3v7_XTkID9SZOrn-HTnhR28xABcg%2526client%253Dca-pub-4663753467999594%2526adurl%253D&y=1&s=&z=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.19.44.80 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-44-80.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 16 Mar 2023 02:35:01 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
Content-Type
image/gif
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
43
Expires
0
default.css
as.ad4m.at/ad/style/0.1.35/one-ad/ Frame 2F13 		94 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.35/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C23576%2C188429&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2C1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQ%2CmD8hefGfWJ6jsmHZHZtztJGjTKSwTeezuGgw2&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2Cw7DHdfjf8V8cEHRH2tEC447HzSATmm3aKJ23%2C791CqfzfjD9JarHXHgtECVdXS4S1TQQ2f2kBW&c=300&d=250&e=&g=25e6c7aeb1b44dbbf8c55b0596511241%2F2691818786668666848&i=29981%2C20774%2C21596&j=16%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1678934101377&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j5gkp344grpf1az49ek8szpjtqymffqs7q44mc3bdg7shr3s98w09eh25ajbta2rj5bm3awpwxh63vzj6e8fp8y882rm3mf4py61h1fesdvqba6w1vsh1jpxb813pvanyka1nd0vwkm34xss9d00dhj2rsth217nzhj4pp5wc3d1nk03gpejbxz9r66ab7hwzq2wrf4d04nbgtgpxedfggytktscsy6zwj7cx769vhx5kj9grr1qt6hqtsbjbhk7j0e1jjc9argefpw8qgtbbbs%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCiEQdVIASZP_yLfHHgAeUp4-AC5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2NjM3NTM0Njc5OTk1OTTIAQmpAgDnZx5_v7E-4AIAqAMBqgSEAk_Q7gBQpO7JbEaAFZWRB0w-AEfP81mPmsCp4pOjHh1rQcP8rckbuVsDoLXI8iODWUE2TIpv8QxowbWYYgpCed8kHfWMG736AaY1Mdd3N15owzKRbkis_hU68GN8ol96m_otgE3NL8FAqRWCTcxNTsSMqhxB8c25r5G7Qh1qlyAmHvpjHNQi3lom2ZKWxHnQsjen57_3zlcaBTKnclM72K1yuvNgEeLEUMvTzKV558rbIZuwKsJgASfQhJYM7Sgc3Zf-dL7eGxMAar5jAGLV0e50v7-nRdOhgk7uj36k0q10ceUkiCgPL_R7bfl9sgBPmWR2gi94V3VYvieMmvlKX07Luxq_4AQBgAa1_JHwlYSy7-IBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1EJRfbFprEuTn7cAn6LhfHQw5NlQ%2526client%253Dca-pub-4663753467999594%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
926a4ca073c39c40cabffbf1b0371803f245f084cdb9177fc7b3f9d81c0e394d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/rar?a=117569%2C23576%2C188429&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2C1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQ%2CmD8hefGfWJ6jsmHZHZtztJGjTKSwTeezuGgw2&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2Cw7DHdfjf8V8cEHRH2tEC447HzSATmm3aKJ23%2C791CqfzfjD9JarHXHgtECVdXS4S1TQQ2f2kBW&c=300&d=250&e=&g=25e6c7aeb1b44dbbf8c55b0596511241%2F2691818786668666848&i=29981%2C20774%2C21596&j=16%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1678934101377&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j5gkp344grpf1az49ek8szpjtqymffqs7q44mc3bdg7shr3s98w09eh25ajbta2rj5bm3awpwxh63vzj6e8fp8y882rm3mf4py61h1fesdvqba6w1vsh1jpxb813pvanyka1nd0vwkm34xss9d00dhj2rsth217nzhj4pp5wc3d1nk03gpejbxz9r66ab7hwzq2wrf4d04nbgtgpxedfggytktscsy6zwj7cx769vhx5kj9grr1qt6hqtsbjbhk7j0e1jjc9argefpw8qgtbbbs%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCiEQdVIASZP_yLfHHgAeUp4-AC5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2NjM3NTM0Njc5OTk1OTTIAQmpAgDnZx5_v7E-4AIAqAMBqgSEAk_Q7gBQpO7JbEaAFZWRB0w-AEfP81mPmsCp4pOjHh1rQcP8rckbuVsDoLXI8iODWUE2TIpv8QxowbWYYgpCed8kHfWMG736AaY1Mdd3N15owzKRbkis_hU68GN8ol96m_otgE3NL8FAqRWCTcxNTsSMqhxB8c25r5G7Qh1qlyAmHvpjHNQi3lom2ZKWxHnQsjen57_3zlcaBTKnclM72K1yuvNgEeLEUMvTzKV558rbIZuwKsJgASfQhJYM7Sgc3Zf-dL7eGxMAar5jAGLV0e50v7-nRdOhgk7uj36k0q10ceUkiCgPL_R7bfl9sgBPmWR2gi94V3VYvieMmvlKX07Luxq_4AQBgAa1_JHwlYSy7-IBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1EJRfbFprEuTn7cAn6LhfHQw5NlQ%2526client%253Dca-pub-4663753467999594%2526adurl%253D&y=1&s=&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:35:01 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime
1677666448
age
57689
cf-polished
origSize=96968
x-guploader-uploadid
ADPycduxnnyMRJTFaD4Dg7Hd8aRn6xTYu1PRy7TXWWh0GjCBxwAMZMkehaNAf-UCycuwqnGLPQWuj1EZCp5aL6ZRZOMYGSoR-sy7
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 01 Mar 2023 10:28:06 GMT
server
cloudflare
etag
W/"6110dc3a24c902508647a582294bcc25"
vary
Accept-Encoding
x-goog-generation
1677666486645030
content-type
text/css
x-goog-hash
crc32c=6qzuyQ==, md5=YRDcOiTJAlCGR6WCKUvMJQ==
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3ERj%2B5U0cslw89nI5Tjz9lXQdfZcX9SBPXgkW1SiqqsYEk1nIfwhwuKR1hAW3XMxxlgv3Bd2hS8HKsPzY33o%2Bz%2BZhUPPJyWUjzOG2rxeT2HhjtYvgq9KMAHWFPXdT2gxnbFkCDrt0nQ%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
96968
cf-ray
7a8999b6188f9213-FRA
expires
Thu, 16 Mar 2023 03:35:01 GMT
A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266
assets.ad4m.at/logo/ Frame 2F13 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C23576%2C188429&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2C1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQ%2CmD8hefGfWJ6jsmHZHZtztJGjTKSwTeezuGgw2&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2Cw7DHdfjf8V8cEHRH2tEC447HzSATmm3aKJ23%2C791CqfzfjD9JarHXHgtECVdXS4S1TQQ2f2kBW&c=300&d=250&e=&g=25e6c7aeb1b44dbbf8c55b0596511241%2F2691818786668666848&i=29981%2C20774%2C21596&j=16%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1678934101377&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j5gkp344grpf1az49ek8szpjtqymffqs7q44mc3bdg7shr3s98w09eh25ajbta2rj5bm3awpwxh63vzj6e8fp8y882rm3mf4py61h1fesdvqba6w1vsh1jpxb813pvanyka1nd0vwkm34xss9d00dhj2rsth217nzhj4pp5wc3d1nk03gpejbxz9r66ab7hwzq2wrf4d04nbgtgpxedfggytktscsy6zwj7cx769vhx5kj9grr1qt6hqtsbjbhk7j0e1jjc9argefpw8qgtbbbs%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCiEQdVIASZP_yLfHHgAeUp4-AC5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2NjM3NTM0Njc5OTk1OTTIAQmpAgDnZx5_v7E-4AIAqAMBqgSEAk_Q7gBQpO7JbEaAFZWRB0w-AEfP81mPmsCp4pOjHh1rQcP8rckbuVsDoLXI8iODWUE2TIpv8QxowbWYYgpCed8kHfWMG736AaY1Mdd3N15owzKRbkis_hU68GN8ol96m_otgE3NL8FAqRWCTcxNTsSMqhxB8c25r5G7Qh1qlyAmHvpjHNQi3lom2ZKWxHnQsjen57_3zlcaBTKnclM72K1yuvNgEeLEUMvTzKV558rbIZuwKsJgASfQhJYM7Sgc3Zf-dL7eGxMAar5jAGLV0e50v7-nRdOhgk7uj36k0q10ceUkiCgPL_R7bfl9sgBPmWR2gi94V3VYvieMmvlKX07Luxq_4AQBgAa1_JHwlYSy7-IBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1EJRfbFprEuTn7cAn6LhfHQw5NlQ%2526client%253Dca-pub-4663753467999594%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af7a66542220ecfb2b8fa0286b60ffa95c1c8047df094654a90e1ff75f848ef5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:35:01 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1033717
cf-polished
origFmt=png, origSize=9357
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2330
cf-bgj
imgq:85,h2pri
last-modified
Thu, 08 Apr 2021 14:26:03 GMT
server
cloudflare
etag
"8cc161b392f5744da5319a4da549b763"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AieINU4RDuRGhtRPiHYZcauz5IwKn%2B%2BX6kqzACiEbZQrptpS%2BixPffZu6vixNBt98qHssp4gGkGu8w7oBouEycsTGYv2CJtgoLk2tXxKxK2o20jxgE8djy2zCXhfD3zxcytTVV1DbbP9wRre"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7a8999b61e2f3a6d-FRA
expires
Fri, 17 Mar 2023 02:35:01 GMT
B0EFBB0208E9EF8D30A7C89B72C086F1DD36F5D7A5F0A9551729DDFC67E85BCDECDB196EB4EAB3FEC6BC55A4A1442682559F8312D8959CED1C6B0F52B22CF45C
assets.ad4m.at/product_image/ Frame 2F13 		339 KB
340 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/B0EFBB0208E9EF8D30A7C89B72C086F1DD36F5D7A5F0A9551729DDFC67E85BCDECDB196EB4EAB3FEC6BC55A4A1442682559F8312D8959CED1C6B0F52B22CF45C
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C23576%2C188429&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2C1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQ%2CmD8hefGfWJ6jsmHZHZtztJGjTKSwTeezuGgw2&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2Cw7DHdfjf8V8cEHRH2tEC447HzSATmm3aKJ23%2C791CqfzfjD9JarHXHgtECVdXS4S1TQQ2f2kBW&c=300&d=250&e=&g=25e6c7aeb1b44dbbf8c55b0596511241%2F2691818786668666848&i=29981%2C20774%2C21596&j=16%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1678934101377&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j5gkp344grpf1az49ek8szpjtqymffqs7q44mc3bdg7shr3s98w09eh25ajbta2rj5bm3awpwxh63vzj6e8fp8y882rm3mf4py61h1fesdvqba6w1vsh1jpxb813pvanyka1nd0vwkm34xss9d00dhj2rsth217nzhj4pp5wc3d1nk03gpejbxz9r66ab7hwzq2wrf4d04nbgtgpxedfggytktscsy6zwj7cx769vhx5kj9grr1qt6hqtsbjbhk7j0e1jjc9argefpw8qgtbbbs%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCiEQdVIASZP_yLfHHgAeUp4-AC5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2NjM3NTM0Njc5OTk1OTTIAQmpAgDnZx5_v7E-4AIAqAMBqgSEAk_Q7gBQpO7JbEaAFZWRB0w-AEfP81mPmsCp4pOjHh1rQcP8rckbuVsDoLXI8iODWUE2TIpv8QxowbWYYgpCed8kHfWMG736AaY1Mdd3N15owzKRbkis_hU68GN8ol96m_otgE3NL8FAqRWCTcxNTsSMqhxB8c25r5G7Qh1qlyAmHvpjHNQi3lom2ZKWxHnQsjen57_3zlcaBTKnclM72K1yuvNgEeLEUMvTzKV558rbIZuwKsJgASfQhJYM7Sgc3Zf-dL7eGxMAar5jAGLV0e50v7-nRdOhgk7uj36k0q10ceUkiCgPL_R7bfl9sgBPmWR2gi94V3VYvieMmvlKX07Luxq_4AQBgAa1_JHwlYSy7-IBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1EJRfbFprEuTn7cAn6LhfHQw5NlQ%2526client%253Dca-pub-4663753467999594%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
42e8de9192dee3b3ee8a7529c5883dac20b868000168362d9f287125c95e18a8

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:35:01 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1033714
cf-polished
origFmt=png, origSize=563367
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
347098
cf-bgj
imgq:85,h2pri
last-modified
Fri, 09 Apr 2021 07:22:09 GMT
server
cloudflare
etag
"ff5ac113643d20bec15acfffe32cb75e"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DoVm8CLNxH%2BJ0IQSQ894rAaUYbNIfuHAoUbuuZKfL%2FCWQgg%2FbkmCJvlV3e8x1i2vCY9BWbIsV58tykJpBoqRGEoLEKDFIu4H3OiQFFlc%2BH20cgJxDwG%2FuH9fHvDqB0Evcb80mtqbstxFxl5q"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7a8999b61e333a6d-FRA
expires
Fri, 17 Mar 2023 02:35:01 GMT
cshow.php
www.awin1.com/ Frame 2F13 		43 B
704 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=2904924&v=20044&q=415363&r=412871&pv=1&pref3=oneidJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eYoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C23576%2C188429&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2C1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQ%2CmD8hefGfWJ6jsmHZHZtztJGjTKSwTeezuGgw2&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2Cw7DHdfjf8V8cEHRH2tEC447HzSATmm3aKJ23%2C791CqfzfjD9JarHXHgtECVdXS4S1TQQ2f2kBW&c=300&d=250&e=&g=25e6c7aeb1b44dbbf8c55b0596511241%2F2691818786668666848&i=29981%2C20774%2C21596&j=16%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1678934101377&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j5gkp344grpf1az49ek8szpjtqymffqs7q44mc3bdg7shr3s98w09eh25ajbta2rj5bm3awpwxh63vzj6e8fp8y882rm3mf4py61h1fesdvqba6w1vsh1jpxb813pvanyka1nd0vwkm34xss9d00dhj2rsth217nzhj4pp5wc3d1nk03gpejbxz9r66ab7hwzq2wrf4d04nbgtgpxedfggytktscsy6zwj7cx769vhx5kj9grr1qt6hqtsbjbhk7j0e1jjc9argefpw8qgtbbbs%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCiEQdVIASZP_yLfHHgAeUp4-AC5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2NjM3NTM0Njc5OTk1OTTIAQmpAgDnZx5_v7E-4AIAqAMBqgSEAk_Q7gBQpO7JbEaAFZWRB0w-AEfP81mPmsCp4pOjHh1rQcP8rckbuVsDoLXI8iODWUE2TIpv8QxowbWYYgpCed8kHfWMG736AaY1Mdd3N15owzKRbkis_hU68GN8ol96m_otgE3NL8FAqRWCTcxNTsSMqhxB8c25r5G7Qh1qlyAmHvpjHNQi3lom2ZKWxHnQsjen57_3zlcaBTKnclM72K1yuvNgEeLEUMvTzKV558rbIZuwKsJgASfQhJYM7Sgc3Zf-dL7eGxMAar5jAGLV0e50v7-nRdOhgk7uj36k0q10ceUkiCgPL_R7bfl9sgBPmWR2gi94V3VYvieMmvlKX07Luxq_4AQBgAa1_JHwlYSy7-IBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1EJRfbFprEuTn7cAn6LhfHQw5NlQ%2526client%253Dca-pub-4663753467999594%2526adurl%253D&y=1&s=&z=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.19.44.80 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-44-80.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 16 Mar 2023 02:35:01 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
Content-Type
image/gif
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
43
Expires
0
D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
assets.ad4m.at/logo/ Frame 2F13 		53 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C23576%2C188429&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2C1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQ%2CmD8hefGfWJ6jsmHZHZtztJGjTKSwTeezuGgw2&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2Cw7DHdfjf8V8cEHRH2tEC447HzSATmm3aKJ23%2C791CqfzfjD9JarHXHgtECVdXS4S1TQQ2f2kBW&c=300&d=250&e=&g=25e6c7aeb1b44dbbf8c55b0596511241%2F2691818786668666848&i=29981%2C20774%2C21596&j=16%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1678934101377&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j5gkp344grpf1az49ek8szpjtqymffqs7q44mc3bdg7shr3s98w09eh25ajbta2rj5bm3awpwxh63vzj6e8fp8y882rm3mf4py61h1fesdvqba6w1vsh1jpxb813pvanyka1nd0vwkm34xss9d00dhj2rsth217nzhj4pp5wc3d1nk03gpejbxz9r66ab7hwzq2wrf4d04nbgtgpxedfggytktscsy6zwj7cx769vhx5kj9grr1qt6hqtsbjbhk7j0e1jjc9argefpw8qgtbbbs%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCiEQdVIASZP_yLfHHgAeUp4-AC5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2NjM3NTM0Njc5OTk1OTTIAQmpAgDnZx5_v7E-4AIAqAMBqgSEAk_Q7gBQpO7JbEaAFZWRB0w-AEfP81mPmsCp4pOjHh1rQcP8rckbuVsDoLXI8iODWUE2TIpv8QxowbWYYgpCed8kHfWMG736AaY1Mdd3N15owzKRbkis_hU68GN8ol96m_otgE3NL8FAqRWCTcxNTsSMqhxB8c25r5G7Qh1qlyAmHvpjHNQi3lom2ZKWxHnQsjen57_3zlcaBTKnclM72K1yuvNgEeLEUMvTzKV558rbIZuwKsJgASfQhJYM7Sgc3Zf-dL7eGxMAar5jAGLV0e50v7-nRdOhgk7uj36k0q10ceUkiCgPL_R7bfl9sgBPmWR2gi94V3VYvieMmvlKX07Luxq_4AQBgAa1_JHwlYSy7-IBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1EJRfbFprEuTn7cAn6LhfHQw5NlQ%2526client%253Dca-pub-4663753467999594%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7cdf71044448cb736733f5163fff96081d51ba4101567d61d22ee5998a7a399

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:35:01 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1033784
cf-polished
origFmt=png, origSize=115129
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
54564
cf-bgj
imgq:85,h2pri
last-modified
Tue, 09 Feb 2021 15:11:24 GMT
server
cloudflare
etag
"0a277d59efca0369a6983645e273659e"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MQko7i%2Bbsx5EF4TCvHl9H%2Bqd1I9mlSdVukIWkacvbfLa6S9AISq8EV6bvO2h6tvOIjlWL2o0Z1%2FoUcMZmcJTGaa85wZDJTkqNI4dyktuazfDQtkjvpvBLujkca2xgSOSzofxu8UMFbm77D%2Fi"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7a8999b62e343a6d-FRA
expires
Fri, 17 Mar 2023 02:35:01 GMT
F62A1DE9558535D0FF655677BD09A3CC277ACE3637CF682E0D52C0F5BBA2668E34C6194AEF65CBBC1F6ECA33D1332A3C8BE1215EA4AB0FD0FBE5F5B485AF1875
assets.ad4m.at/product_image/ Frame 2F13 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/F62A1DE9558535D0FF655677BD09A3CC277ACE3637CF682E0D52C0F5BBA2668E34C6194AEF65CBBC1F6ECA33D1332A3C8BE1215EA4AB0FD0FBE5F5B485AF1875
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C23576%2C188429&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2C1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQ%2CmD8hefGfWJ6jsmHZHZtztJGjTKSwTeezuGgw2&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2Cw7DHdfjf8V8cEHRH2tEC447HzSATmm3aKJ23%2C791CqfzfjD9JarHXHgtECVdXS4S1TQQ2f2kBW&c=300&d=250&e=&g=25e6c7aeb1b44dbbf8c55b0596511241%2F2691818786668666848&i=29981%2C20774%2C21596&j=16%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1678934101377&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j5gkp344grpf1az49ek8szpjtqymffqs7q44mc3bdg7shr3s98w09eh25ajbta2rj5bm3awpwxh63vzj6e8fp8y882rm3mf4py61h1fesdvqba6w1vsh1jpxb813pvanyka1nd0vwkm34xss9d00dhj2rsth217nzhj4pp5wc3d1nk03gpejbxz9r66ab7hwzq2wrf4d04nbgtgpxedfggytktscsy6zwj7cx769vhx5kj9grr1qt6hqtsbjbhk7j0e1jjc9argefpw8qgtbbbs%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCiEQdVIASZP_yLfHHgAeUp4-AC5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2NjM3NTM0Njc5OTk1OTTIAQmpAgDnZx5_v7E-4AIAqAMBqgSEAk_Q7gBQpO7JbEaAFZWRB0w-AEfP81mPmsCp4pOjHh1rQcP8rckbuVsDoLXI8iODWUE2TIpv8QxowbWYYgpCed8kHfWMG736AaY1Mdd3N15owzKRbkis_hU68GN8ol96m_otgE3NL8FAqRWCTcxNTsSMqhxB8c25r5G7Qh1qlyAmHvpjHNQi3lom2ZKWxHnQsjen57_3zlcaBTKnclM72K1yuvNgEeLEUMvTzKV558rbIZuwKsJgASfQhJYM7Sgc3Zf-dL7eGxMAar5jAGLV0e50v7-nRdOhgk7uj36k0q10ceUkiCgPL_R7bfl9sgBPmWR2gi94V3VYvieMmvlKX07Luxq_4AQBgAa1_JHwlYSy7-IBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1EJRfbFprEuTn7cAn6LhfHQw5NlQ%2526client%253Dca-pub-4663753467999594%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
39ae6b1a1ba72fc9d48b1848e9bc88f4b9da10688232ccca39d85b878db7af32

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:35:01 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1033718
cf-polished
qual=85, origFmt=jpeg, origSize=132437
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
23154
cf-bgj
imgq:85,h2pri
last-modified
Thu, 09 Dec 2021 17:51:23 GMT
server
cloudflare
etag
"c348b177953ac5720836c04e1a21673d"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gum8ixfE3rYOB2sN75w4IkKQMYBQe5wnSoQDRnNM5ewOvCRkKqA7FJjYWcOvbud7Rz6gPl8APSuPrvw8Ol5iVb6WquYjooBcRUwr%2FhcrbpfnCh13QcguC6TZHBjAdxifO28yK9FVfRGXjfHJ"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7a8999b62e353a6d-FRA
expires
Fri, 17 Mar 2023 02:35:01 GMT
/
partner.o2online.de/a/ Frame 2F13
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_t...
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CNXk4PW03_0CFXmDgwcdVK8COA;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=...
  • https://www.telefonica-partner.de/tpv.php?t=120211V1226132702M&subid=viewoneid1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://www.lead-alliance.net/tpv.php?t=120211V1226132702M&subid=viewoneid1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=120211&s_id=2023031603350182889743761X120211V1226132702MSviewoneid1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQoneid__suite...
49 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=120211&s_id=2023031603350182889743761X120211V1226132702MSviewoneid1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&cons=0&spid=2023031603350182889743761X120211V1226132702MSviewoneid1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQoneid__suite_Netmix_Reach121_BESTPERFORMER&wfid=120211&partnerid=12218
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C23576%2C188429&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2C1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQ%2CmD8hefGfWJ6jsmHZHZtztJGjTKSwTeezuGgw2&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2Cw7DHdfjf8V8cEHRH2tEC447HzSATmm3aKJ23%2C791CqfzfjD9JarHXHgtECVdXS4S1TQQ2f2kBW&c=300&d=250&e=&g=25e6c7aeb1b44dbbf8c55b0596511241%2F2691818786668666848&i=29981%2C20774%2C21596&j=16%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1678934101377&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j5gkp344grpf1az49ek8szpjtqymffqs7q44mc3bdg7shr3s98w09eh25ajbta2rj5bm3awpwxh63vzj6e8fp8y882rm3mf4py61h1fesdvqba6w1vsh1jpxb813pvanyka1nd0vwkm34xss9d00dhj2rsth217nzhj4pp5wc3d1nk03gpejbxz9r66ab7hwzq2wrf4d04nbgtgpxedfggytktscsy6zwj7cx769vhx5kj9grr1qt6hqtsbjbhk7j0e1jjc9argefpw8qgtbbbs%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCiEQdVIASZP_yLfHHgAeUp4-AC5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2NjM3NTM0Njc5OTk1OTTIAQmpAgDnZx5_v7E-4AIAqAMBqgSEAk_Q7gBQpO7JbEaAFZWRB0w-AEfP81mPmsCp4pOjHh1rQcP8rckbuVsDoLXI8iODWUE2TIpv8QxowbWYYgpCed8kHfWMG736AaY1Mdd3N15owzKRbkis_hU68GN8ol96m_otgE3NL8FAqRWCTcxNTsSMqhxB8c25r5G7Qh1qlyAmHvpjHNQi3lom2ZKWxHnQsjen57_3zlcaBTKnclM72K1yuvNgEeLEUMvTzKV558rbIZuwKsJgASfQhJYM7Sgc3Zf-dL7eGxMAar5jAGLV0e50v7-nRdOhgk7uj36k0q10ceUkiCgPL_R7bfl9sgBPmWR2gi94V3VYvieMmvlKX07Luxq_4AQBgAa1_JHwlYSy7-IBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1EJRfbFprEuTn7cAn6LhfHQw5NlQ%2526client%253Dca-pub-4663753467999594%2526adurl%253D&y=1&s=&z=0
Protocol
HTTP/1.1
Server
167.233.13.224 Hallbergmoos, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.224.13.233.167.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Thu, 16 Mar 2023 02:35:01 GMT
X-NODEIP
88.99.63.132
Server
nginx/1.18.0 (Ubuntu)
RM-PrivacyPolicy
https://www.nonstoppartner.net/
Content-Type
image/gif
P3P
policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection
keep-alive
Keep-Alive
timeout=10
Content-Length
49

Redirect headers

location
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=120211&s_id=2023031603350182889743761X120211V1226132702MSviewoneid1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&cons=0&spid=2023031603350182889743761X120211V1226132702MSviewoneid1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQoneid__suite_Netmix_Reach121_BESTPERFORMER&wfid=120211&partnerid=12218
date
Thu, 16 Mar 2023 02:35:01 GMT
x-content-type-options
nosniff
server
nginx
x-xss-protection
1; mode=block
content-type
text/html; charset=UTF-8
762E992A001272DDC355514B76DC4960DDF6238B0F54854C0B29BE64A7E78BA5693E54C1A602322E523834805FE15471ECC3FEB06D9A02796A930A4085F71F84
assets.ad4m.at/logo/ Frame 2F13 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/762E992A001272DDC355514B76DC4960DDF6238B0F54854C0B29BE64A7E78BA5693E54C1A602322E523834805FE15471ECC3FEB06D9A02796A930A4085F71F84
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C23576%2C188429&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2C1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQ%2CmD8hefGfWJ6jsmHZHZtztJGjTKSwTeezuGgw2&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2Cw7DHdfjf8V8cEHRH2tEC447HzSATmm3aKJ23%2C791CqfzfjD9JarHXHgtECVdXS4S1TQQ2f2kBW&c=300&d=250&e=&g=25e6c7aeb1b44dbbf8c55b0596511241%2F2691818786668666848&i=29981%2C20774%2C21596&j=16%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1678934101377&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j5gkp344grpf1az49ek8szpjtqymffqs7q44mc3bdg7shr3s98w09eh25ajbta2rj5bm3awpwxh63vzj6e8fp8y882rm3mf4py61h1fesdvqba6w1vsh1jpxb813pvanyka1nd0vwkm34xss9d00dhj2rsth217nzhj4pp5wc3d1nk03gpejbxz9r66ab7hwzq2wrf4d04nbgtgpxedfggytktscsy6zwj7cx769vhx5kj9grr1qt6hqtsbjbhk7j0e1jjc9argefpw8qgtbbbs%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCiEQdVIASZP_yLfHHgAeUp4-AC5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2NjM3NTM0Njc5OTk1OTTIAQmpAgDnZx5_v7E-4AIAqAMBqgSEAk_Q7gBQpO7JbEaAFZWRB0w-AEfP81mPmsCp4pOjHh1rQcP8rckbuVsDoLXI8iODWUE2TIpv8QxowbWYYgpCed8kHfWMG736AaY1Mdd3N15owzKRbkis_hU68GN8ol96m_otgE3NL8FAqRWCTcxNTsSMqhxB8c25r5G7Qh1qlyAmHvpjHNQi3lom2ZKWxHnQsjen57_3zlcaBTKnclM72K1yuvNgEeLEUMvTzKV558rbIZuwKsJgASfQhJYM7Sgc3Zf-dL7eGxMAar5jAGLV0e50v7-nRdOhgk7uj36k0q10ceUkiCgPL_R7bfl9sgBPmWR2gi94V3VYvieMmvlKX07Luxq_4AQBgAa1_JHwlYSy7-IBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1EJRfbFprEuTn7cAn6LhfHQw5NlQ%2526client%253Dca-pub-4663753467999594%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ffae8fb9199235cf70171d14a964159b4eda2da695a258c2586de98e3cb27bb2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:35:01 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1033787
cf-polished
origFmt=png, origSize=65187
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44710
cf-bgj
imgq:85,h2pri
last-modified
Tue, 17 Jan 2023 14:45:52 GMT
server
cloudflare
etag
"99941d3864a6d6ef01023c96e0475815"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vJva7XGqE4TKdnD8O2jnaMQ3ik1oDoTUZPJ01QZ4ZuPZnVjteJHT5Reiwmytrv5WS8rQSThk4x%2FLFCJpGsA%2FZaxrWwjSmQs0%2BGOVWBZ4RqmHF0dPqHMwuZ6n2%2FHsB0pkDjxeRi4oT4Gy%2Bo5A"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7a8999b62e363a6d-FRA
expires
Fri, 17 Mar 2023 02:35:01 GMT
EC9093D4AF3799CF781B1E590A25D192F3BFBB8EF4C33117758FB5ADF524B34A287AF80FDD08D80A46541DEAE1FFA692B6F4CA688E7C199182253AEB01A2863C
assets.ad4m.at/product_image/ Frame 2F13 		222 KB
222 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/EC9093D4AF3799CF781B1E590A25D192F3BFBB8EF4C33117758FB5ADF524B34A287AF80FDD08D80A46541DEAE1FFA692B6F4CA688E7C199182253AEB01A2863C
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C23576%2C188429&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2C1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQ%2CmD8hefGfWJ6jsmHZHZtztJGjTKSwTeezuGgw2&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2Cw7DHdfjf8V8cEHRH2tEC447HzSATmm3aKJ23%2C791CqfzfjD9JarHXHgtECVdXS4S1TQQ2f2kBW&c=300&d=250&e=&g=25e6c7aeb1b44dbbf8c55b0596511241%2F2691818786668666848&i=29981%2C20774%2C21596&j=16%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1678934101377&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j5gkp344grpf1az49ek8szpjtqymffqs7q44mc3bdg7shr3s98w09eh25ajbta2rj5bm3awpwxh63vzj6e8fp8y882rm3mf4py61h1fesdvqba6w1vsh1jpxb813pvanyka1nd0vwkm34xss9d00dhj2rsth217nzhj4pp5wc3d1nk03gpejbxz9r66ab7hwzq2wrf4d04nbgtgpxedfggytktscsy6zwj7cx769vhx5kj9grr1qt6hqtsbjbhk7j0e1jjc9argefpw8qgtbbbs%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCiEQdVIASZP_yLfHHgAeUp4-AC5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2NjM3NTM0Njc5OTk1OTTIAQmpAgDnZx5_v7E-4AIAqAMBqgSEAk_Q7gBQpO7JbEaAFZWRB0w-AEfP81mPmsCp4pOjHh1rQcP8rckbuVsDoLXI8iODWUE2TIpv8QxowbWYYgpCed8kHfWMG736AaY1Mdd3N15owzKRbkis_hU68GN8ol96m_otgE3NL8FAqRWCTcxNTsSMqhxB8c25r5G7Qh1qlyAmHvpjHNQi3lom2ZKWxHnQsjen57_3zlcaBTKnclM72K1yuvNgEeLEUMvTzKV558rbIZuwKsJgASfQhJYM7Sgc3Zf-dL7eGxMAar5jAGLV0e50v7-nRdOhgk7uj36k0q10ceUkiCgPL_R7bfl9sgBPmWR2gi94V3VYvieMmvlKX07Luxq_4AQBgAa1_JHwlYSy7-IBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1EJRfbFprEuTn7cAn6LhfHQw5NlQ%2526client%253Dca-pub-4663753467999594%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
41b9b9d488e3a57902a671111dd089363c2f7d3a41ec3177f196abbb7cbac078

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:35:01 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1033787
cf-polished
origFmt=png, origSize=342797
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
226916
cf-bgj
imgq:85,h2pri
last-modified
Wed, 15 Jun 2022 14:01:11 GMT
server
cloudflare
etag
"82c7de0f42ff55fdd0acc07731664031"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G2q%2BNm4axU09WPDgfLNZQD5240riKc8shaZhHDY0XZaPV1WP2JXDaodqwlNToYny5xw3d7yTZ9pY1Lonekw8JbPMAoDhQBFo9hEQmd7IgFMIm8p3t%2BGQLe%2FgsPq99aT5roEbP5v1OjvuALb%2B"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7a8999b62e373a6d-FRA
expires
Fri, 17 Mar 2023 02:35:01 GMT
ztpv.php
www.conrad.de/ Frame 2F13
Redirect Chain
  • https://www.awin1.com/cshow.php?s=2470172&v=11354&q=377133&r=412871&pv=1&pref3=oneidmD8hefGfWJ6jsmHZHZtztJGjTKSwTeezuGgw2oneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://www.conrad.de/ztpv.php?awc=11354_412871_1678934101_26b783c0-c3a3-11ed-b09e-2262db7920ac&insert=AW&&gdpr=0&gdpr_consent=
0
473 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.conrad.de/ztpv.php?awc=11354_412871_1678934101_26b783c0-c3a3-11ed-b09e-2262db7920ac&insert=AW&&gdpr=0&gdpr_consent=
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C23576%2C188429&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2C1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQ%2CmD8hefGfWJ6jsmHZHZtztJGjTKSwTeezuGgw2&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2Cw7DHdfjf8V8cEHRH2tEC447HzSATmm3aKJ23%2C791CqfzfjD9JarHXHgtECVdXS4S1TQQ2f2kBW&c=300&d=250&e=&g=25e6c7aeb1b44dbbf8c55b0596511241%2F2691818786668666848&i=29981%2C20774%2C21596&j=16%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1678934101377&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j5gkp344grpf1az49ek8szpjtqymffqs7q44mc3bdg7shr3s98w09eh25ajbta2rj5bm3awpwxh63vzj6e8fp8y882rm3mf4py61h1fesdvqba6w1vsh1jpxb813pvanyka1nd0vwkm34xss9d00dhj2rsth217nzhj4pp5wc3d1nk03gpejbxz9r66ab7hwzq2wrf4d04nbgtgpxedfggytktscsy6zwj7cx769vhx5kj9grr1qt6hqtsbjbhk7j0e1jjc9argefpw8qgtbbbs%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCiEQdVIASZP_yLfHHgAeUp4-AC5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2NjM3NTM0Njc5OTk1OTTIAQmpAgDnZx5_v7E-4AIAqAMBqgSEAk_Q7gBQpO7JbEaAFZWRB0w-AEfP81mPmsCp4pOjHh1rQcP8rckbuVsDoLXI8iODWUE2TIpv8QxowbWYYgpCed8kHfWMG736AaY1Mdd3N15owzKRbkis_hU68GN8ol96m_otgE3NL8FAqRWCTcxNTsSMqhxB8c25r5G7Qh1qlyAmHvpjHNQi3lom2ZKWxHnQsjen57_3zlcaBTKnclM72K1yuvNgEeLEUMvTzKV558rbIZuwKsJgASfQhJYM7Sgc3Zf-dL7eGxMAar5jAGLV0e50v7-nRdOhgk7uj36k0q10ceUkiCgPL_R7bfl9sgBPmWR2gi94V3VYvieMmvlKX07Luxq_4AQBgAa1_JHwlYSy7-IBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1EJRfbFprEuTn7cAn6LhfHQw5NlQ%2526client%253Dca-pub-4663753467999594%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Server
2606:4700::6812:7f05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:35:01 GMT
strict-transport-security
max-age=15552000
cf-ccp-worker
HTLPHandler-v1
server
cloudflare
vary
Accept-Encoding
cache-control
no-cache
cf-ray
7a8999b6dd8bbbef-FRA
content-length
0
expires
-1

Redirect headers

Date
Thu, 16 Mar 2023 02:35:01 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location
https://www.conrad.de/ztpv.php?awc=11354_412871_1678934101_26b783c0-c3a3-11ed-b09e-2262db7920ac&insert=AW&&gdpr=0&gdpr_consent=
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
0
adview
securepubads.g.doubleclick.net/pagead/ Frame D90A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=Cw7wFVIASZPm9OIrQgAeQqK2oA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2NjM3NTM0Njc5OTk1OTTIAQmpAgDnZx5_v7E-4AIAqAMBqgT9AU_QAd2LJOOOnqgkFMSbiMaukxvt8ZPXCDXdilCKZ9AAFAfxolbWpuWJrB8Ic67iSMW8ztUC_TebhLRp6SVIMr92MusQfdQ8q8YG8BPKw595FA08thWJLoYK1A0zVKJFlgKxuFgZ3R61gYXlb3J7h_hmKst4-vPuW42PuiRMFr0hRrHx1ZDIa6MUNjWTQWwp-yAPu51ab46Ezd93h1VcbuTZYgIGnmbxOiCvcTY9JysZZ34obeXJvpeh1oOctauNsu5H9MO9vgX2HCq5e4SH8Xym342nzlJ7uWaMiQ0-sSHD8hNogIH_1yIugSP9v-uakzTJ8_-k1RHSN-hZ1hrgBAGABoGV2N-QofbviAGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBAgAoB-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTQ2NjM3NTM0Njc5OTk1OTQYh7AO&sigh=izPgWfHKE2U&uach_m=[UACH]&cid=CAQSPADUE5ymV6dETwQ_5695hqR-8J73y3OsdjV5CrzE5RWDNNBsza8xmK5Xiqx8MihQFfEDGpKpfBf38EL6xBgB
Requested by
Host: istoe.com.br
URL: https://istoe.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers
winResponse
prod-rtb.ad4mat.net/ Frame D90A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prod-rtb.ad4mat.net/winResponse?a=1j9pw2sbxskkbvq808rxha6az3ahexmfsa5f8jk6gykh0s88qppzkx9t6g39eef00040wg0negx6n72kast8mj1r0gjyww9bvgj2jfvhqrn8wy7r19f4n5m0fftf7fv6k76cdp5mss35vbpsv65qcvgnyhr9023am3pg484pp8t60gne9y2vz837j2gz5xhxembr9p8kq94hmvq00z3e1pcxkkzhf2j720zm5zna27a8dd548bx73xg3tg4en2q228d532z3scfewwg3rthv77q0keydre10h5fhgp9g4dez9eqnyedq681vsjqjr2ce6fsajg20xatxevr8ygc0e2qb45wz2g3yb7pn7v4yjrw5ka6389wcjxhpn3kk81vcxgm47pvb9ytke28&b=ZBKAVAAOHvkK4CgKAAtUEDJex4VmeHkafXu_OQ
Requested by
Host: istoe.com.br
URL: https://istoe.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 16 Mar 2023 02:35:01 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
image/gif
dr
as.ad4m.at/ad/ Frame B0E1 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/dr?ed=1kxqbwg7fy21nh3cxc9a5nmavj3rejmtb9r3gwpvxgdwq3pxdkgc7n2vdjqxsf07bnjph0h8cr1davdsks0kmne40akf5w95s867bhznzcm2ezr8myx1yxf9sw3kk3xdr5yj6arrv4bdr9ax4spsfgk61bx07s0gcy6j58beq94x5ebvbz9xcb70sgxjac2dfz9a9dw5w4gevfvhf5qjv1ntkatdvv6ttr2j5j6jb8hzvh1s1q68n9gxqdjr94rcpp9jjb4q640vqbexqq57n62y70q60ves1pesavrs28qpqxr0pv8tw0treqegttbq1ycfbjh9heymhttjk2hbnrgr6cvbd1mwq6kcv1m1yar5w0ka7r2t1t5nc62t6n7a0trs0bskkv092nydr5gwgn37jy4djyer6xbwh3z01y1b5hd09gvmvtze3ydk8hepc4p7pj1e&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_Cj5VIASZPm9OIrQgAeQqK2oA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2NjM3NTM0Njc5OTk1OTTIAQmpAgDnZx5_v7E-4AIAqAMBqgSAAk_QAd2LJOOOnqgkFMSbiMaukxvt8ZPXCDXdilCKZ9AAFAfxolbWpuWJrB8Ic67iSMW8ztUC_TebhLRp6SVIMr92MusQfdQ8q8YG8BPKw595FA08thWJLoYK1A0zVKJFlgKxuFgZ3R61gYXlb3J7h_hmKst4-vPuW42PuiRMFr0hRrHx1ZDIa6MUNjWTQWwp-yAPu51ab46Ezd93h1VcbuTZYgIGnmbxOiCvcTY9JysZZ34obeXJvpeh1oOctauNsu5H9MO9vgX2HCq5e4SH8Xym342nzlJ7-2StG9rHNmELdVv-WshtJRs6i473kfNHE_aAYQcwyz3K4jTGltKYxFXgBAGABoGV2N-QofbviAGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1-0bIM517TruYWEzUEr2gX30cMFg%26client%3Dca-pub-4663753467999594%26adurl%3D
Requested by
Host: 3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com
URL: https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1684a43a0a3c5b12b78fe86419fc262b1c950d45bab5009758b1273eb5c60986
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
7a8999b6389a9213-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Thu, 16 Mar 2023 02:35:01 GMT
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230314/r20110914/client/ Frame D90A 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230314/r20110914/client/window_focus_fy2021.js
Requested by
Host: 3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com
URL: https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 15 Mar 2023 22:31:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
14631
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 29 Mar 2023 22:31:10 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 9EFA 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com
URL: https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
51100
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 15 Mar 2023 12:23:21 GMT
etag
48472445140208031
expires
Thu, 16 Mar 2023 12:23:21 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230314/r20110914/client/ Frame D90A 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230314/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com
URL: https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a9161954861bb1fd7d5044d99f9ce04137b3836979ce8c5c75d224642f57c3f9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 15 Mar 2023 18:10:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
30269
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8559
x-xss-protection
0
server
cafe
etag
11326455550778179109
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 29 Mar 2023 18:10:32 GMT
l
www.google.com/ads/measurement/ Frame D90A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRhVg48oHJ8gEx6MzGIbumm4S0clJvUD0j_qENAncz_nQERQoq177IA6pWNGgptd8iWwK67DoillDAbG9SD6xXXQ2xYKQ
Requested by
Host: 3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com
URL: https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame D90A 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com
URL: https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 09 Mar 2023 10:51:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
575012
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 08 Mar 2024 10:51:29 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame D90A 		158 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com
URL: https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3456dcd3eb25196e68e2822cca66a20c2f123bedf5986f159be674e4c40a05cb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:35:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49519
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1678880156327103"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 16 Mar 2023 02:35:01 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 0E13 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuRe2lSfzn6gKbfX88JbysqD1luTMgmeT41FTIJ8IDv8qUeoX-VMbM-eHSt8gfwae4AVmo6Q5N5fFjPZc8hwJwks1k&sig=Cg0ArKJSzG6BSEasItd0EAE&id=lidar2&mcvt=1005&p=164,315,254,1285&mtos=1005,1005,1005,1005,1005&tos=1005,0,0,0,0&v=20230315&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1010576609&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1678934100313&rpt=156&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Mar 2023 02:35:01 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
default.css
as.ad4m.at/ad/style/0.1.35/one-ad/ Frame B0E1 		94 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.35/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1kxqbwg7fy21nh3cxc9a5nmavj3rejmtb9r3gwpvxgdwq3pxdkgc7n2vdjqxsf07bnjph0h8cr1davdsks0kmne40akf5w95s867bhznzcm2ezr8myx1yxf9sw3kk3xdr5yj6arrv4bdr9ax4spsfgk61bx07s0gcy6j58beq94x5ebvbz9xcb70sgxjac2dfz9a9dw5w4gevfvhf5qjv1ntkatdvv6ttr2j5j6jb8hzvh1s1q68n9gxqdjr94rcpp9jjb4q640vqbexqq57n62y70q60ves1pesavrs28qpqxr0pv8tw0treqegttbq1ycfbjh9heymhttjk2hbnrgr6cvbd1mwq6kcv1m1yar5w0ka7r2t1t5nc62t6n7a0trs0bskkv092nydr5gwgn37jy4djyer6xbwh3z01y1b5hd09gvmvtze3ydk8hepc4p7pj1e&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_Cj5VIASZPm9OIrQgAeQqK2oA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2NjM3NTM0Njc5OTk1OTTIAQmpAgDnZx5_v7E-4AIAqAMBqgSAAk_QAd2LJOOOnqgkFMSbiMaukxvt8ZPXCDXdilCKZ9AAFAfxolbWpuWJrB8Ic67iSMW8ztUC_TebhLRp6SVIMr92MusQfdQ8q8YG8BPKw595FA08thWJLoYK1A0zVKJFlgKxuFgZ3R61gYXlb3J7h_hmKst4-vPuW42PuiRMFr0hRrHx1ZDIa6MUNjWTQWwp-yAPu51ab46Ezd93h1VcbuTZYgIGnmbxOiCvcTY9JysZZ34obeXJvpeh1oOctauNsu5H9MO9vgX2HCq5e4SH8Xym342nzlJ7-2StG9rHNmELdVv-WshtJRs6i473kfNHE_aAYQcwyz3K4jTGltKYxFXgBAGABoGV2N-QofbviAGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1-0bIM517TruYWEzUEr2gX30cMFg%26client%3Dca-pub-4663753467999594%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
926a4ca073c39c40cabffbf1b0371803f245f084cdb9177fc7b3f9d81c0e394d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1kxqbwg7fy21nh3cxc9a5nmavj3rejmtb9r3gwpvxgdwq3pxdkgc7n2vdjqxsf07bnjph0h8cr1davdsks0kmne40akf5w95s867bhznzcm2ezr8myx1yxf9sw3kk3xdr5yj6arrv4bdr9ax4spsfgk61bx07s0gcy6j58beq94x5ebvbz9xcb70sgxjac2dfz9a9dw5w4gevfvhf5qjv1ntkatdvv6ttr2j5j6jb8hzvh1s1q68n9gxqdjr94rcpp9jjb4q640vqbexqq57n62y70q60ves1pesavrs28qpqxr0pv8tw0treqegttbq1ycfbjh9heymhttjk2hbnrgr6cvbd1mwq6kcv1m1yar5w0ka7r2t1t5nc62t6n7a0trs0bskkv092nydr5gwgn37jy4djyer6xbwh3z01y1b5hd09gvmvtze3ydk8hepc4p7pj1e&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_Cj5VIASZPm9OIrQgAeQqK2oA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2NjM3NTM0Njc5OTk1OTTIAQmpAgDnZx5_v7E-4AIAqAMBqgSAAk_QAd2LJOOOnqgkFMSbiMaukxvt8ZPXCDXdilCKZ9AAFAfxolbWpuWJrB8Ic67iSMW8ztUC_TebhLRp6SVIMr92MusQfdQ8q8YG8BPKw595FA08thWJLoYK1A0zVKJFlgKxuFgZ3R61gYXlb3J7h_hmKst4-vPuW42PuiRMFr0hRrHx1ZDIa6MUNjWTQWwp-yAPu51ab46Ezd93h1VcbuTZYgIGnmbxOiCvcTY9JysZZ34obeXJvpeh1oOctauNsu5H9MO9vgX2HCq5e4SH8Xym342nzlJ7-2StG9rHNmELdVv-WshtJRs6i473kfNHE_aAYQcwyz3K4jTGltKYxFXgBAGABoGV2N-QofbviAGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1-0bIM517TruYWEzUEr2gX30cMFg%26client%3Dca-pub-4663753467999594%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:35:01 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime
1677666448
age
57689
cf-polished
origSize=96968
x-guploader-uploadid
ADPycduxnnyMRJTFaD4Dg7Hd8aRn6xTYu1PRy7TXWWh0GjCBxwAMZMkehaNAf-UCycuwqnGLPQWuj1EZCp5aL6ZRZOMYGSoR-sy7
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 01 Mar 2023 10:28:06 GMT
server
cloudflare
etag
W/"6110dc3a24c902508647a582294bcc25"
vary
Accept-Encoding
x-goog-generation
1677666486645030
content-type
text/css
x-goog-hash
crc32c=6qzuyQ==, md5=YRDcOiTJAlCGR6WCKUvMJQ==
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kgqhTxPswF82STMgOyFINeCL0Hj2%2F6AhxmyWnb8eUcWv6XMkTFVYTtFtfLeMFO45jos9W9MoHBz3KfQxl2%2FN47FBlcLuKaUs3JkTX8%2FWCfQqUqgfZ29WNM3uHRGOdObMbHIWRHJ48Do%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
96968
cf-ray
7a8999b678be9213-FRA
expires
Thu, 16 Mar 2023 03:35:01 GMT
r62eglto.js
ad4m.at/ Frame B0E1 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/r62eglto.js
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1kxqbwg7fy21nh3cxc9a5nmavj3rejmtb9r3gwpvxgdwq3pxdkgc7n2vdjqxsf07bnjph0h8cr1davdsks0kmne40akf5w95s867bhznzcm2ezr8myx1yxf9sw3kk3xdr5yj6arrv4bdr9ax4spsfgk61bx07s0gcy6j58beq94x5ebvbz9xcb70sgxjac2dfz9a9dw5w4gevfvhf5qjv1ntkatdvv6ttr2j5j6jb8hzvh1s1q68n9gxqdjr94rcpp9jjb4q640vqbexqq57n62y70q60ves1pesavrs28qpqxr0pv8tw0treqegttbq1ycfbjh9heymhttjk2hbnrgr6cvbd1mwq6kcv1m1yar5w0ka7r2t1t5nc62t6n7a0trs0bskkv092nydr5gwgn37jy4djyer6xbwh3z01y1b5hd09gvmvtze3ydk8hepc4p7pj1e&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_Cj5VIASZPm9OIrQgAeQqK2oA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2NjM3NTM0Njc5OTk1OTTIAQmpAgDnZx5_v7E-4AIAqAMBqgSAAk_QAd2LJOOOnqgkFMSbiMaukxvt8ZPXCDXdilCKZ9AAFAfxolbWpuWJrB8Ic67iSMW8ztUC_TebhLRp6SVIMr92MusQfdQ8q8YG8BPKw595FA08thWJLoYK1A0zVKJFlgKxuFgZ3R61gYXlb3J7h_hmKst4-vPuW42PuiRMFr0hRrHx1ZDIa6MUNjWTQWwp-yAPu51ab46Ezd93h1VcbuTZYgIGnmbxOiCvcTY9JysZZ34obeXJvpeh1oOctauNsu5H9MO9vgX2HCq5e4SH8Xym342nzlJ7-2StG9rHNmELdVv-WshtJRs6i473kfNHE_aAYQcwyz3K4jTGltKYxFXgBAGABoGV2N-QofbviAGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1-0bIM517TruYWEzUEr2gX30cMFg%26client%3Dca-pub-4663753467999594%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2d5e67a38c9a11424cac19ce192c9fd124a6d74e64d3791a01561dbd3e39c0b4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:35:01 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 14 Mar 2023 13:45:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
132564
etag
W/"fcb2a26b07bd76d9a925cae661d6d94d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YJdvfg%2FjhLPpzfAXzqku%2FzVJ3BXkXxHVIcPIzj3JWf6Bpdt2wktfi9YeTD2QaVKjheGEv09N5uFRRcdd39x8pSZJU5Q9u0CGK9qHV%2FV%2B0itjNswYTR%2BeTAtZYZqnfmfKfrwXj50%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray
7a8999b678bf9213-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 14 Mar 2023 13:45:37 GMT
truncated
/ Frame D90A 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b3ca383bfd0311461fda7e11a505cbf41d2797e9ad047b235755e20aabcf005f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type
image/png
pixel
cm.g.doubleclick.net/ Frame 9EFA
Redirect Chain
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEHnAlwFbwPscqDSlEey-JjY&google_cver=1&google_push=Aa02lx-0gzZCnHEgcXYEwKGec1XvgVm-nfz70FhQjOgtJxJtnT6KJeSUKm...
  • https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=Aa02lx-0gzZCnHEgcXYEwKGec1XvgVm-nfz70FhQjOgtJxJtnT6KJeSUKmgNL-qwD2r2Je7kV5WTZYeiGU6TWm6DQ58AJTXPKFzPbq8&google_hm=RRHcez6TA...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=Aa02lx-0gzZCnHEgcXYEwKGec1XvgVm-nfz70FhQjOgtJxJtnT6KJeSUKmgNL-qwD2r2Je7kV5WTZYeiGU6TWm6DQ58AJTXPKFzPbq8&google_hm=RRHcez6TAyIA49RpZJ4gmQ
Requested by
Host: 3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com
URL: https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Mar 2023 02:35:01 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=Aa02lx-0gzZCnHEgcXYEwKGec1XvgVm-nfz70FhQjOgtJxJtnT6KJeSUKmgNL-qwD2r2Je7kV5WTZYeiGU6TWm6DQ58AJTXPKFzPbq8&google_hm=RRHcez6TAyIA49RpZJ4gmQ
pragma
no-cache
date
Thu, 16 Mar 2023 02:35:01 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
strict-transport-security
max-age=86400
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 9EFA
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEGJz2ZP4hDra7fQVXz9YQlU&google_cve...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEGJz2ZP4hDra7fQVXz9YQlU&goog...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=Mko3MkpmTWYxUENEc2g1&google_gid=CAESEGJz2ZP4hDra7fQVXz9YQlU&google_cver=1&google_push=Aa02lx-_lGXRCS0K5OEtujV6bAMytFjciBAI95in3QuZE7i...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=Mko3MkpmTWYxUENEc2g1&google_gid=CAESEGJz2ZP4hDra7fQVXz9YQlU&google_cver=1&google_push=Aa02lx-_lGXRCS0K5OEtujV6bAMytFjciBAI95in3QuZE7iNa8BLf09JN9xe06h_0F7e7IKxHSgEsLfAjWBBnH0Ee5OrVACxuUo8t-0
Requested by
Host: 3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com
URL: https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Mar 2023 02:35:01 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 16 Mar 2023 02:35:01 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-770-gc22eae1#rel-ec2-master i-00f451e3e988a04b8@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=Mko3MkpmTWYxUENEc2g1&google_gid=CAESEGJz2ZP4hDra7fQVXz9YQlU&google_cver=1&google_push=Aa02lx-_lGXRCS0K5OEtujV6bAMytFjciBAI95in3QuZE7iNa8BLf09JN9xe06h_0F7e7IKxHSgEsLfAjWBBnH0Ee5OrVACxuUo8t-0
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
i.match
s.tribalfusion.com/z/ Frame 9EFA
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEIKf4UeoEEaGBKi9rDbdr_8&google_cver=1&google_push=Aa02lx_Z2Dfb_B2dRuIoCBlHEa6Cc6tpXel6ut2CTwoHssKFwr9OH7_9WOp9i3RwsPL-1GHBUlgH0W3OorbDx1lPKP8lQBEGpwXDZ...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEIKf4UeoEEaGBKi9rDbdr_8&google_cver=1&google_push=Aa02lx_Z2Dfb_B2dRuIoCBlHEa6Cc6tpXel6ut2CTwoHssKFwr9OH7_9WOp9i3RwsPL-1GHBUlgH0W3OorbDx1lPKP8lQBEGpwX...
43 B
418 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEIKf4UeoEEaGBKi9rDbdr_8&google_cver=1&google_push=Aa02lx_Z2Dfb_B2dRuIoCBlHEa6Cc6tpXel6ut2CTwoHssKFwr9OH7_9WOp9i3RwsPL-1GHBUlgH0W3OorbDx1lPKP8lQBEGpwXDZLI&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAa02lx_Z2Dfb_B2dRuIoCBlHEa6Cc6tpXel6ut2CTwoHssKFwr9OH7_9WOp9i3RwsPL-1GHBUlgH0W3OorbDx1lPKP8lQBEGpwXDZLI%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Protocol
H2
Server
2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Mar 2023 02:35:01 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
7a8999b83ac09010-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 16 Mar 2023 02:35:01 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
248
content-type
text/html
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEIKf4UeoEEaGBKi9rDbdr_8&google_cver=1&google_push=Aa02lx_Z2Dfb_B2dRuIoCBlHEa6Cc6tpXel6ut2CTwoHssKFwr9OH7_9WOp9i3RwsPL-1GHBUlgH0W3OorbDx1lPKP8lQBEGpwXDZLI&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAa02lx_Z2Dfb_B2dRuIoCBlHEa6Cc6tpXel6ut2CTwoHssKFwr9OH7_9WOp9i3RwsPL-1GHBUlgH0W3OorbDx1lPKP8lQBEGpwXDZLI%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
7a8999b6ea129010-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 9EFA
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEJYD5oMKmYZjtcNEMl-Bafs&google_cver=1&google_push=Aa02lx8jovZP24DgUITsZR4G1N0OH8GrpZh2BDj0MJDxd-oFQZxhOFWfe8asVx2uALxGSLhwQhT_uVUv0no1_V...
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIxMDk2NzA1NTk0MzU5NjE4NQ%3D%3D&google_push=Aa02lx8jovZP24DgUITsZR4G1N0OH8GrpZh2BDj0MJDxd-oFQZxhOFWfe8asVx2uALxGSLhwQhT_uVUv0no1_V2sXb...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIxMDk2NzA1NTk0MzU5NjE4NQ%3D%3D&google_push=Aa02lx8jovZP24DgUITsZR4G1N0OH8GrpZh2BDj0MJDxd-oFQZxhOFWfe8asVx2uALxGSLhwQhT_uVUv0no1_V2sXbwwNacXBXbJbiU
Requested by
Host: 3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com
URL: https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Mar 2023 02:35:01 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIxMDk2NzA1NTk0MzU5NjE4NQ%3D%3D&google_push=Aa02lx8jovZP24DgUITsZR4G1N0OH8GrpZh2BDj0MJDxd-oFQZxhOFWfe8asVx2uALxGSLhwQhT_uVUv0no1_V2sXbwwNacXBXbJbiU
Date
Thu, 16 Mar 2023 02:35:01 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
pixel
cm.g.doubleclick.net/ Frame 9EFA
Redirect Chain
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESECQKQjopYjV42ZBOntoa2Hg&google_cver=1&google_push=Aa02lx8dGwwJ4NXWoJT3oqPjgCtiCsbLEY6A3a60_6fBME7JYCf7VrEJcug0VrAcMfHWHL11Icnh-EY52AiWWZQJ...
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=GAgVF0hATGSnbxIhnH0jiA2&google_push=Aa02lx8dGwwJ4NXWoJT3oqPjgCtiCsbLEY6A3a60_6fBME7JYCf7VrEJcug0VrAcMfHWHL11Icnh-EY52AiWWZQJOFsDPqjAtutxJd4
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=GAgVF0hATGSnbxIhnH0jiA2&google_push=Aa02lx8dGwwJ4NXWoJT3oqPjgCtiCsbLEY6A3a60_6fBME7JYCf7VrEJcug0VrAcMfHWHL11Icnh-EY52AiWWZQJOFsDPqjAtutxJd4
Requested by
Host: 3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com
URL: https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Mar 2023 02:35:01 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 16 Mar 2023 02:35:01 GMT
via
1.1 google
x-engine-version
0.0.0
server
nginx/1.21.6
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=GAgVF0hATGSnbxIhnH0jiA2&google_push=Aa02lx8dGwwJ4NXWoJT3oqPjgCtiCsbLEY6A3a60_6fBME7JYCf7VrEJcug0VrAcMfHWHL11Icnh-EY52AiWWZQJOFsDPqjAtutxJd4
x-host
tde-deliveryengine-production-86c874c4d8-klw8l
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pixel
cm.g.doubleclick.net/ Frame 9EFA
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEIIXgMGdvZRaYTyd4cB0XqY&google_cver=1&google_push=Aa02lx-AhaLTGP8RvWlI8w3Xa9bnI6_bvLPvBiCpNROiBYGijDWG5vBRKCxTqXh6gCRrn1P7NMLS39As5qnKyev4tAmpgpghg-...
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTI4NDIyMzk1MzA2MzIxMzE4Mjc5&google_push=Aa02lx-AhaLTGP8RvWlI8w3Xa9bnI6_bvLPvBiCpNROiBYGijDWG5vBRKCxTqXh6...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTI4NDIyMzk1MzA2MzIxMzE4Mjc5&google_push=Aa02lx-AhaLTGP8RvWlI8w3Xa9bnI6_bvLPvBiCpNROiBYGijDWG5vBRKCxTqXh6gCRrn1P7NMLS39As5qnKyev4tAmpgpghg-luhw
Requested by
Host: 3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com
URL: https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Mar 2023 02:35:01 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTI4NDIyMzk1MzA2MzIxMzE4Mjc5&google_push=Aa02lx-AhaLTGP8RvWlI8w3Xa9bnI6_bvLPvBiCpNROiBYGijDWG5vBRKCxTqXh6gCRrn1P7NMLS39As5qnKyev4tAmpgpghg-luhw
date
Thu, 16 Mar 2023 02:35:01 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
onetag-sys.com/match/ Frame 9EFA
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEGbmMbRQ28tNFNl55D_HTGM&google_cver=1&google_push=Aa02lx9ZQ_HT7-z48pn2EGAgjjVBW1Ui8cvTYL5u56dSnUTIii9K8eIqBOM1HHzsqnfM6FyHQiCgYhJjwIh...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx9ZQ_HT7-z48pn2EGAgjjVBW1Ui8cvTYL5u56dSnUTIii9K8eIqBOM1HHzsqnfM6FyHQiCgYhJjwIh-lwWjrF70jIS8d44Tgz7U
  • https://onetag-sys.com/match/?int_id=19&google_error=5
0
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=19&google_error=5
Requested by
Host: 3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com
URL: https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Thu, 16 Mar 2023 02:35:01 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
255
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 9EFA 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JLN-q7gV_FL_Y1A5VdaR3K0YNw6do0zg-6aS9v_U8qGpu4o2bgF975C9iCtMc9rAmnzKnJBQ
Requested by
Host: 3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com
URL: https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:35:01 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
sync
app.retargetly.com/ Frame A8BB
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=retargetly_ddp&google_hm=OTI1ZDMyZTItZjViMi00MTk0LTk3OGYtMGExMDgxZGI0ZWUx&google_cm
  • https://app.retargetly.com/sync?pid=11&google_gid=CAESEPytLPQPPCWE_mW5ksAlaDM&google_cver=1
68 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app.retargetly.com/sync?pid=11&google_gid=CAESEPytLPQPPCWE_mW5ksAlaDM&google_cver=1
Requested by
Host: api.retargetly.com
URL: https://api.retargetly.com/api?id=3368&src=0&url=https%3A%2F%2Fistoe.com.br%2F&browserUrl=undefined&ref=&utmz=&n=ISTO%C3%89%20Independente&md=A%20mais%20combativa%20revista%20semanal%20de%20informa%C3%A7%C3%A3o%20e%20interesse%20geral%20do%20Brasil&mk=&il=0&limit_drop=&userid=925d32e2-f5b2-4194-978f-0a1081db4ee1&idx=&fullVersionList=&platform=&_rlid=925d32e2-f5b2-4194-978f-0a1081db4ee1
Protocol
H2
Server
2606:4700:10::6816:118d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4443eccbe460b086b56483fdbfdaafca2c11c369a796a56c097997b15c160660

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://api.retargetly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Mar 2023 02:35:02 GMT
cf-cache-status
DYNAMIC
server
cloudflare
content-type
image/png
access-control-allow-origin
*
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
cache-control
no-cache
cf-ray
7a8999b76c7a9a0f-FRA
expires
0

Redirect headers

pragma
no-cache
date
Thu, 16 Mar 2023 02:35:01 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://app.retargetly.com/sync?pid=11&google_gid=CAESEPytLPQPPCWE_mW5ksAlaDM&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
296
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
m
cm.mgid.com/ Frame A8BB 		43 B
452 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.mgid.com/m?cdsp=712808&adu=https%3A%2F%2Fapp.retargetly.com%2Fsync%3Fsid%3D%7Bmuidn%7D%26pid%3D70
Requested by
Host: api.retargetly.com
URL: https://api.retargetly.com/api?id=3368&src=0&url=https%3A%2F%2Fistoe.com.br%2F&browserUrl=undefined&ref=&utmz=&n=ISTO%C3%89%20Independente&md=A%20mais%20combativa%20revista%20semanal%20de%20informa%C3%A7%C3%A3o%20e%20interesse%20geral%20do%20Brasil&mk=&il=0&limit_drop=&userid=925d32e2-f5b2-4194-978f-0a1081db4ee1&idx=&fullVersionList=&platform=&_rlid=925d32e2-f5b2-4194-978f-0a1081db4ee1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:874e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://api.retargetly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Mar 2023 02:35:01 GMT
cf-cache-status
DYNAMIC
server
cloudflare
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, max-age=0
cf-ray
7a8999b74c1439e8-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
js
pixel.mathtag.com/sync/ Frame A8BB 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.mathtag.com/sync/js?mt_lim=12&sync=auto&exsync=https%3A%2F%2Fapp.retargetly.com%2Fsync%3Fsid%3D%5BMM_UUID%5D%26pid%3D10
Requested by
Host: api.retargetly.com
URL: https://api.retargetly.com/api?id=3368&src=0&url=https%3A%2F%2Fistoe.com.br%2F&browserUrl=undefined&ref=&utmz=&n=ISTO%C3%89%20Independente&md=A%20mais%20combativa%20revista%20semanal%20de%20informa%C3%A7%C3%A3o%20e%20interesse%20geral%20do%20Brasil&mk=&il=0&limit_drop=&userid=925d32e2-f5b2-4194-978f-0a1081db4ee1&idx=&fullVersionList=&platform=&_rlid=925d32e2-f5b2-4194-978f-0a1081db4ee1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-201.deploy.static.akamaitechnologies.com
Software
MT3 569 46451a0 master cdg-pixel-x27 config:1.0.0 /
Resource Hash
0e266d76801a31dc011efef36a2cdc3eb4b4c218a9f8f259c2252c71311d9316

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://api.retargetly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Thu, 16 Mar 2023 02:35:01 GMT
Server
MT3 569 46451a0 master cdg-pixel-x27 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
*
Content-Type
text/javascript
Cache-Control
no-cache
Connection
keep-alive
Content-Length
1514
Expires
Thu, 16 Mar 2023 02:35:00 GMT
check
pixel.tapad.com/idsync/ex/receive/ Frame A8BB
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3012&partner_device_id=925d32e2-f5b2-4194-978f-0a1081db4ee1&_rand=1678934101506
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3012&partner_device_id=925d32e2-f5b2-4194-978f-0a1081db4ee1&_rand=1678934101506
95 B
436 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3012&partner_device_id=925d32e2-f5b2-4194-978f-0a1081db4ee1&_rand=1678934101506
Requested by
Host: api.retargetly.com
URL: https://api.retargetly.com/api?id=3368&src=0&url=https%3A%2F%2Fistoe.com.br%2F&browserUrl=undefined&ref=&utmz=&n=ISTO%C3%89%20Independente&md=A%20mais%20combativa%20revista%20semanal%20de%20informa%C3%A7%C3%A3o%20e%20interesse%20geral%20do%20Brasil&mk=&il=0&limit_drop=&userid=925d32e2-f5b2-4194-978f-0a1081db4ee1&idx=&fullVersionList=&platform=&_rlid=925d32e2-f5b2-4194-978f-0a1081db4ee1
Protocol
H2
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://api.retargetly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:35:01 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

date
Thu, 16 Mar 2023 02:35:01 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
location
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3012&partner_device_id=925d32e2-f5b2-4194-978f-0a1081db4ee1&_rand=1678934101506
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
28347
tags.bluekai.com/site/ Frame A8BB 		62 B
227 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/28347?limit=0&id=925d32e2-f5b2-4194-978f-0a1081db4ee1&redir=https%3A%2F%2Fapp.retargetly.com%2Fsync%3Fsid%3D%24_BK_UUID%26pid%3D9
Requested by
Host: api.retargetly.com
URL: https://api.retargetly.com/api?id=3368&src=0&url=https%3A%2F%2Fistoe.com.br%2F&browserUrl=undefined&ref=&utmz=&n=ISTO%C3%89%20Independente&md=A%20mais%20combativa%20revista%20semanal%20de%20informa%C3%A7%C3%A3o%20e%20interesse%20geral%20do%20Brasil&mk=&il=0&limit_drop=&userid=925d32e2-f5b2-4194-978f-0a1081db4ee1&idx=&fullVersionList=&platform=&_rlid=925d32e2-f5b2-4194-978f-0a1081db4ee1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.217.14 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-217-14.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://api.retargetly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date
Thu, 16 Mar 2023 02:35:01 GMT
content-length
62
content-type
image/gif
generic
match.adsrvr.org/track/cmf/ Frame A8BB 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=83i98y4&ttd_tpi=1
Requested by
Host: api.retargetly.com
URL: https://api.retargetly.com/api?id=3368&src=0&url=https%3A%2F%2Fistoe.com.br%2F&browserUrl=undefined&ref=&utmz=&n=ISTO%C3%89%20Independente&md=A%20mais%20combativa%20revista%20semanal%20de%20informa%C3%A7%C3%A3o%20e%20interesse%20geral%20do%20Brasil&mk=&il=0&limit_drop=&userid=925d32e2-f5b2-4194-978f-0a1081db4ee1&idx=&fullVersionList=&platform=&_rlid=925d32e2-f5b2-4194-978f-0a1081db4ee1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://api.retargetly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 16 Mar 2023 02:35:01 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
usersync
pixel-sync.sitescout.com/connectors/retargetly/ Frame A8BB 		0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/connectors/retargetly/usersync?redir=https%3A%2F%2Fapp.retargetly.com%2Fsync%3Fsid%3D%7BuserId%7D%26pid%3D23
Requested by
Host: api.retargetly.com
URL: https://api.retargetly.com/api?id=3368&src=0&url=https%3A%2F%2Fistoe.com.br%2F&browserUrl=undefined&ref=&utmz=&n=ISTO%C3%89%20Independente&md=A%20mais%20combativa%20revista%20semanal%20de%20informa%C3%A7%C3%A3o%20e%20interesse%20geral%20do%20Brasil&mk=&il=0&limit_drop=&userid=925d32e2-f5b2-4194-978f-0a1081db4ee1&idx=&fullVersionList=&platform=&_rlid=925d32e2-f5b2-4194-978f-0a1081db4ee1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
98.98.134.241 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://api.retargetly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Thu, 16 Mar 2023 02:35:01 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
expires
Tue, 11 Oct 1977 12:34:56 GMT
sync
app.retargetly.com/ Frame A8BB
Redirect Chain
  • https://cms.analytics.yahoo.com/cms?partner_id=RTGLY
  • https://ups.analytics.yahoo.com/ups/58698/cms?partner_id=RTGLY
  • https://app.retargetly.com/sync?pid=22&sid=y-02dydp9E2oJm0GzNzU.I_luMjttzyjmuo.Q-~A
68 B
456 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app.retargetly.com/sync?pid=22&sid=y-02dydp9E2oJm0GzNzU.I_luMjttzyjmuo.Q-~A
Requested by
Host: api.retargetly.com
URL: https://api.retargetly.com/api?id=3368&src=0&url=https%3A%2F%2Fistoe.com.br%2F&browserUrl=undefined&ref=&utmz=&n=ISTO%C3%89%20Independente&md=A%20mais%20combativa%20revista%20semanal%20de%20informa%C3%A7%C3%A3o%20e%20interesse%20geral%20do%20Brasil&mk=&il=0&limit_drop=&userid=925d32e2-f5b2-4194-978f-0a1081db4ee1&idx=&fullVersionList=&platform=&_rlid=925d32e2-f5b2-4194-978f-0a1081db4ee1
Protocol
H2
Server
2606:4700:10::6816:118d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4443eccbe460b086b56483fdbfdaafca2c11c369a796a56c097997b15c160660

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://api.retargetly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Mar 2023 02:35:01 GMT
cf-cache-status
DYNAMIC
server
cloudflare
content-type
image/png
access-control-allow-origin
*
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
cache-control
no-cache
cf-ray
7a8999b86d209a0f-FRA
expires
0

Redirect headers

location
https://app.retargetly.com/sync?pid=22&sid=y-02dydp9E2oJm0GzNzU.I_luMjttzyjmuo.Q-~A
date
Thu, 16 Mar 2023 02:35:01 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sync
app.retargetly.com/ Frame A8BB
Redirect Chain
  • https://secure.adnxs.com/getuid?https://app.retargetly.com/sync?sid=$UID&pid=2
  • https://app.retargetly.com/sync?sid=3657491859309942484&pid=2
68 B
432 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app.retargetly.com/sync?sid=3657491859309942484&pid=2
Requested by
Host: api.retargetly.com
URL: https://api.retargetly.com/api?id=3368&src=0&url=https%3A%2F%2Fistoe.com.br%2F&browserUrl=undefined&ref=&utmz=&n=ISTO%C3%89%20Independente&md=A%20mais%20combativa%20revista%20semanal%20de%20informa%C3%A7%C3%A3o%20e%20interesse%20geral%20do%20Brasil&mk=&il=0&limit_drop=&userid=925d32e2-f5b2-4194-978f-0a1081db4ee1&idx=&fullVersionList=&platform=&_rlid=925d32e2-f5b2-4194-978f-0a1081db4ee1
Protocol
H2
Server
2606:4700:10::6816:118d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4443eccbe460b086b56483fdbfdaafca2c11c369a796a56c097997b15c160660

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://api.retargetly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Mar 2023 02:35:01 GMT
cf-cache-status
DYNAMIC
server
cloudflare
content-type
image/png
access-control-allow-origin
*
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
cache-control
no-cache
cf-ray
7a8999b76c799a0f-FRA
expires
0

Redirect headers

Date
Thu, 16 Mar 2023 02:35:01 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
185.213.155.141; 185.213.155.141; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
686d060b-b7ff-4a11-8c60-0a0c45c5a25a
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://app.retargetly.com/sync?sid=3657491859309942484&pid=2
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
app.retargetly.com/ Frame A8BB
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3a%2f%2fapp.retargetly.com%2fsync%3fpid%3d14%26sid%3d%23PM_USER_ID
  • https://app.retargetly.com/sync?pid=14&sid=4763FEEB-BBC8-4BEB-8D48-C1F9EEFB1915
68 B
439 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app.retargetly.com/sync?pid=14&sid=4763FEEB-BBC8-4BEB-8D48-C1F9EEFB1915
Requested by
Host: api.retargetly.com
URL: https://api.retargetly.com/api?id=3368&src=0&url=https%3A%2F%2Fistoe.com.br%2F&browserUrl=undefined&ref=&utmz=&n=ISTO%C3%89%20Independente&md=A%20mais%20combativa%20revista%20semanal%20de%20informa%C3%A7%C3%A3o%20e%20interesse%20geral%20do%20Brasil&mk=&il=0&limit_drop=&userid=925d32e2-f5b2-4194-978f-0a1081db4ee1&idx=&fullVersionList=&platform=&_rlid=925d32e2-f5b2-4194-978f-0a1081db4ee1
Protocol
H2
Server
2606:4700:10::6816:118d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4443eccbe460b086b56483fdbfdaafca2c11c369a796a56c097997b15c160660

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://api.retargetly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Mar 2023 02:35:01 GMT
cf-cache-status
DYNAMIC
server
cloudflare
content-type
image/png
access-control-allow-origin
*
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
cache-control
no-cache
cf-ray
7a8999b76c7b9a0f-FRA
expires
0

Redirect headers

location
https://app.retargetly.com/sync?pid=14&sid=4763FEEB-BBC8-4BEB-8D48-C1F9EEFB1915
date
Thu, 16 Mar 2023 02:34:59 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
tpid=925d32e2-f5b2-4194-978f-0a1081db4ee1
bcp.crwdcntrl.net/map/c=11530/tp=RTRG/ Frame A8BB 		49 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bcp.crwdcntrl.net/map/c=11530/tp=RTRG/tpid=925d32e2-f5b2-4194-978f-0a1081db4ee1
Requested by
Host: api.retargetly.com
URL: https://api.retargetly.com/api?id=3368&src=0&url=https%3A%2F%2Fistoe.com.br%2F&browserUrl=undefined&ref=&utmz=&n=ISTO%C3%89%20Independente&md=A%20mais%20combativa%20revista%20semanal%20de%20informa%C3%A7%C3%A3o%20e%20interesse%20geral%20do%20Brasil&mk=&il=0&limit_drop=&userid=925d32e2-f5b2-4194-978f-0a1081db4ee1&idx=&fullVersionList=&platform=&_rlid=925d32e2-f5b2-4194-978f-0a1081db4ee1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.49.217.141 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-217-141.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://api.retargetly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Mar 2023 02:35:01 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.7.37
content-length
49
expires
0
cm
trc.taboola.com/sg/retargetly/1/ Frame A8BB 		43 B
149 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/retargetly/1/cm?redirect=https%3A%2F%2Fapp.retargetly.com%2Fsync%3Fsid%3D%3CTUID%3E%26pid%3D39
Requested by
Host: api.retargetly.com
URL: https://api.retargetly.com/api?id=3368&src=0&url=https%3A%2F%2Fistoe.com.br%2F&browserUrl=undefined&ref=&utmz=&n=ISTO%C3%89%20Independente&md=A%20mais%20combativa%20revista%20semanal%20de%20informa%C3%A7%C3%A3o%20e%20interesse%20geral%20do%20Brasil&mk=&il=0&limit_drop=&userid=925d32e2-f5b2-4194-978f-0a1081db4ee1&idx=&fullVersionList=&platform=&_rlid=925d32e2-f5b2-4194-978f-0a1081db4ee1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://api.retargetly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-vcl-time-ms
9
pragma
no-cache
date
Thu, 16 Mar 2023 02:35:01 GMT
via
1.1 varnish
x-served-by
cache-fra-eddf8230058-FRA
server
nginx
x-timer
S1678934102.642894,VS0,VE9
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
*
cache-control
no-cache, no-store
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
sync
sync.teads.tv/rt/ Frame A8BB 		2 B
162 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/rt/sync?vid=925d32e2-f5b2-4194-978f-0a1081db4ee1&gdpr=0&us_privacy=%221-N-%22
Requested by
Host: api.retargetly.com
URL: https://api.retargetly.com/api?id=3368&src=0&url=https%3A%2F%2Fistoe.com.br%2F&browserUrl=undefined&ref=&utmz=&n=ISTO%C3%89%20Independente&md=A%20mais%20combativa%20revista%20semanal%20de%20informa%C3%A7%C3%A3o%20e%20interesse%20geral%20do%20Brasil&mk=&il=0&limit_drop=&userid=925d32e2-f5b2-4194-978f-0a1081db4ee1&idx=&fullVersionList=&platform=&_rlid=925d32e2-f5b2-4194-978f-0a1081db4ee1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.217.42 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-217-42.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.10 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://api.retargetly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

expires
Thu, 16 Mar 2023 02:35:01 GMT
pragma
no-cache
date
Thu, 16 Mar 2023 02:35:01 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.10
content-length
2
content-type
text/plain; charset=UTF-8
sync
app.retargetly.com/ Frame A8BB
Redirect Chain
  • https://sync.smartadserver.com/getuid?gdpr=0&url=https%3A%2F%2Fapp.retargetly.com%2Fsync%3Fsid%3D%5Bsas_uid%5D%26pid%3D63
  • https://sync.smartadserver.com/getuid?gdpr=0&url=https://app.retargetly.com/sync?sid=[sas_uid]&pid=63&cklb=1
  • https://app.retargetly.com/sync?sid=3194933628265421749
68 B
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app.retargetly.com/sync?sid=3194933628265421749
Requested by
Host: api.retargetly.com
URL: https://api.retargetly.com/api?id=3368&src=0&url=https%3A%2F%2Fistoe.com.br%2F&browserUrl=undefined&ref=&utmz=&n=ISTO%C3%89%20Independente&md=A%20mais%20combativa%20revista%20semanal%20de%20informa%C3%A7%C3%A3o%20e%20interesse%20geral%20do%20Brasil&mk=&il=0&limit_drop=&userid=925d32e2-f5b2-4194-978f-0a1081db4ee1&idx=&fullVersionList=&platform=&_rlid=925d32e2-f5b2-4194-978f-0a1081db4ee1
Protocol
H2
Server
2606:4700:10::6816:118d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4443eccbe460b086b56483fdbfdaafca2c11c369a796a56c097997b15c160660

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://api.retargetly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Mar 2023 02:35:01 GMT
cf-cache-status
DYNAMIC
server
cloudflare
content-type
image/png
access-control-allow-origin
*
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
cache-control
no-cache
cf-ray
7a8999b89d3f9a0f-FRA
expires
0

Redirect headers

location
https://app.retargetly.com/sync?sid=3194933628265421749
pragma
no-cache
date
Thu, 16 Mar 2023 02:35:01 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
getuid
sync.smartadserver.com/ Frame A8BB
Redirect Chain
  • https://sync.smartadserver.com/getuid?gdpr=0&url=https%3A%2F%2Fapp.retargetly.com%2Fsync%3Fpid%3D74%26sid%3D%5Bsas_uid%5D
  • https://sync.smartadserver.com/getuid?gdpr=0&url=https://app.retargetly.com/sync?pid=74&sid=[sas_uid]&cklb=1
0
256 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.smartadserver.com/getuid?gdpr=0&url=https://app.retargetly.com/sync?pid=74&sid=[sas_uid]&cklb=1
Requested by
Host: api.retargetly.com
URL: https://api.retargetly.com/api?id=3368&src=0&url=https%3A%2F%2Fistoe.com.br%2F&browserUrl=undefined&ref=&utmz=&n=ISTO%C3%89%20Independente&md=A%20mais%20combativa%20revista%20semanal%20de%20informa%C3%A7%C3%A3o%20e%20interesse%20geral%20do%20Brasil&mk=&il=0&limit_drop=&userid=925d32e2-f5b2-4194-978f-0a1081db4ee1&idx=&fullVersionList=&platform=&_rlid=925d32e2-f5b2-4194-978f-0a1081db4ee1
Protocol
H2
Server
185.86.139.102 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://api.retargetly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Mar 2023 02:35:01 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location
https://sync.smartadserver.com:443/getuid?gdpr=0&url=https://app.retargetly.com/sync?pid=74&sid=[sas_uid]&cklb=1
pragma
no-cache
date
Thu, 16 Mar 2023 02:35:01 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
current
retargetly-match.dotomi.com/match/bounce/ Frame A8BB 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://retargetly-match.dotomi.com/match/bounce/current?networkId=95012&version=1&nuid=925d32e2-f5b2-4194-978f-0a1081db4ee1
Requested by
Host: api.retargetly.com
URL: https://api.retargetly.com/api?id=3368&src=0&url=https%3A%2F%2Fistoe.com.br%2F&browserUrl=undefined&ref=&utmz=&n=ISTO%C3%89%20Independente&md=A%20mais%20combativa%20revista%20semanal%20de%20informa%C3%A7%C3%A3o%20e%20interesse%20geral%20do%20Brasil&mk=&il=0&limit_drop=&userid=925d32e2-f5b2-4194-978f-0a1081db4ee1&idx=&fullVersionList=&platform=&_rlid=925d32e2-f5b2-4194-978f-0a1081db4ee1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:16::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://api.retargetly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Mar 2023 02:35:01 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
all
csm.eu.criteo.net/ Frame 990D 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=8GnTmZbAYzd9tt7lowD_idcm_Kg2k1-l1WZ26MTrwMB3ntufu5Hf1Xygwh9VojcJqhrQLk_gYtWkBeL--jqcDnkf9ZGFFsdJhChzpMC1tiXK5m8xqmpWS86Pjd4BJmhcYzz85qpOZM_NTrYiRByIeqLk4qj4RHjeoADEF47yWntTqUUdZFpdKLmGIBIuKOmZJdmTUDSDiCyn682umTNZWwR0sOEA4Edm2RNg4OnbJ48Zu-0zJH4BXHQCtVBP6R2VA9UGmQ&sds=2&rev=85089&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZBKAUwANXiAK3qLNAA3gfkwLdVizVn9gd2pzKw&u=%7CuWCZiUy7qD%2FouEjlkhyXhB4%2B9MTr%2FywVV6%2Fl90EPonU%3D%7C&c1=YJ4X_nXZn4MS-Vyc1jpPlV4VTPO6xzWbMW9ePYRMUYXVfUoF4cAXWYg8h5DGKhCYavayMK6vuCSe5-sUe1T5ah415E2MEw3gENqPGRConXrdVx33HLPhrr7NhQkrGZs8bvaE_-cw6AHWJEBL6ruujjnee_mlAbTgMLghQ8fJhyr6Z1TH11uRb-4R8adOPKv6GzGtYYEZ6HRiY0hw6y3yOY3uIXrxh3yqDDp0vSPHHFWddFNJ-_X9tteYhnl1zksxS1rLK2H8x-CrTQ_O0k2dyPc62n9SSVLVPYfXmE6mnf2rpXz-2SEB-UL8cebwdkQCEVUVIJmR2lmxeNxDiBZYFlcF9aeJ70-FPp_uzlDkSYHz6FHmIeT2jf4uMvJd5VuyD1b-3uEfnavcVG0WSjmr1Ru_rNdb9nN86IHpo3fxV__RyvE4yrOgUTdYnDbAglQq5gB8QjM4rswGiBPF2DbuAXL8AaEeL9Y0ovYtzjwJNxaEaCJuI-Q7WC1ULN2Z_b2wtsotqrDdfBbLHv5BpMB4uPcStpdr6nZmyJXFuq56sCzOLSXlBNxnsPMnP9_jlaJBwO1mOhPNq7C1y59m_GKDUmooQZweisbmJEY0cDA8usiN4zlqbiVq186-LmEci8Pd-dLrqYFKTGQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCOcbEU4ASZKC8Nc3F-gb-wLeICMme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNDY2Mzc1MzQ2Nzk5OTU5NMgBCakCAOdnHn-_sT7gAgCoAwGqBPoBT9DQmMnuoq3muaVA4bxM4gfBq7looj0SiKbJ9Q4uAogMtvrWKqP-ao0NsH3WMF58eVExlShXii2vumuD9hgKnjBAfXuPjDCnWuLZ9hFRAa_Ec9R5NT4CGAjaR5VHzKEU5rJiPjooqRlXSpP8b1wI_IqGkcb-6fNoHec-wOqowzcnkPqq0Jqbkx08s6gXwLMfyCpoN9HyLJ0U1LqVNHZMQTZjeuT4-jidd3LiJeBputRTzmU07aqcF7khLAEYoST9aIR7Soy2ex6DhK6BvkBCnrXrPzyH-N4gGEaztCo3YW-MtkMVHxr9hRd9HlVGepQft7aHk3FUHyz57OAEAYAGg5SY49Ss1K1doAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1YaJYZdyHAmD6X_3fOuWJvjivjKw%26client%3Dca-pub-4663753467999594%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::21 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 16 Mar 2023 02:35:01 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
container.html
3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 0CBC 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031301.js?cb=31073052
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://istoe.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 16 Mar 2023 02:34:59 GMT
expires
Fri, 15 Mar 2024 02:34:59 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame B0E1 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.35/one-ad/default.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:444e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:35:01 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
959
x-guploader-uploadid
ADPycdvwP-NwgXqNEbyI2qkcz3h5-Ehsvrbo1BzPr2w5R7YEx4A4494G82MbZGb67-CgTESrTtVZjLf5PX4N9CeItuw
x-goog-storage-class
STANDARD
x-goog-custom-time
1970-01-01T00:00:00Z
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3262
x-goog-meta-
last-modified
Wed, 09 Jun 2021 12:35:14 GMT
server
cloudflare
etag
"794c84d30e213ec6a144d64215f07551"
vary
Accept-Encoding
x-goog-generation
1623242114099744
content-type
image/png
x-goog-hash
crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
cache-control
public, max-age=31536000, immutable
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vuPBWDiXmgH3THv0t%2BThA6RutUbRXa3yNB4GKOhx8gs%2Bh12xyOzNeVR6og00V6VVvrxbsitLuwRhX9MsTcwTpEGZu4VRXh1RdwmMbjiXONp0%2B8ZANAMN3cc5ewRaTJ6JpG0TE2LKKJzj6BkFD8RXcnW9"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
3262
accept-ranges
bytes
cf-ray
7a8999b748e0901c-FRA
expires
Thu, 16 Mar 2023 03:09:11 GMT
frame.html
ad4m.at/ Frame 64A4 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
293466
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
public, max-age=3600
cf-cache-status
HIT
cf-ray
7a8999b749439213-FRA
content-encoding
br
content-language
en
content-type
text/html; charset=utf-8
date
Thu, 16 Mar 2023 02:35:01 GMT
expires
Mon, 27 Feb 2023 21:37:06 GMT
last-modified
Thu, 25 Aug 2022 14:12:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YBWShlgPddPzLUOJ2Yui4AD4pfSq%2FkGLlM2qqo8GQma5HD4C8RD3A9xsSLT09OOw8olq96zyYfEctylp0aEe5Wow%2BFAvyFvk6l1NEcADOz8nTk5KvD8ZtRKO1tecnj3IrjIG%2BBU%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
rs
ad4m.at/ Frame B0E1 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
32ee8c1cb9d1e4a6064e6d1b3d53b8069a8774646fe08e7d970c562896976153

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 16 Mar 2023 02:35:01 GMT
via
1.1 google
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ud5UcKp1sBz5fKHBn71aDDDEMrx5GP%2B0wkLg1EW7iJdsN0%2BkmE%2FjoQ1pAIwHJrNHXF8yOeRr1ToHBSkBlHd896Q1y66MhtN%2BeWkawjpwqxEgrBc8J6qZ4AV3sLDE2RqGAIzCHXk%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://as.ad4m.at
access-control-allow-credentials
true
cf-ray
7a8999b7b8c69295-FRA
x-backend-server
aa-reachservice-group-europe-west1-8tkt
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
rs
ad4m.at/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin
https://as.ad4m.at
access-control-max-age
1800
allow
HEAD,POST,GET,OPTIONS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7a8999b778b19295-FRA
content-length
24
content-type
text/plain
date
Thu, 16 Mar 2023 02:35:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zpQBQGNNBS8lREl5ycUKGONdXySKOQD29bbLph7lFgKPpJ5KdKTt7ACvzZtJruHyYSzTUVdsdFHnxS88xtl5pneIGERH4KClyEIX8SXFj1ejZd78h5Tpp5ehh%2BOLTo6p46ZNHYo%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
via
1.1 google
x-backend-server
aa-reachservice-group-europe-west1-8tkt
adview
securepubads.g.doubleclick.net/pagead/ Frame 5001 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C4OCvVYASZMPXFtPl7gOmtYSIDJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2NjM3NTM0Njc5OTk1OTTIAQmpAgDnZx5_v7E-4AIAqAMBqgT9AU_Q7KJpvZhMgEubt9hAermc6GrbdHIM1pm8a1K-2TI0EQLg4DH6JMTjB1_XbCsEy65MkF9VLvZ-AepGxjtuiYjUut4GZTZsO2niciZJNqJbhYdbu8Br24a-6Z1LsumTq-cJSUkaF6PlsQRrVYfkm2sF6xytxlo8fuWswthrnVVr6zTJdHiaAuJzuw-VsPrFZ4fuYMqkwOAB-DmmB37--yVDV4YxLMQeJWUXmx_nyxZ40BE4uF3qveoCCxUZr92k7j0yGd2pD9vpXykMxHUGlM8JTylQGqSJBg5RZ9LNFxa7a_PWae4a9YfYZtwyS24w64gvy76IVRZapQe_YwzgBAGABpqW_rH7lvf1yAGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBAgAoB-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTQ2NjM3NTM0Njc5OTk1OTQYh7AO&sigh=7bhjaNZ82wk&uach_m=[UACH]&cid=CAQSPADUE5ymOe37FKT5iSLds5mhXTzlPYWZsXZRrk4Rus652s-Rih3cN66jO8KsibmQiGDuF2NWWhlVHjI_uRgB
Requested by
Host: istoe.com.br
URL: https://istoe.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers
winResponse
prod-rtb.ad4mat.net/ Frame 5001 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prod-rtb.ad4mat.net/winResponse?a=1kq4m5mmydtk886k16xa5wk8ptn451y5x7m9zdgqmgt9mhssj4t4ymyndp3382tx6yvp0bknyf6fa5t4s7vrd55zy8fx9gae2wa8mng65pfrbj8b67c17z04hce24trh7wxy8xvxkvaxa8ns1ayrdt6skgaqhd89nrgtyjepzwsxzmtvbsrme1nps9xhna9awvra349kc7945qxhn1c079gh2sm8t17vr08wjbcgxvgbsmqahjvbemzk5jdhxyzzs7jdprk7q9ekprdsaffz91f8rcgffq6hnh09rxzebe69bk6mvhmrhby126sqqf9cp9q9bw8xnbnajwy06wmjv8nvbxkmf2jq87j66htgv3q3pyfrj68p7bdyt6xfnys1k5rbf98jv466b60&b=ZBKAVQAFq8MKe7LTAAEapr0S9m2DfZaRIJTqSw
Requested by
Host: istoe.com.br
URL: https://istoe.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 16 Mar 2023 02:35:01 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
image/gif
dr
as.ad4m.at/ad/ Frame 3020 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/dr?ed=1g294dxd48kkn0mscv844628xc0bsmfgwp61vwzpj3dn90essn44h41jyxzgfx788zpvx4e0zdt7hxq2j5n5z6t4fafgv2jb5bcx8wdd4g03xhfct2j884s1n1af6qr5t3wkm722y3d6rtxb52gpytc3v0zyeejqmetcw0d62d9nhkjbs7ew11zh7yt0zb4p2fk0d8v9b0ky2nge1npw4kay8dyjekb80ensaxt03ka9nydwr62psy7x8vxn7s5v20n28v6vvqhs013rrmg7gptne7hxq078gm4yzhnhad5hg0wbzqznjeezbcbned3kbtxqv43yqnbngm0skmm51zk7ms0ntck9y9b6aqzk4a2wvte3zrt9yy7x177599ptpm4nnna4c88efmwyqpv8qd5s6dbng2m6yt9gfkfwwv5gvwq8bmnb2vt20gqq2a52vkd01cd0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC1PsgVYASZMPXFtPl7gOmtYSIDJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2NjM3NTM0Njc5OTk1OTTIAQmpAgDnZx5_v7E-4AIAqAMBqgSAAk_Q7KJpvZhMgEubt9hAermc6GrbdHIM1pm8a1K-2TI0EQLg4DH6JMTjB1_XbCsEy65MkF9VLvZ-AepGxjtuiYjUut4GZTZsO2niciZJNqJbhYdbu8Br24a-6Z1LsumTq-cJSUkaF6PlsQRrVYfkm2sF6xytxlo8fuWswthrnVVr6zTJdHiaAuJzuw-VsPrFZ4fuYMqkwOAB-DmmB37--yVDV4YxLMQeJWUXmx_nyxZ40BE4uF3qveoCCxUZr92k7j0yGd2pD9vpXykMxHUGlM8JTylQGqSJRAxw9QU0kFZz7LtAs6eIB77MbHE4ZXbta0pmWUYcSzpCcNsgI8RcrLzgBAGABpqW_rH7lvf1yAGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2-SAun4UsMWBuXvTgeIAvi4nR7uw%26client%3Dca-pub-4663753467999594%26adurl%3D
Requested by
Host: istoe.com.br
URL: https://istoe.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1d86773fa9226aecf40acf8b28020c27460f6f425b2d09a03371e31438fec0a5
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
7a8999b7a96a9213-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Thu, 16 Mar 2023 02:35:01 GMT
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230314/r20110914/client/ Frame 5001 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230314/r20110914/client/window_focus_fy2021.js
Requested by
Host: istoe.com.br
URL: https://istoe.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 15 Mar 2023 22:31:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
14631
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 29 Mar 2023 22:31:10 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame C74E 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: istoe.com.br
URL: https://istoe.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
51100
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 15 Mar 2023 12:23:21 GMT
etag
48472445140208031
expires
Thu, 16 Mar 2023 12:23:21 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230314/r20110914/client/ Frame 5001 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230314/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: istoe.com.br
URL: https://istoe.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a9161954861bb1fd7d5044d99f9ce04137b3836979ce8c5c75d224642f57c3f9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 15 Mar 2023 18:10:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
30269
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8559
x-xss-protection
0
server
cafe
etag
11326455550778179109
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 29 Mar 2023 18:10:32 GMT
l
www.google.com/ads/measurement/ Frame 5001 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSu0xk5dg2duQXcbCE_2oX6Wrx-Ec21v58mDhm61FNVIpVtx4ZEX1MzLseoBhZb5FMMA9gshCZ1VlhwUmps_60jEyCbMQ
Requested by
Host: istoe.com.br
URL: https://istoe.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 5001 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: istoe.com.br
URL: https://istoe.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 09 Mar 2023 10:51:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
575012
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 08 Mar 2024 10:51:29 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 5001 		158 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: istoe.com.br
URL: https://istoe.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3456dcd3eb25196e68e2822cca66a20c2f123bedf5986f159be674e4c40a05cb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:35:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49519
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1678880156327103"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 16 Mar 2023 02:35:01 GMT
adunitMapping
webservices.webspectator.com/ Frame 3ED2 		727 B
767 B 		Script
General
Check archive.org
Download Go to
Full URL
https://webservices.webspectator.com/adunitMapping?appId=2739&eaup=/22452847/Istoe_Home&eolid=null&eci=null&ct=%7B%7D&w=970&h=250&wsRotSlot=&isda=1
Requested by
Host: wfpscripts.webspectator.com
URL: https://wfpscripts.webspectator.com/ws-4.4.62.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.192.67.210 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-192-67-210.compute-1.amazonaws.com
Software
WildFly/10 / Undertow/1
Resource Hash
73e0c7f304816b1d77d0fbd325454d51414e2fbb612da76cd4fc307ecbdec85d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://istoe.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 16 Mar 2023 02:35:01 GMT
Content-Encoding
gzip
Server
WildFly/10
X-Powered-By
Undertow/1
Transfer-Encoding
chunked
Content-Type
text/javascript;charset=UTF-8
X-NoCache
true
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Jan 1970 00:00:00 GMT
default.css
as.ad4m.at/ad/style/0.1.35/one-ad/ Frame 3020 		94 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.35/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1g294dxd48kkn0mscv844628xc0bsmfgwp61vwzpj3dn90essn44h41jyxzgfx788zpvx4e0zdt7hxq2j5n5z6t4fafgv2jb5bcx8wdd4g03xhfct2j884s1n1af6qr5t3wkm722y3d6rtxb52gpytc3v0zyeejqmetcw0d62d9nhkjbs7ew11zh7yt0zb4p2fk0d8v9b0ky2nge1npw4kay8dyjekb80ensaxt03ka9nydwr62psy7x8vxn7s5v20n28v6vvqhs013rrmg7gptne7hxq078gm4yzhnhad5hg0wbzqznjeezbcbned3kbtxqv43yqnbngm0skmm51zk7ms0ntck9y9b6aqzk4a2wvte3zrt9yy7x177599ptpm4nnna4c88efmwyqpv8qd5s6dbng2m6yt9gfkfwwv5gvwq8bmnb2vt20gqq2a52vkd01cd0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC1PsgVYASZMPXFtPl7gOmtYSIDJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2NjM3NTM0Njc5OTk1OTTIAQmpAgDnZx5_v7E-4AIAqAMBqgSAAk_Q7KJpvZhMgEubt9hAermc6GrbdHIM1pm8a1K-2TI0EQLg4DH6JMTjB1_XbCsEy65MkF9VLvZ-AepGxjtuiYjUut4GZTZsO2niciZJNqJbhYdbu8Br24a-6Z1LsumTq-cJSUkaF6PlsQRrVYfkm2sF6xytxlo8fuWswthrnVVr6zTJdHiaAuJzuw-VsPrFZ4fuYMqkwOAB-DmmB37--yVDV4YxLMQeJWUXmx_nyxZ40BE4uF3qveoCCxUZr92k7j0yGd2pD9vpXykMxHUGlM8JTylQGqSJRAxw9QU0kFZz7LtAs6eIB77MbHE4ZXbta0pmWUYcSzpCcNsgI8RcrLzgBAGABpqW_rH7lvf1yAGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2-SAun4UsMWBuXvTgeIAvi4nR7uw%26client%3Dca-pub-4663753467999594%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
926a4ca073c39c40cabffbf1b0371803f245f084cdb9177fc7b3f9d81c0e394d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1g294dxd48kkn0mscv844628xc0bsmfgwp61vwzpj3dn90essn44h41jyxzgfx788zpvx4e0zdt7hxq2j5n5z6t4fafgv2jb5bcx8wdd4g03xhfct2j884s1n1af6qr5t3wkm722y3d6rtxb52gpytc3v0zyeejqmetcw0d62d9nhkjbs7ew11zh7yt0zb4p2fk0d8v9b0ky2nge1npw4kay8dyjekb80ensaxt03ka9nydwr62psy7x8vxn7s5v20n28v6vvqhs013rrmg7gptne7hxq078gm4yzhnhad5hg0wbzqznjeezbcbned3kbtxqv43yqnbngm0skmm51zk7ms0ntck9y9b6aqzk4a2wvte3zrt9yy7x177599ptpm4nnna4c88efmwyqpv8qd5s6dbng2m6yt9gfkfwwv5gvwq8bmnb2vt20gqq2a52vkd01cd0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC1PsgVYASZMPXFtPl7gOmtYSIDJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2NjM3NTM0Njc5OTk1OTTIAQmpAgDnZx5_v7E-4AIAqAMBqgSAAk_Q7KJpvZhMgEubt9hAermc6GrbdHIM1pm8a1K-2TI0EQLg4DH6JMTjB1_XbCsEy65MkF9VLvZ-AepGxjtuiYjUut4GZTZsO2niciZJNqJbhYdbu8Br24a-6Z1LsumTq-cJSUkaF6PlsQRrVYfkm2sF6xytxlo8fuWswthrnVVr6zTJdHiaAuJzuw-VsPrFZ4fuYMqkwOAB-DmmB37--yVDV4YxLMQeJWUXmx_nyxZ40BE4uF3qveoCCxUZr92k7j0yGd2pD9vpXykMxHUGlM8JTylQGqSJRAxw9QU0kFZz7LtAs6eIB77MbHE4ZXbta0pmWUYcSzpCcNsgI8RcrLzgBAGABpqW_rH7lvf1yAGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2-SAun4UsMWBuXvTgeIAvi4nR7uw%26client%3Dca-pub-4663753467999594%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:35:01 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime
1677666448
age
57689
cf-polished
origSize=96968
x-guploader-uploadid
ADPycduxnnyMRJTFaD4Dg7Hd8aRn6xTYu1PRy7TXWWh0GjCBxwAMZMkehaNAf-UCycuwqnGLPQWuj1EZCp5aL6ZRZOMYGSoR-sy7
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 01 Mar 2023 10:28:06 GMT
server
cloudflare
etag
W/"6110dc3a24c902508647a582294bcc25"
vary
Accept-Encoding
x-goog-generation
1677666486645030
content-type
text/css
x-goog-hash
crc32c=6qzuyQ==, md5=YRDcOiTJAlCGR6WCKUvMJQ==
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MSJLQ3m6oX4tw%2FPTzTay802FuO%2Ff69T72iIss1f8fzm7hb1U8q0U2FDDP2VaSpQiWxh9zpFQKSZdv89A4EXsiTu%2FrnQlXtCnLAkaxb34%2FkpKiHxWIoqfg%2BYwklu%2FDIfgyksSfcWQ3Fg%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
96968
cf-ray
7a8999b7f9879213-FRA
expires
Thu, 16 Mar 2023 03:35:01 GMT
r62eglto.js
ad4m.at/ Frame 3020 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/r62eglto.js
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1g294dxd48kkn0mscv844628xc0bsmfgwp61vwzpj3dn90essn44h41jyxzgfx788zpvx4e0zdt7hxq2j5n5z6t4fafgv2jb5bcx8wdd4g03xhfct2j884s1n1af6qr5t3wkm722y3d6rtxb52gpytc3v0zyeejqmetcw0d62d9nhkjbs7ew11zh7yt0zb4p2fk0d8v9b0ky2nge1npw4kay8dyjekb80ensaxt03ka9nydwr62psy7x8vxn7s5v20n28v6vvqhs013rrmg7gptne7hxq078gm4yzhnhad5hg0wbzqznjeezbcbned3kbtxqv43yqnbngm0skmm51zk7ms0ntck9y9b6aqzk4a2wvte3zrt9yy7x177599ptpm4nnna4c88efmwyqpv8qd5s6dbng2m6yt9gfkfwwv5gvwq8bmnb2vt20gqq2a52vkd01cd0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC1PsgVYASZMPXFtPl7gOmtYSIDJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2NjM3NTM0Njc5OTk1OTTIAQmpAgDnZx5_v7E-4AIAqAMBqgSAAk_Q7KJpvZhMgEubt9hAermc6GrbdHIM1pm8a1K-2TI0EQLg4DH6JMTjB1_XbCsEy65MkF9VLvZ-AepGxjtuiYjUut4GZTZsO2niciZJNqJbhYdbu8Br24a-6Z1LsumTq-cJSUkaF6PlsQRrVYfkm2sF6xytxlo8fuWswthrnVVr6zTJdHiaAuJzuw-VsPrFZ4fuYMqkwOAB-DmmB37--yVDV4YxLMQeJWUXmx_nyxZ40BE4uF3qveoCCxUZr92k7j0yGd2pD9vpXykMxHUGlM8JTylQGqSJRAxw9QU0kFZz7LtAs6eIB77MbHE4ZXbta0pmWUYcSzpCcNsgI8RcrLzgBAGABpqW_rH7lvf1yAGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2-SAun4UsMWBuXvTgeIAvi4nR7uw%26client%3Dca-pub-4663753467999594%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2d5e67a38c9a11424cac19ce192c9fd124a6d74e64d3791a01561dbd3e39c0b4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:35:01 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 14 Mar 2023 13:45:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
132564
etag
W/"fcb2a26b07bd76d9a925cae661d6d94d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TZj0z1kE8byN7XlAAXehxBieKji%2Fg%2BUl9eBIGNLnHg6IMqhD%2B3RgUwqBCX746FVGegJXkQdrbGS4sOgdOQ%2FCDgG%2BqE8SlTnTEOpNobwU2MAMyzMCm9Im%2FrFgLa%2FO2AnCvScxfX4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray
7a8999b7f9889213-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 14 Mar 2023 13:45:37 GMT
rar
as.ad4m.at/ad/ Frame 6DA3 		11 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/rar?a=23576%2C188429%2C197862&b=1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQ%2CmD8hefGfWJ6jsmHZHZtztJGjTKSwTeezuGgw2%2C3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3&f=w7DHdfjf8V8cEHRH2tEC447HzSATmm3aKJ23%2C791CqfzfjD9JarHXHgtECVdXS4S1TQQ2f2kBW%2CWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W&c=970&d=90&e=&g=7c690a3cdd766b61e9925b3172d84479%2F13427897391999105021&i=20774%2C21596%2C71725&j=14%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1678934101730&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kz9c904epy01zzg2d0zamjzmdn9qxncctnp9mbqkva43fc7dx3nwm2x4r9qk8ben4v2pky3s6vxb80h2a4qhk17080472w5y4y13scp7y82jf9bx0aq4mn42eh3df93e63jw88syhvzgzwjtfr51sd6n5wryn4y22w501vghf6t7f7sej7a9ca8d7fcmch8c46eq192a028e0a8vrw0d46e7291dgqb0f9td21n5q12hswpmeh4cekfdg02xbm5svv1sre5gd2hb7tjyvpwe7w1%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC_Cj5VIASZPm9OIrQgAeQqK2oA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2NjM3NTM0Njc5OTk1OTTIAQmpAgDnZx5_v7E-4AIAqAMBqgSAAk_QAd2LJOOOnqgkFMSbiMaukxvt8ZPXCDXdilCKZ9AAFAfxolbWpuWJrB8Ic67iSMW8ztUC_TebhLRp6SVIMr92MusQfdQ8q8YG8BPKw595FA08thWJLoYK1A0zVKJFlgKxuFgZ3R61gYXlb3J7h_hmKst4-vPuW42PuiRMFr0hRrHx1ZDIa6MUNjWTQWwp-yAPu51ab46Ezd93h1VcbuTZYgIGnmbxOiCvcTY9JysZZ34obeXJvpeh1oOctauNsu5H9MO9vgX2HCq5e4SH8Xym342nzlJ7-2StG9rHNmELdVv-WshtJRs6i473kfNHE_aAYQcwyz3K4jTGltKYxFXgBAGABoGV2N-QofbviAGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1-0bIM517TruYWEzUEr2gX30cMFg%2526client%253Dca-pub-4663753467999594%2526adurl%253D&y=1&s=&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea53bf8be4bfe99219a2233ca10a947ca0fd13fa9f05680beaf5358b23c2baa1
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://as.ad4m.at/ad/dr?ed=1kxqbwg7fy21nh3cxc9a5nmavj3rejmtb9r3gwpvxgdwq3pxdkgc7n2vdjqxsf07bnjph0h8cr1davdsks0kmne40akf5w95s867bhznzcm2ezr8myx1yxf9sw3kk3xdr5yj6arrv4bdr9ax4spsfgk61bx07s0gcy6j58beq94x5ebvbz9xcb70sgxjac2dfz9a9dw5w4gevfvhf5qjv1ntkatdvv6ttr2j5j6jb8hzvh1s1q68n9gxqdjr94rcpp9jjb4q640vqbexqq57n62y70q60ves1pesavrs28qpqxr0pv8tw0treqegttbq1ycfbjh9heymhttjk2hbnrgr6cvbd1mwq6kcv1m1yar5w0ka7r2t1t5nc62t6n7a0trs0bskkv092nydr5gwgn37jy4djyer6xbwh3z01y1b5hd09gvmvtze3ydk8hepc4p7pj1e&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_Cj5VIASZPm9OIrQgAeQqK2oA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2NjM3NTM0Njc5OTk1OTTIAQmpAgDnZx5_v7E-4AIAqAMBqgSAAk_QAd2LJOOOnqgkFMSbiMaukxvt8ZPXCDXdilCKZ9AAFAfxolbWpuWJrB8Ic67iSMW8ztUC_TebhLRp6SVIMr92MusQfdQ8q8YG8BPKw595FA08thWJLoYK1A0zVKJFlgKxuFgZ3R61gYXlb3J7h_hmKst4-vPuW42PuiRMFr0hRrHx1ZDIa6MUNjWTQWwp-yAPu51ab46Ezd93h1VcbuTZYgIGnmbxOiCvcTY9JysZZ34obeXJvpeh1oOctauNsu5H9MO9vgX2HCq5e4SH8Xym342nzlJ7-2StG9rHNmELdVv-WshtJRs6i473kfNHE_aAYQcwyz3K4jTGltKYxFXgBAGABoGV2N-QofbviAGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1-0bIM517TruYWEzUEr2gX30cMFg%26client%3Dca-pub-4663753467999594%26adurl%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
7a8999b809969213-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Thu, 16 Mar 2023 02:35:01 GMT
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
truncated
/ Frame 5001 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a317dc9c672dc6acbccd304c472be4ddb4a9801ff79832787a90aef5c3e9bfa4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type
image/png
pixel
cm.g.doubleclick.net/ Frame C74E
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESELLcGxWX1Aws0PVE7oFhgzk&google_cver=1&google_push=Aa02lx_pgkc2jSGr8cDC-hfS-F3Pf4L5a_8Ss9abjldK61HEsxyfbiZHtqPuWRpcVz0pWV3jU2RZX8kr8ZPvhSd7...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aa02lx_pgkc2jSGr8cDC-hfS-F3Pf4L5a_8Ss9abjldK61HEsxyfbiZHtqPuWRpcVz0pWV3jU2RZX8kr8ZPvhSd7PW65bMf6FjdbXEfl
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aa02lx_pgkc2jSGr8cDC-hfS-F3Pf4L5a_8Ss9abjldK61HEsxyfbiZHtqPuWRpcVz0pWV3jU2RZX8kr8ZPvhSd7PW65bMf6FjdbXEfl
Requested by
Host: 3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com
URL: https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Mar 2023 02:35:01 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Thu, 16 Mar 2023 02:35:01 GMT
Server
MT3 569 46451a0 master zrh-pixel-x31 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aa02lx_pgkc2jSGr8cDC-hfS-F3Pf4L5a_8Ss9abjldK61HEsxyfbiZHtqPuWRpcVz0pWV3jU2RZX8kr8ZPvhSd7PW65bMf6FjdbXEfl
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 16 Mar 2023 02:35:00 GMT
pixel
cm.g.doubleclick.net/ Frame C74E
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEFeFd52qQ6TJAQGHzt8tpyI&google_cver=1&google_push=Aa02lx9FryXbHlqlmLG3CZ229862yiV_Xu7reMY8EDTOGQWwiDpDxW4d5sPD13AIcWgVxJAaqEcUQerkwb-FllpZYdnmQ8Z9scSEOSE
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=D8ACA06350D24CF5A364B7DEDB2460F0&google_push=Aa02lx9FryXbHlqlmLG3CZ229862yiV_Xu7reMY8EDTOGQWwiDpDxW4d5sPD13AIcWgVxJAaqEcUQerkwb-Fllp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=D8ACA06350D24CF5A364B7DEDB2460F0&google_push=Aa02lx9FryXbHlqlmLG3CZ229862yiV_Xu7reMY8EDTOGQWwiDpDxW4d5sPD13AIcWgVxJAaqEcUQerkwb-FllpZYdnmQ8Z9scSEOSE
Requested by
Host: 3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com
URL: https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Mar 2023 02:35:01 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 16 Mar 2023 02:35:01 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=D8ACA06350D24CF5A364B7DEDB2460F0&google_push=Aa02lx9FryXbHlqlmLG3CZ229862yiV_Xu7reMY8EDTOGQWwiDpDxW4d5sPD13AIcWgVxJAaqEcUQerkwb-FllpZYdnmQ8Z9scSEOSE
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Wed, 15 Mar 2023 02:35:01 GMT
pixel
cm.g.doubleclick.net/ Frame C74E
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEEXa-W5y2DSmp4ntb0UrPVU&google_cver=1&google_push=Aa02lx_SH8MXFFC7Cb5wWy7sdQGHg_ONuBuK-XOyNuKpK3OAcbQmHGsydKnHZYKe0Vgk8oPZjf4iu5umVUb_Q1dLj6hxBp0...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx_SH8MXFFC7Cb5wWy7sdQGHg_ONuBuK-XOyNuKpK3OAcbQmHGsydKnHZYKe0Vgk8oPZjf4iu5umVUb_Q1dLj6hxBp0Plk9RhgCy&google_hm=eS0wQ2k4WUhCRTJwR1...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx_SH8MXFFC7Cb5wWy7sdQGHg_ONuBuK-XOyNuKpK3OAcbQmHGsydKnHZYKe0Vgk8oPZjf4iu5umVUb_Q1dLj6hxBp0Plk9RhgCy&google_hm=eS0wQ2k4WUhCRTJwR19Xc29WbnBHT2NyQVBMbmpsV3ZYNn5B
Protocol
H3
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Mar 2023 02:35:01 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 16 Mar 2023 02:35:01 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx_SH8MXFFC7Cb5wWy7sdQGHg_ONuBuK-XOyNuKpK3OAcbQmHGsydKnHZYKe0Vgk8oPZjf4iu5umVUb_Q1dLj6hxBp0Plk9RhgCy&google_hm=eS0wQ2k4WUhCRTJwR19Xc29WbnBHT2NyQVBMbmpsV3ZYNn5B
content-length
0
pixel
cm.g.doubleclick.net/ Frame C74E
Redirect Chain
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEJTsi9a5ye38OA4Nrfnaz7M&google_cver=1&google_push=Aa02lx_55hFDzJgfjnr0iDuDCe8XVq3ybdc7MaWTmmRjLV-n0C_IhcBHjFzYQWPAfXXlp-RlLu8a-QnVJoAh3WGEPmMiPhk...
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESEJTsi9a5ye38OA4Nrfnaz7M&google_cver=1&google_push=Aa02lx_55hFDzJgfjnr0iDuDCe8XVq3ybdc7MaWTmmRjLV-n0C_IhcBHjFzYQWPAfXXlp-RlLu8a-QnVJoAh3WGEPmMiP...
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=Aa02lx_55hFDzJgfjnr0iDuDCe8XVq3ybdc7MaWTmmRjLV-n0C_IhcBHjFzYQWPAfXXlp-RlLu8a-QnVJoAh3WGEPmMiPhkx-rKhTzzT
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=Aa02lx_55hFDzJgfjnr0iDuDCe8XVq3ybdc7MaWTmmRjLV-n0C_IhcBHjFzYQWPAfXXlp-RlLu8a-QnVJoAh3WGEPmMiPhkx-rKhTzzT
Protocol
H3
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Mar 2023 02:35:01 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=Aa02lx_55hFDzJgfjnr0iDuDCe8XVq3ybdc7MaWTmmRjLV-n0C_IhcBHjFzYQWPAfXXlp-RlLu8a-QnVJoAh3WGEPmMiPhkx-rKhTzzT
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
pixel
cm.g.doubleclick.net/ Frame C74E
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEM0HrTqQGs8ZwrzMwLBdnEA&google_cver=1&google_push=Aa02lx_5VXuj3Lpo-zvLTrJHnWWrsh86Vn07gow1h1lDMP-ptgUTk7Hn1LMYFNt7JYE48Ss2jmGKuUks...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTI5NzMyMzM5Njg2NjMyNzE&google_push=Aa02lx_5VXuj3Lpo-zvLTrJHnWWrsh86Vn07gow1h1lDMP-ptgUTk7Hn1LMYFNt7JYE48Ss2jmGKuUks0...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTI5NzMyMzM5Njg2NjMyNzE&google_push=Aa02lx_5VXuj3Lpo-zvLTrJHnWWrsh86Vn07gow1h1lDMP-ptgUTk7Hn1LMYFNt7JYE48Ss2jmGKuUks0TeZYSAt8OctcBjn_ANDAIDo
Requested by
Host: 3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com
URL: https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Mar 2023 02:35:01 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 16 Mar 2023 02:35:01 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTI5NzMyMzM5Njg2NjMyNzE&google_push=Aa02lx_5VXuj3Lpo-zvLTrJHnWWrsh86Vn07gow1h1lDMP-ptgUTk7Hn1LMYFNt7JYE48Ss2jmGKuUks0TeZYSAt8OctcBjn_ANDAIDo
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame C74E
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEBErs8-v0gnZ5i-aoQTj0zc&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEBErs8-v0gnZ5i-aoQTj0zc&google_hm=ZBKAVfho4sdd9xtVFr86WwAAFJkAAAIB&google_nid=index&google_push=Aa02lx8uKPeA0j7CrUZhHoZAT-KTX7DulD4cq...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEBErs8-v0gnZ5i-aoQTj0zc&google_hm=ZBKAVfho4sdd9xtVFr86WwAAFJkAAAIB&google_nid=index&google_push=Aa02lx8uKPeA0j7CrUZhHoZAT-KTX7DulD4cqp0dTiCeRrW2UiSi2dk609wpUBbMGeaJpA3W-KO63UZo7-mJ6xOeSo6kqohjawUeqbde
Requested by
Host: 3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com
URL: https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Mar 2023 02:35:01 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 16 Mar 2023 02:35:01 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEBErs8-v0gnZ5i-aoQTj0zc&google_hm=ZBKAVfho4sdd9xtVFr86WwAAFJkAAAIB&google_nid=index&google_push=Aa02lx8uKPeA0j7CrUZhHoZAT-KTX7DulD4cqp0dTiCeRrW2UiSi2dk609wpUBbMGeaJpA3W-KO63UZo7-mJ6xOeSo6kqohjawUeqbde
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
0
Expires
0
pixel
cm.g.doubleclick.net/ Frame C74E
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEC...
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=Aa02lx8coVnHHlDO4WrpR71drFfBfJNyHxCWK6-rE2BmnIb-cc3iaG5cw8AEhZYYabsYcDBDPqp8Soxm_W_23TQKM6V7S21S3MaZs9En&redir=https%3A%2F%2Fcm.g.d...
  • https://sync.targeting.unrulymedia.com/csync/RX-3b994b2c-63b0-47b3-9d51-5bae167327eb-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAa02lx8coVnHHlDO4WrpR71dr...
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=Aa02lx8coVnHHlDO4WrpR71drFfBfJNyHxCWK6-rE2BmnIb-cc3iaG5cw8AEhZYYabsYcDBDPqp8Soxm_W_23TQKM6V7S21S3MaZs9En&google_hm=AzuZSyxjsEeznVFbrhZzJ-s
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=Aa02lx8coVnHHlDO4WrpR71drFfBfJNyHxCWK6-rE2BmnIb-cc3iaG5cw8AEhZYYabsYcDBDPqp8Soxm_W_23TQKM6V7S21S3MaZs9En&google_hm=AzuZSyxjsEeznVFbrhZzJ-s
Protocol
H3
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Mar 2023 02:35:01 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=Aa02lx8coVnHHlDO4WrpR71drFfBfJNyHxCWK6-rE2BmnIb-cc3iaG5cw8AEhZYYabsYcDBDPqp8Soxm_W_23TQKM6V7S21S3MaZs9En&google_hm=AzuZSyxjsEeznVFbrhZzJ-s
date
Thu, 16 Mar 2023 02:35:01 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX3b994b2c63b047b39d515bae167327eb003
content-type
text/html
attr
cm.g.doubleclick.net/pixel/ Frame C74E 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13L3OYFFJVhVEIvTPpuFcSiM4--HgJbbsF14q-rWXzlXpZLWqiiqH4VIeXrQZeE6lhfHBTJG
Requested by
Host: 3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com
URL: https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:35:01 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
default.css
as.ad4m.at/ad/style/0.1.35/one-ad/ Frame 6DA3 		94 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.35/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C188429%2C197862&b=1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQ%2CmD8hefGfWJ6jsmHZHZtztJGjTKSwTeezuGgw2%2C3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3&f=w7DHdfjf8V8cEHRH2tEC447HzSATmm3aKJ23%2C791CqfzfjD9JarHXHgtECVdXS4S1TQQ2f2kBW%2CWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W&c=970&d=90&e=&g=7c690a3cdd766b61e9925b3172d84479%2F13427897391999105021&i=20774%2C21596%2C71725&j=14%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1678934101730&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kz9c904epy01zzg2d0zamjzmdn9qxncctnp9mbqkva43fc7dx3nwm2x4r9qk8ben4v2pky3s6vxb80h2a4qhk17080472w5y4y13scp7y82jf9bx0aq4mn42eh3df93e63jw88syhvzgzwjtfr51sd6n5wryn4y22w501vghf6t7f7sej7a9ca8d7fcmch8c46eq192a028e0a8vrw0d46e7291dgqb0f9td21n5q12hswpmeh4cekfdg02xbm5svv1sre5gd2hb7tjyvpwe7w1%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC_Cj5VIASZPm9OIrQgAeQqK2oA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2NjM3NTM0Njc5OTk1OTTIAQmpAgDnZx5_v7E-4AIAqAMBqgSAAk_QAd2LJOOOnqgkFMSbiMaukxvt8ZPXCDXdilCKZ9AAFAfxolbWpuWJrB8Ic67iSMW8ztUC_TebhLRp6SVIMr92MusQfdQ8q8YG8BPKw595FA08thWJLoYK1A0zVKJFlgKxuFgZ3R61gYXlb3J7h_hmKst4-vPuW42PuiRMFr0hRrHx1ZDIa6MUNjWTQWwp-yAPu51ab46Ezd93h1VcbuTZYgIGnmbxOiCvcTY9JysZZ34obeXJvpeh1oOctauNsu5H9MO9vgX2HCq5e4SH8Xym342nzlJ7-2StG9rHNmELdVv-WshtJRs6i473kfNHE_aAYQcwyz3K4jTGltKYxFXgBAGABoGV2N-QofbviAGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1-0bIM517TruYWEzUEr2gX30cMFg%2526client%253Dca-pub-4663753467999594%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
926a4ca073c39c40cabffbf1b0371803f245f084cdb9177fc7b3f9d81c0e394d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/rar?a=23576%2C188429%2C197862&b=1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQ%2CmD8hefGfWJ6jsmHZHZtztJGjTKSwTeezuGgw2%2C3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3&f=w7DHdfjf8V8cEHRH2tEC447HzSATmm3aKJ23%2C791CqfzfjD9JarHXHgtECVdXS4S1TQQ2f2kBW%2CWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W&c=970&d=90&e=&g=7c690a3cdd766b61e9925b3172d84479%2F13427897391999105021&i=20774%2C21596%2C71725&j=14%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1678934101730&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kz9c904epy01zzg2d0zamjzmdn9qxncctnp9mbqkva43fc7dx3nwm2x4r9qk8ben4v2pky3s6vxb80h2a4qhk17080472w5y4y13scp7y82jf9bx0aq4mn42eh3df93e63jw88syhvzgzwjtfr51sd6n5wryn4y22w501vghf6t7f7sej7a9ca8d7fcmch8c46eq192a028e0a8vrw0d46e7291dgqb0f9td21n5q12hswpmeh4cekfdg02xbm5svv1sre5gd2hb7tjyvpwe7w1%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC_Cj5VIASZPm9OIrQgAeQqK2oA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2NjM3NTM0Njc5OTk1OTTIAQmpAgDnZx5_v7E-4AIAqAMBqgSAAk_QAd2LJOOOnqgkFMSbiMaukxvt8ZPXCDXdilCKZ9AAFAfxolbWpuWJrB8Ic67iSMW8ztUC_TebhLRp6SVIMr92MusQfdQ8q8YG8BPKw595FA08thWJLoYK1A0zVKJFlgKxuFgZ3R61gYXlb3J7h_hmKst4-vPuW42PuiRMFr0hRrHx1ZDIa6MUNjWTQWwp-yAPu51ab46Ezd93h1VcbuTZYgIGnmbxOiCvcTY9JysZZ34obeXJvpeh1oOctauNsu5H9MO9vgX2HCq5e4SH8Xym342nzlJ7-2StG9rHNmELdVv-WshtJRs6i473kfNHE_aAYQcwyz3K4jTGltKYxFXgBAGABoGV2N-QofbviAGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1-0bIM517TruYWEzUEr2gX30cMFg%2526client%253Dca-pub-4663753467999594%2526adurl%253D&y=1&s=&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:35:01 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime
1677666448
age
57689
cf-polished
origSize=96968
x-guploader-uploadid
ADPycduxnnyMRJTFaD4Dg7Hd8aRn6xTYu1PRy7TXWWh0GjCBxwAMZMkehaNAf-UCycuwqnGLPQWuj1EZCp5aL6ZRZOMYGSoR-sy7
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 01 Mar 2023 10:28:06 GMT
server
cloudflare
etag
W/"6110dc3a24c902508647a582294bcc25"
vary
Accept-Encoding
x-goog-generation
1677666486645030
content-type
text/css
x-goog-hash
crc32c=6qzuyQ==, md5=YRDcOiTJAlCGR6WCKUvMJQ==
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l%2F%2FGJC63PBzwC79S7uRgqUfHM5cdGH5fCP4qk2R%2FJ3aVK%2BfZmmwc%2BJqSiEPGiYriTMCro1KCTLtuGBKQ6vn9KJ1vsYU4TQlElb0feHrMk3pwpsnevM%2BWywBIjgY38AO9QYH%2BPqGlUYs%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
96968
cf-ray
7a8999b859b29213-FRA
expires
Thu, 16 Mar 2023 03:35:01 GMT
D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
assets.ad4m.at/logo/ Frame 6DA3 		53 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C188429%2C197862&b=1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQ%2CmD8hefGfWJ6jsmHZHZtztJGjTKSwTeezuGgw2%2C3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3&f=w7DHdfjf8V8cEHRH2tEC447HzSATmm3aKJ23%2C791CqfzfjD9JarHXHgtECVdXS4S1TQQ2f2kBW%2CWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W&c=970&d=90&e=&g=7c690a3cdd766b61e9925b3172d84479%2F13427897391999105021&i=20774%2C21596%2C71725&j=14%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1678934101730&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kz9c904epy01zzg2d0zamjzmdn9qxncctnp9mbqkva43fc7dx3nwm2x4r9qk8ben4v2pky3s6vxb80h2a4qhk17080472w5y4y13scp7y82jf9bx0aq4mn42eh3df93e63jw88syhvzgzwjtfr51sd6n5wryn4y22w501vghf6t7f7sej7a9ca8d7fcmch8c46eq192a028e0a8vrw0d46e7291dgqb0f9td21n5q12hswpmeh4cekfdg02xbm5svv1sre5gd2hb7tjyvpwe7w1%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC_Cj5VIASZPm9OIrQgAeQqK2oA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2NjM3NTM0Njc5OTk1OTTIAQmpAgDnZx5_v7E-4AIAqAMBqgSAAk_QAd2LJOOOnqgkFMSbiMaukxvt8ZPXCDXdilCKZ9AAFAfxolbWpuWJrB8Ic67iSMW8ztUC_TebhLRp6SVIMr92MusQfdQ8q8YG8BPKw595FA08thWJLoYK1A0zVKJFlgKxuFgZ3R61gYXlb3J7h_hmKst4-vPuW42PuiRMFr0hRrHx1ZDIa6MUNjWTQWwp-yAPu51ab46Ezd93h1VcbuTZYgIGnmbxOiCvcTY9JysZZ34obeXJvpeh1oOctauNsu5H9MO9vgX2HCq5e4SH8Xym342nzlJ7-2StG9rHNmELdVv-WshtJRs6i473kfNHE_aAYQcwyz3K4jTGltKYxFXgBAGABoGV2N-QofbviAGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1-0bIM517TruYWEzUEr2gX30cMFg%2526client%253Dca-pub-4663753467999594%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7cdf71044448cb736733f5163fff96081d51ba4101567d61d22ee5998a7a399

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:35:01 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1579087
cf-polished
origFmt=png, origSize=115129
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
54564
cf-bgj
imgq:85,h2pri
last-modified
Tue, 09 Feb 2021 15:11:24 GMT
server
cloudflare
etag
"0a277d59efca0369a6983645e273659e"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FhxR3SOl3dycRF9XOpRNE4oW6dzZyyuQq0oDfRJT%2BD04ijiR%2BhTpuKR2W0mV3%2F7I4RQHIEJ93YUFsRw6OAySGw6S9tdU2mv7FczRVaONDdtCMwjFd%2BPO%2FmCwAwYL%2BYkeo5bfWdXTwwoMCmu0"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7a8999b859b39213-FRA
expires
Fri, 17 Mar 2023 02:35:01 GMT
F62A1DE9558535D0FF655677BD09A3CC277ACE3637CF682E0D52C0F5BBA2668E34C6194AEF65CBBC1F6ECA33D1332A3C8BE1215EA4AB0FD0FBE5F5B485AF1875
assets.ad4m.at/product_image/ Frame 6DA3 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/F62A1DE9558535D0FF655677BD09A3CC277ACE3637CF682E0D52C0F5BBA2668E34C6194AEF65CBBC1F6ECA33D1332A3C8BE1215EA4AB0FD0FBE5F5B485AF1875
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C188429%2C197862&b=1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQ%2CmD8hefGfWJ6jsmHZHZtztJGjTKSwTeezuGgw2%2C3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3&f=w7DHdfjf8V8cEHRH2tEC447HzSATmm3aKJ23%2C791CqfzfjD9JarHXHgtECVdXS4S1TQQ2f2kBW%2CWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W&c=970&d=90&e=&g=7c690a3cdd766b61e9925b3172d84479%2F13427897391999105021&i=20774%2C21596%2C71725&j=14%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1678934101730&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kz9c904epy01zzg2d0zamjzmdn9qxncctnp9mbqkva43fc7dx3nwm2x4r9qk8ben4v2pky3s6vxb80h2a4qhk17080472w5y4y13scp7y82jf9bx0aq4mn42eh3df93e63jw88syhvzgzwjtfr51sd6n5wryn4y22w501vghf6t7f7sej7a9ca8d7fcmch8c46eq192a028e0a8vrw0d46e7291dgqb0f9td21n5q12hswpmeh4cekfdg02xbm5svv1sre5gd2hb7tjyvpwe7w1%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC_Cj5VIASZPm9OIrQgAeQqK2oA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2NjM3NTM0Njc5OTk1OTTIAQmpAgDnZx5_v7E-4AIAqAMBqgSAAk_QAd2LJOOOnqgkFMSbiMaukxvt8ZPXCDXdilCKZ9AAFAfxolbWpuWJrB8Ic67iSMW8ztUC_TebhLRp6SVIMr92MusQfdQ8q8YG8BPKw595FA08thWJLoYK1A0zVKJFlgKxuFgZ3R61gYXlb3J7h_hmKst4-vPuW42PuiRMFr0hRrHx1ZDIa6MUNjWTQWwp-yAPu51ab46Ezd93h1VcbuTZYgIGnmbxOiCvcTY9JysZZ34obeXJvpeh1oOctauNsu5H9MO9vgX2HCq5e4SH8Xym342nzlJ7-2StG9rHNmELdVv-WshtJRs6i473kfNHE_aAYQcwyz3K4jTGltKYxFXgBAGABoGV2N-QofbviAGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1-0bIM517TruYWEzUEr2gX30cMFg%2526client%253Dca-pub-4663753467999594%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
39ae6b1a1ba72fc9d48b1848e9bc88f4b9da10688232ccca39d85b878db7af32

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:35:01 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2412217
cf-polished
qual=85, origFmt=jpeg, origSize=132437
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
23154
cf-bgj
imgq:85,h2pri
last-modified
Thu, 09 Dec 2021 17:51:23 GMT
server
cloudflare
etag
"c348b177953ac5720836c04e1a21673d"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2ErzBgPoHJ7Sa%2FlTmbLQAzVJURQjERemDYeJq3viI2kh6nlaKylr2bReQ6fh9c17Wj1CalvIyABJGqjMkKXbdq5mJgBlgZW64S58xmV2XXHA5ix1rJQPg7YwAMiu9ZBjG4iaDfaMB2Y9IFNM"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7a8999b869b99213-FRA
expires
Fri, 17 Mar 2023 02:35:01 GMT
/
partner.o2online.de/a/ Frame 6DA3
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_t...
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CIaH9_W03_0CFXaK_QcdIs4IvQ;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=...
  • https://www.telefonica-partner.de/tpv.php?t=120211V1226132702M&subid=viewoneid1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://www.lead-alliance.net/tpv.php?t=120211V1226132702M&subid=viewoneid1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=120211&s_id=2023031603350182889743775X120211V1226132702MSviewoneid1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQoneid__suite...
49 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=120211&s_id=2023031603350182889743775X120211V1226132702MSviewoneid1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&cons=0&spid=2023031603350182889743775X120211V1226132702MSviewoneid1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQoneid__suite_Netmix_Reach121_BESTPERFORMER&wfid=120211&partnerid=12218
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C188429%2C197862&b=1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQ%2CmD8hefGfWJ6jsmHZHZtztJGjTKSwTeezuGgw2%2C3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3&f=w7DHdfjf8V8cEHRH2tEC447HzSATmm3aKJ23%2C791CqfzfjD9JarHXHgtECVdXS4S1TQQ2f2kBW%2CWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W&c=970&d=90&e=&g=7c690a3cdd766b61e9925b3172d84479%2F13427897391999105021&i=20774%2C21596%2C71725&j=14%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1678934101730&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kz9c904epy01zzg2d0zamjzmdn9qxncctnp9mbqkva43fc7dx3nwm2x4r9qk8ben4v2pky3s6vxb80h2a4qhk17080472w5y4y13scp7y82jf9bx0aq4mn42eh3df93e63jw88syhvzgzwjtfr51sd6n5wryn4y22w501vghf6t7f7sej7a9ca8d7fcmch8c46eq192a028e0a8vrw0d46e7291dgqb0f9td21n5q12hswpmeh4cekfdg02xbm5svv1sre5gd2hb7tjyvpwe7w1%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC_Cj5VIASZPm9OIrQgAeQqK2oA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2NjM3NTM0Njc5OTk1OTTIAQmpAgDnZx5_v7E-4AIAqAMBqgSAAk_QAd2LJOOOnqgkFMSbiMaukxvt8ZPXCDXdilCKZ9AAFAfxolbWpuWJrB8Ic67iSMW8ztUC_TebhLRp6SVIMr92MusQfdQ8q8YG8BPKw595FA08thWJLoYK1A0zVKJFlgKxuFgZ3R61gYXlb3J7h_hmKst4-vPuW42PuiRMFr0hRrHx1ZDIa6MUNjWTQWwp-yAPu51ab46Ezd93h1VcbuTZYgIGnmbxOiCvcTY9JysZZ34obeXJvpeh1oOctauNsu5H9MO9vgX2HCq5e4SH8Xym342nzlJ7-2StG9rHNmELdVv-WshtJRs6i473kfNHE_aAYQcwyz3K4jTGltKYxFXgBAGABoGV2N-QofbviAGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1-0bIM517TruYWEzUEr2gX30cMFg%2526client%253Dca-pub-4663753467999594%2526adurl%253D&y=1&s=&z=0
Protocol
HTTP/1.1
Server
167.233.13.224 Hallbergmoos, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.224.13.233.167.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Thu, 16 Mar 2023 02:35:02 GMT
X-NODEIP
88.99.63.132
Server
nginx/1.18.0 (Ubuntu)
RM-PrivacyPolicy
https://www.nonstoppartner.net/
Content-Type
image/gif
P3P
policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection
keep-alive
Keep-Alive
timeout=10
Content-Length
49

Redirect headers

location
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=120211&s_id=2023031603350182889743775X120211V1226132702MSviewoneid1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&cons=0&spid=2023031603350182889743775X120211V1226132702MSviewoneid1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQoneid__suite_Netmix_Reach121_BESTPERFORMER&wfid=120211&partnerid=12218
date
Thu, 16 Mar 2023 02:35:01 GMT
x-content-type-options
nosniff
server
nginx
x-xss-protection
1; mode=block
content-type
text/html; charset=UTF-8
762E992A001272DDC355514B76DC4960DDF6238B0F54854C0B29BE64A7E78BA5693E54C1A602322E523834805FE15471ECC3FEB06D9A02796A930A4085F71F84
assets.ad4m.at/logo/ Frame 6DA3 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/762E992A001272DDC355514B76DC4960DDF6238B0F54854C0B29BE64A7E78BA5693E54C1A602322E523834805FE15471ECC3FEB06D9A02796A930A4085F71F84
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C188429%2C197862&b=1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQ%2CmD8hefGfWJ6jsmHZHZtztJGjTKSwTeezuGgw2%2C3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3&f=w7DHdfjf8V8cEHRH2tEC447HzSATmm3aKJ23%2C791CqfzfjD9JarHXHgtECVdXS4S1TQQ2f2kBW%2CWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W&c=970&d=90&e=&g=7c690a3cdd766b61e9925b3172d84479%2F13427897391999105021&i=20774%2C21596%2C71725&j=14%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1678934101730&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kz9c904epy01zzg2d0zamjzmdn9qxncctnp9mbqkva43fc7dx3nwm2x4r9qk8ben4v2pky3s6vxb80h2a4qhk17080472w5y4y13scp7y82jf9bx0aq4mn42eh3df93e63jw88syhvzgzwjtfr51sd6n5wryn4y22w501vghf6t7f7sej7a9ca8d7fcmch8c46eq192a028e0a8vrw0d46e7291dgqb0f9td21n5q12hswpmeh4cekfdg02xbm5svv1sre5gd2hb7tjyvpwe7w1%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC_Cj5VIASZPm9OIrQgAeQqK2oA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2NjM3NTM0Njc5OTk1OTTIAQmpAgDnZx5_v7E-4AIAqAMBqgSAAk_QAd2LJOOOnqgkFMSbiMaukxvt8ZPXCDXdilCKZ9AAFAfxolbWpuWJrB8Ic67iSMW8ztUC_TebhLRp6SVIMr92MusQfdQ8q8YG8BPKw595FA08thWJLoYK1A0zVKJFlgKxuFgZ3R61gYXlb3J7h_hmKst4-vPuW42PuiRMFr0hRrHx1ZDIa6MUNjWTQWwp-yAPu51ab46Ezd93h1VcbuTZYgIGnmbxOiCvcTY9JysZZ34obeXJvpeh1oOctauNsu5H9MO9vgX2HCq5e4SH8Xym342nzlJ7-2StG9rHNmELdVv-WshtJRs6i473kfNHE_aAYQcwyz3K4jTGltKYxFXgBAGABoGV2N-QofbviAGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1-0bIM517TruYWEzUEr2gX30cMFg%2526client%253Dca-pub-4663753467999594%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ffae8fb9199235cf70171d14a964159b4eda2da695a258c2586de98e3cb27bb2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:35:01 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2099212
cf-polished
origFmt=png, origSize=65187
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44710
cf-bgj
imgq:85,h2pri
last-modified
Tue, 17 Jan 2023 14:45:52 GMT
server
cloudflare
etag
"99941d3864a6d6ef01023c96e0475815"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9qIhsJq9b89wj3T2dpNk%2FXOULCr5UIkS4B%2B0G707sJdBINSwT0juWP4wv8P8zuSW2r3mMYEwTGalV2d33U4UXlf2VdMjgIk59dm3MM92Mr06vTNokoYKr6M7Vz%2FuuqcoOo6FNT8FkiWNbu%2Fx"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7a8999b869bb9213-FRA
expires
Fri, 17 Mar 2023 02:35:01 GMT
EC9093D4AF3799CF781B1E590A25D192F3BFBB8EF4C33117758FB5ADF524B34A287AF80FDD08D80A46541DEAE1FFA692B6F4CA688E7C199182253AEB01A2863C
assets.ad4m.at/product_image/ Frame 6DA3 		222 KB
222 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/EC9093D4AF3799CF781B1E590A25D192F3BFBB8EF4C33117758FB5ADF524B34A287AF80FDD08D80A46541DEAE1FFA692B6F4CA688E7C199182253AEB01A2863C
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C188429%2C197862&b=1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQ%2CmD8hefGfWJ6jsmHZHZtztJGjTKSwTeezuGgw2%2C3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3&f=w7DHdfjf8V8cEHRH2tEC447HzSATmm3aKJ23%2C791CqfzfjD9JarHXHgtECVdXS4S1TQQ2f2kBW%2CWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W&c=970&d=90&e=&g=7c690a3cdd766b61e9925b3172d84479%2F13427897391999105021&i=20774%2C21596%2C71725&j=14%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1678934101730&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kz9c904epy01zzg2d0zamjzmdn9qxncctnp9mbqkva43fc7dx3nwm2x4r9qk8ben4v2pky3s6vxb80h2a4qhk17080472w5y4y13scp7y82jf9bx0aq4mn42eh3df93e63jw88syhvzgzwjtfr51sd6n5wryn4y22w501vghf6t7f7sej7a9ca8d7fcmch8c46eq192a028e0a8vrw0d46e7291dgqb0f9td21n5q12hswpmeh4cekfdg02xbm5svv1sre5gd2hb7tjyvpwe7w1%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC_Cj5VIASZPm9OIrQgAeQqK2oA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2NjM3NTM0Njc5OTk1OTTIAQmpAgDnZx5_v7E-4AIAqAMBqgSAAk_QAd2LJOOOnqgkFMSbiMaukxvt8ZPXCDXdilCKZ9AAFAfxolbWpuWJrB8Ic67iSMW8ztUC_TebhLRp6SVIMr92MusQfdQ8q8YG8BPKw595FA08thWJLoYK1A0zVKJFlgKxuFgZ3R61gYXlb3J7h_hmKst4-vPuW42PuiRMFr0hRrHx1ZDIa6MUNjWTQWwp-yAPu51ab46Ezd93h1VcbuTZYgIGnmbxOiCvcTY9JysZZ34obeXJvpeh1oOctauNsu5H9MO9vgX2HCq5e4SH8Xym342nzlJ7-2StG9rHNmELdVv-WshtJRs6i473kfNHE_aAYQcwyz3K4jTGltKYxFXgBAGABoGV2N-QofbviAGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1-0bIM517TruYWEzUEr2gX30cMFg%2526client%253Dca-pub-4663753467999594%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9bfc7d34cd8bc7df36a984d6f3da50799752e33c48bbf07a4a1ee959b51476d0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:35:01 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
540584
cf-polished
origFmt=png, origSize=342797
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
226950
cf-bgj
imgq:85,h2pri
last-modified
Wed, 15 Jun 2022 14:01:11 GMT
server
cloudflare
etag
"82c7de0f42ff55fdd0acc07731664031"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WXARy48puKvuPQ6RznehMAyEa%2B1IMQG7O30ymNKT9wkFFM8%2BAflnrYNQFc9BLoa80Gurt4Q20VSdWMT1j7CMetbZyb8CHcR453YpKMYVUSoZvZ2cMo5wYvnT6%2F9e5x634lHJJ%2FQ%2BIayEb0o7"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7a8999b869bc9213-FRA
expires
Fri, 17 Mar 2023 02:35:01 GMT
ztpv.php
www.conrad.de/ Frame 6DA3
Redirect Chain
  • https://www.awin1.com/cshow.php?s=2470172&v=11354&q=377133&r=412871&pv=1&pref3=oneidmD8hefGfWJ6jsmHZHZtztJGjTKSwTeezuGgw2oneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://www.conrad.de/ztpv.php?awc=11354_412871_1678934101_26efd1d0-c3a3-11ed-9d45-2261c3620022&insert=AW&&gdpr=0&gdpr_consent=
0
112 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.conrad.de/ztpv.php?awc=11354_412871_1678934101_26efd1d0-c3a3-11ed-9d45-2261c3620022&insert=AW&&gdpr=0&gdpr_consent=
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C188429%2C197862&b=1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQ%2CmD8hefGfWJ6jsmHZHZtztJGjTKSwTeezuGgw2%2C3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3&f=w7DHdfjf8V8cEHRH2tEC447HzSATmm3aKJ23%2C791CqfzfjD9JarHXHgtECVdXS4S1TQQ2f2kBW%2CWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W&c=970&d=90&e=&g=7c690a3cdd766b61e9925b3172d84479%2F13427897391999105021&i=20774%2C21596%2C71725&j=14%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1678934101730&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kz9c904epy01zzg2d0zamjzmdn9qxncctnp9mbqkva43fc7dx3nwm2x4r9qk8ben4v2pky3s6vxb80h2a4qhk17080472w5y4y13scp7y82jf9bx0aq4mn42eh3df93e63jw88syhvzgzwjtfr51sd6n5wryn4y22w501vghf6t7f7sej7a9ca8d7fcmch8c46eq192a028e0a8vrw0d46e7291dgqb0f9td21n5q12hswpmeh4cekfdg02xbm5svv1sre5gd2hb7tjyvpwe7w1%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC_Cj5VIASZPm9OIrQgAeQqK2oA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2NjM3NTM0Njc5OTk1OTTIAQmpAgDnZx5_v7E-4AIAqAMBqgSAAk_QAd2LJOOOnqgkFMSbiMaukxvt8ZPXCDXdilCKZ9AAFAfxolbWpuWJrB8Ic67iSMW8ztUC_TebhLRp6SVIMr92MusQfdQ8q8YG8BPKw595FA08thWJLoYK1A0zVKJFlgKxuFgZ3R61gYXlb3J7h_hmKst4-vPuW42PuiRMFr0hRrHx1ZDIa6MUNjWTQWwp-yAPu51ab46Ezd93h1VcbuTZYgIGnmbxOiCvcTY9JysZZ34obeXJvpeh1oOctauNsu5H9MO9vgX2HCq5e4SH8Xym342nzlJ7-2StG9rHNmELdVv-WshtJRs6i473kfNHE_aAYQcwyz3K4jTGltKYxFXgBAGABoGV2N-QofbviAGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1-0bIM517TruYWEzUEr2gX30cMFg%2526client%253Dca-pub-4663753467999594%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Server
2606:4700::6812:7f05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:35:01 GMT
strict-transport-security
max-age=15552000
cf-ccp-worker
HTLPHandler-v1
server
cloudflare
vary
Accept-Encoding
cache-control
no-cache
cf-ray
7a8999b90f1cbbef-FRA
content-length
0
expires
-1

Redirect headers

Date
Thu, 16 Mar 2023 02:35:01 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location
https://www.conrad.de/ztpv.php?awc=11354_412871_1678934101_26efd1d0-c3a3-11ed-9d45-2261c3620022&insert=AW&&gdpr=0&gdpr_consent=
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
0
B6C55515525C2192B97E1253116BAA5C685DD07AF79BB6C9C4097CAEDCCAF04D1DC2B7B5FD417FB88EA0B39E23DED47A8BBF448407373E4FBED422FA6A33EF14
assets.ad4m.at/logo/ Frame 6DA3 		47 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/B6C55515525C2192B97E1253116BAA5C685DD07AF79BB6C9C4097CAEDCCAF04D1DC2B7B5FD417FB88EA0B39E23DED47A8BBF448407373E4FBED422FA6A33EF14
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C188429%2C197862&b=1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQ%2CmD8hefGfWJ6jsmHZHZtztJGjTKSwTeezuGgw2%2C3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3&f=w7DHdfjf8V8cEHRH2tEC447HzSATmm3aKJ23%2C791CqfzfjD9JarHXHgtECVdXS4S1TQQ2f2kBW%2CWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W&c=970&d=90&e=&g=7c690a3cdd766b61e9925b3172d84479%2F13427897391999105021&i=20774%2C21596%2C71725&j=14%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1678934101730&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kz9c904epy01zzg2d0zamjzmdn9qxncctnp9mbqkva43fc7dx3nwm2x4r9qk8ben4v2pky3s6vxb80h2a4qhk17080472w5y4y13scp7y82jf9bx0aq4mn42eh3df93e63jw88syhvzgzwjtfr51sd6n5wryn4y22w501vghf6t7f7sej7a9ca8d7fcmch8c46eq192a028e0a8vrw0d46e7291dgqb0f9td21n5q12hswpmeh4cekfdg02xbm5svv1sre5gd2hb7tjyvpwe7w1%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC_Cj5VIASZPm9OIrQgAeQqK2oA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2NjM3NTM0Njc5OTk1OTTIAQmpAgDnZx5_v7E-4AIAqAMBqgSAAk_QAd2LJOOOnqgkFMSbiMaukxvt8ZPXCDXdilCKZ9AAFAfxolbWpuWJrB8Ic67iSMW8ztUC_TebhLRp6SVIMr92MusQfdQ8q8YG8BPKw595FA08thWJLoYK1A0zVKJFlgKxuFgZ3R61gYXlb3J7h_hmKst4-vPuW42PuiRMFr0hRrHx1ZDIa6MUNjWTQWwp-yAPu51ab46Ezd93h1VcbuTZYgIGnmbxOiCvcTY9JysZZ34obeXJvpeh1oOctauNsu5H9MO9vgX2HCq5e4SH8Xym342nzlJ7-2StG9rHNmELdVv-WshtJRs6i473kfNHE_aAYQcwyz3K4jTGltKYxFXgBAGABoGV2N-QofbviAGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1-0bIM517TruYWEzUEr2gX30cMFg%2526client%253Dca-pub-4663753467999594%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d605bd2ec6ee95ecf8d2966ef89588ff8894e4d9c88ae95c82a59d71ab753d40

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:35:01 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
785388
cf-polished
origSize=53992, status=vary_header_present
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
48382
cf-bgj
imgq:85,h2pri
last-modified
Wed, 29 Jun 2022 14:47:26 GMT
server
cloudflare
etag
"e460905652d65e6a54a57da046f52d6c"
vary
X-Goog-Allowed-Resources, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vvvHk7dWwI74MwJK%2BL%2FPOr%2BzRSu1t3UcqKilolUUA%2F9zVMF0QEZEEiiHEdeOO5zwWWdjD4pBhs6LpNdAKuiK0CuPWQJjR%2B4UEyEkTqKLHWlSmFeeYBR1dJ6EYXE1cPSfG2mtHmy49dlNZeBm"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7a8999b869bd9213-FRA
expires
Fri, 17 Mar 2023 02:35:01 GMT
A36DAD0D440985CF6ABFA23492945CE5BC6D94350A66B19418CB771AFE823AD9B48ADE8E2F007546F0A50A710172EEFC2CAC1468E38852CE2028C22592AAFB75
assets.ad4m.at/product_image/ Frame 6DA3 		54 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/A36DAD0D440985CF6ABFA23492945CE5BC6D94350A66B19418CB771AFE823AD9B48ADE8E2F007546F0A50A710172EEFC2CAC1468E38852CE2028C22592AAFB75
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C188429%2C197862&b=1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQ%2CmD8hefGfWJ6jsmHZHZtztJGjTKSwTeezuGgw2%2C3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3&f=w7DHdfjf8V8cEHRH2tEC447HzSATmm3aKJ23%2C791CqfzfjD9JarHXHgtECVdXS4S1TQQ2f2kBW%2CWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W&c=970&d=90&e=&g=7c690a3cdd766b61e9925b3172d84479%2F13427897391999105021&i=20774%2C21596%2C71725&j=14%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1678934101730&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kz9c904epy01zzg2d0zamjzmdn9qxncctnp9mbqkva43fc7dx3nwm2x4r9qk8ben4v2pky3s6vxb80h2a4qhk17080472w5y4y13scp7y82jf9bx0aq4mn42eh3df93e63jw88syhvzgzwjtfr51sd6n5wryn4y22w501vghf6t7f7sej7a9ca8d7fcmch8c46eq192a028e0a8vrw0d46e7291dgqb0f9td21n5q12hswpmeh4cekfdg02xbm5svv1sre5gd2hb7tjyvpwe7w1%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC_Cj5VIASZPm9OIrQgAeQqK2oA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2NjM3NTM0Njc5OTk1OTTIAQmpAgDnZx5_v7E-4AIAqAMBqgSAAk_QAd2LJOOOnqgkFMSbiMaukxvt8ZPXCDXdilCKZ9AAFAfxolbWpuWJrB8Ic67iSMW8ztUC_TebhLRp6SVIMr92MusQfdQ8q8YG8BPKw595FA08thWJLoYK1A0zVKJFlgKxuFgZ3R61gYXlb3J7h_hmKst4-vPuW42PuiRMFr0hRrHx1ZDIa6MUNjWTQWwp-yAPu51ab46Ezd93h1VcbuTZYgIGnmbxOiCvcTY9JysZZ34obeXJvpeh1oOctauNsu5H9MO9vgX2HCq5e4SH8Xym342nzlJ7-2StG9rHNmELdVv-WshtJRs6i473kfNHE_aAYQcwyz3K4jTGltKYxFXgBAGABoGV2N-QofbviAGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1-0bIM517TruYWEzUEr2gX30cMFg%2526client%253Dca-pub-4663753467999594%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
861e4cd27539274eedfdd65212a140a4c7ccea88e004d23f5234e4db48bc73ae

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:35:01 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2411694
cf-polished
origFmt=png, origSize=105738
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
55786
cf-bgj
imgq:85,h2pri
last-modified
Mon, 04 Jul 2022 08:55:40 GMT
server
cloudflare
etag
"147be38db57f89c69c9e65b05983ff0e"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2%2BfhLLJM1xYmSUByexFTUMKyMYDuIfeVbum5BFKC1Vuc2%2FaWmk2We3A8oo495wOp0BNOlplypb4gurzEAvvO%2F39qrMb0ActTy%2F0Fzfjgucv6W62nmwc9Yu1FtErEh2cFPd0f4nLSI3F9ZnjX"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7a8999b869be9213-FRA
expires
Fri, 17 Mar 2023 02:35:01 GMT
adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 3020 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.35/one-ad/default.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:444e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:35:01 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2740
x-guploader-uploadid
ADPycds1SLdGXbfm0r3qDGy8sfwZXQfpj1kJA4sERetf1LIRiVzV7g41c7a-EwZMzWmu5dxBmhh2VgdQIymIU8Old3wWOUTyb-2i
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3262
last-modified
Tue, 21 Jun 2022 12:31:17 GMT
server
cloudflare
etag
"794c84d30e213ec6a144d64215f07551"
vary
Accept-Encoding
x-goog-generation
1655814677405990
content-type
image/png
content-language
en
x-goog-hash
crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
cache-control
public, max-age=7200
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ORoKn3LwSKqBL2Lejlk9cuDBmZXTPCvCCZ9PsSvfHNbhDi2cNLeJrVh%2FJPmtJqkVPT31mEPdYh85tm9MUw7XKwPEhVqP6VqV4W1Q%2BqPyLcGZa%2Bv65sEFm%2FZNJqH8WWUOo9uK1OPvfbQLpGhrOa1dSiSr"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
3262
accept-ranges
bytes
cf-ray
7a8999b86e152c4f-FRA
expires
Thu, 16 Mar 2023 02:18:59 GMT
frame.html
ad4m.at/ Frame 47EF 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
293466
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
public, max-age=3600
cf-cache-status
HIT
cf-ray
7a8999b879c59213-FRA
content-encoding
br
content-language
en
content-type
text/html; charset=utf-8
date
Thu, 16 Mar 2023 02:35:01 GMT
expires
Mon, 27 Feb 2023 21:37:06 GMT
last-modified
Thu, 25 Aug 2022 14:12:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Yhhyyi4asVvdv82Fyx0OV2fKhq68lbNb4y18RUSNLBDX7xVKIvLQSmGgdWydhp3ZPIdLa05LYBz0nNPr1rsCAMQBx246tRvuGJ2JR%2FiKoR5%2F5StF5LyUu8s%2BYlDYPS3vl%2FLNXYo%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
link.html
track.webgains.com/ Frame 6DA3 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=3641431&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1j4ca0zxhgtab8sh1xapdbmngwgd377pvmg98vr2r65j72y7zvq6gy9zz1zyhx82wqx7a12yawgdvmk9vfybky27kd1vzrzbq8z12yfb9x9r23qy4e2swj28tw5nedzn9nzs9shdb746rs2gz1na0z646esyc10cn22wass6hd2gaqddv5qwghcrqcpre5e9x7fa7rwham410cykm9nj4576wf931811k50q6gwgx76xa96yfr51xq7mqppq1dg0519fy%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1kz9c904epy01zzg2d0zamjzmdn9qxncctnp9mbqkva43fc7dx3nwm2x4r9qk8ben4v2pky3s6vxb80h2a4qhk17080472w5y4y13scp7y82jf9bx0aq4mn42eh3df93e63jw88syhvzgzwjtfr51sd6n5wryn4y22w501vghf6t7f7sej7a9ca8d7fcmch8c46eq192a028e0a8vrw0d46e7291dgqb0f9td21n5q12hswpmeh4cekfdg02xbm5svv1sre5gd2hb7tjyvpwe7w1%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC_Cj5VIASZPm9OIrQgAeQqK2oA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2NjM3NTM0Njc5OTk1OTTIAQmpAgDnZx5_v7E-4AIAqAMBqgSAAk_QAd2LJOOOnqgkFMSbiMaukxvt8ZPXCDXdilCKZ9AAFAfxolbWpuWJrB8Ic67iSMW8ztUC_TebhLRp6SVIMr92MusQfdQ8q8YG8BPKw595FA08thWJLoYK1A0zVKJFlgKxuFgZ3R61gYXlb3J7h_hmKst4-vPuW42PuiRMFr0hRrHx1ZDIa6MUNjWTQWwp-yAPu51ab46Ezd93h1VcbuTZYgIGnmbxOiCvcTY9JysZZ34obeXJvpeh1oOctauNsu5H9MO9vgX2HCq5e4SH8Xym342nzlJ7-2StG9rHNmELdVv-WshtJRs6i473kfNHE_aAYQcwyz3K4jTGltKYxFXgBAGABoGV2N-QofbviAGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_1-0bIM517TruYWEzUEr2gX30cMFg%252526client%25253Dca-pub-4663753467999594%252526adurl%25253D&clickref=oneidWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8Woneid__suite_Netmix_Reach121_BESTPERFORMER&viewref=oneid3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3oneid__suite_Netmix_Reach121_BESTPERFORMER
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C188429%2C197862&b=1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQ%2CmD8hefGfWJ6jsmHZHZtztJGjTKSwTeezuGgw2%2C3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3&f=w7DHdfjf8V8cEHRH2tEC447HzSATmm3aKJ23%2C791CqfzfjD9JarHXHgtECVdXS4S1TQQ2f2kBW%2CWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W&c=970&d=90&e=&g=7c690a3cdd766b61e9925b3172d84479%2F13427897391999105021&i=20774%2C21596%2C71725&j=14%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1678934101730&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kz9c904epy01zzg2d0zamjzmdn9qxncctnp9mbqkva43fc7dx3nwm2x4r9qk8ben4v2pky3s6vxb80h2a4qhk17080472w5y4y13scp7y82jf9bx0aq4mn42eh3df93e63jw88syhvzgzwjtfr51sd6n5wryn4y22w501vghf6t7f7sej7a9ca8d7fcmch8c46eq192a028e0a8vrw0d46e7291dgqb0f9td21n5q12hswpmeh4cekfdg02xbm5svv1sre5gd2hb7tjyvpwe7w1%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC_Cj5VIASZPm9OIrQgAeQqK2oA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2NjM3NTM0Njc5OTk1OTTIAQmpAgDnZx5_v7E-4AIAqAMBqgSAAk_QAd2LJOOOnqgkFMSbiMaukxvt8ZPXCDXdilCKZ9AAFAfxolbWpuWJrB8Ic67iSMW8ztUC_TebhLRp6SVIMr92MusQfdQ8q8YG8BPKw595FA08thWJLoYK1A0zVKJFlgKxuFgZ3R61gYXlb3J7h_hmKst4-vPuW42PuiRMFr0hRrHx1ZDIa6MUNjWTQWwp-yAPu51ab46Ezd93h1VcbuTZYgIGnmbxOiCvcTY9JysZZ34obeXJvpeh1oOctauNsu5H9MO9vgX2HCq5e4SH8Xym342nzlJ7-2StG9rHNmELdVv-WshtJRs6i473kfNHE_aAYQcwyz3K4jTGltKYxFXgBAGABoGV2N-QofbviAGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1-0bIM517TruYWEzUEr2gX30cMFg%2526client%253Dca-pub-4663753467999594%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.132.110.241 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-132-110-241.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
4df7f50e2efa61e014bfc0784e2d893f4710b245adbd2f43d53c6dc7f9da9f3f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:35:01 GMT
last-modified
Thu, 16 Mar 2023 02:35:01 GMT
server
nginx
x-powered-by
PHP/7.4.26
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=60
access-control-allow-headers
Authorization
expires
Thu, 16 Mar 2023 02:36:01 GMT
iframe
pixel.mathtag.com/sync/ Frame 0452 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pixel.mathtag.com/sync/iframe?mt_uuid=3c146412-8055-4a00-966b-ee3f29a568d0&no_iframe=1&exsync=https%3A%2F%2Fapp.retargetly.com%2Fsync%3Fsid%3D%5BMM_UUID%5D%26pid%3D10&mt_lim=12&source=mathtag
Requested by
Host: pixel.mathtag.com
URL: https://pixel.mathtag.com/sync/js?mt_lim=12&sync=auto&exsync=https%3A%2F%2Fapp.retargetly.com%2Fsync%3Fsid%3D%5BMM_UUID%5D%26pid%3D10
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-201.deploy.static.akamaitechnologies.com
Software
MT3 569 46451a0 master zrh-pixel-x26 config:1.0.0 /
Resource Hash
19be29aaf096f554b37f197efd1bf8b00396ab03bf7ee5294a979f24858b1bf0

Request headers

Referer
https://api.retargetly.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Encoding
gzip
Content-Length
931
Content-Type
text/html
Date
Thu, 16 Mar 2023 02:35:01 GMT
Expires
Thu, 16 Mar 2023 02:35:00 GMT
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 569 46451a0 master zrh-pixel-x26 config:1.0.0
Vary
Accept-Encoding
img
pixel.mathtag.com/comp/ Frame A8BB 		0
480 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.mathtag.com/comp/img?mt_id=99&ns=xx&bcdv=0
Requested by
Host: api.retargetly.com
URL: https://api.retargetly.com/api?id=3368&src=0&url=https%3A%2F%2Fistoe.com.br%2F&browserUrl=undefined&ref=&utmz=&n=ISTO%C3%89%20Independente&md=A%20mais%20combativa%20revista%20semanal%20de%20informa%C3%A7%C3%A3o%20e%20interesse%20geral%20do%20Brasil&mk=&il=0&limit_drop=&userid=925d32e2-f5b2-4194-978f-0a1081db4ee1&idx=&fullVersionList=&platform=&_rlid=925d32e2-f5b2-4194-978f-0a1081db4ee1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-201.deploy.static.akamaitechnologies.com
Software
MT3 569 46451a0 master cdg-pixel-x31 config:1.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://api.retargetly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Thu, 16 Mar 2023 02:35:01 GMT
Server
MT3 569 46451a0 master cdg-pixel-x31 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
*
Content-Type
image/gif
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Expires
Thu, 16 Mar 2023 02:35:00 GMT
ws-ad.js
wfpscripts.webspectator.com/ Frame 3ED2 		21 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wfpscripts.webspectator.com/ws-ad.js
Requested by
Host: webservices.webspectator.com
URL: https://webservices.webspectator.com/adunitMapping?appId=2739&eaup=/22452847/Istoe_Home&eolid=null&eci=null&ct=%7B%7D&w=970&h=250&wsRotSlot=&isda=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.1.252.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-252-251.compute-1.amazonaws.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
9d02c3facc410ee6a9dceade80ce0bc710f6037df881453124d3f5c83a6241b5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://istoe.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:35:01 GMT
content-encoding
gzip
last-modified
Tue, 12 Feb 2019 15:34:42 GMT
server
nginx/1.10.3 (Ubuntu)
etag
"5134affc2f01c20ef17e399c5c7cbfbd"
x-cache-status
HIT
content-type
application/javascript
cache-control
max-age=300
content-length
8492
integrator.js
adservice.google.de/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=istoe.com.br
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031301.js?cb=31073052
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://istoe.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:35:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=istoe.com.br
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031301.js?cb=31073052
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://istoe.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:35:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		27 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3102037318906712&correlator=3026057470738423&eid=31072989%2C31073052%2C31073061&output=ldjh&gdfp_req=1&vrg=2023031301&ptt=17&impl=fif&iu_parts=22452847%2CIstoe_Home&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C970x90%7C970x250&ifi=9&adks=2578746223&sfv=1-0-40&prev_scp=pos%3D3&sc=1&cookie=ID%3Dfabdfe6c64fbec8b%3AT%3D1678934099%3AS%3DALNI_MYxkP0yjUt7eyIDY4GXHiMsxkCkMw&gpic=UID%3D00000bc69512ac9c%3AT%3D1678934099%3ART%3D1678934099%3AS%3DALNI_MYJBShunzfjmRW-0lCvHQS9azIlaQ&abxe=1&dt=1678934101884&lmt=1678934101&dlt=1678934096045&idt=1402&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=9&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fistoe.com.br%2F&frm=20&vis=1&psz=0x0&msz=0x0&fws=132&ohw=1600&ga_vid=1307452278.1678934097&ga_sid=1678934100&ga_hid=1946241729&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031301.js?cb=31073052
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f944d47130e3c7b1dc36ae05c0a9a7524f65dee70d086511cac57fa3e5078914
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://istoe.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:35:02 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11957
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://istoe.com.br
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		25 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3102037318906712&correlator=3026057470738423&eid=31072989%2C31073052%2C31073061&output=ldjh&gdfp_req=1&vrg=2023031301&ptt=17&impl=fif&iu_parts=22452847%2CIstoe_Home&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C970x90%7C970x250&ifi=10&adks=3027463469&sfv=1-0-40&prev_scp=pos%3D4&sc=1&cookie=ID%3Dfabdfe6c64fbec8b%3AT%3D1678934099%3AS%3DALNI_MYxkP0yjUt7eyIDY4GXHiMsxkCkMw&gpic=UID%3D00000bc69512ac9c%3AT%3D1678934099%3ART%3D1678934099%3AS%3DALNI_MYJBShunzfjmRW-0lCvHQS9azIlaQ&abxe=1&dt=1678934101893&lmt=1678934101&dlt=1678934096045&idt=1402&adxs=436&adys=3617&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=7&ucis=a&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fistoe.com.br%2F&frm=20&vis=1&psz=1600x16&msz=1600x0&fws=4&ohw=1600&ga_vid=1307452278.1678934097&ga_sid=1678934100&ga_hid=1946241729&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031301.js?cb=31073052
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2ffc90107fd9e6fd40f14e6f57c207e365bad069ab471396cb2cd01f0d9e8da7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://istoe.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:35:02 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11153
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://istoe.com.br
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		25 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3102037318906712&correlator=3026057470738423&eid=31072989%2C31073052%2C31073061&output=ldjh&gdfp_req=1&vrg=2023031301&ptt=17&impl=fif&iu_parts=22452847%2CIstoe_Home&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C970x90%7C970x250&ifi=11&adks=5084546&sfv=1-0-40&sc=1&cookie=ID%3Dfabdfe6c64fbec8b%3AT%3D1678934099%3AS%3DALNI_MYxkP0yjUt7eyIDY4GXHiMsxkCkMw&gpic=UID%3D00000bc69512ac9c%3AT%3D1678934099%3ART%3D1678934099%3AS%3DALNI_MYJBShunzfjmRW-0lCvHQS9azIlaQ&abxe=1&dt=1678934101899&lmt=1678934101&dlt=1678934096045&idt=1402&adxs=176&adys=5866&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=8&ucis=b&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fistoe.com.br%2F&frm=20&vis=1&psz=1248x16&msz=1248x0&fws=4&ohw=1600&ga_vid=1307452278.1678934097&ga_sid=1678934100&ga_hid=1946241729&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031301.js?cb=31073052
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bfab5f6878bb0ee77692b700618e82c6482108ce0df3fd540608496376d735c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://istoe.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:35:02 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11173
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://istoe.com.br
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 6E36 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031301.js?cb=31073052
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://istoe.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 16 Mar 2023 02:34:59 GMT
expires
Fri, 15 Mar 2024 02:34:59 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
img
pixel.mathtag.com/misc/ Frame 0452 		43 B
528 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.mathtag.com/misc/img?mop_seq=0:1&mt_cb=398014&mop_top=
Requested by
Host: pixel.mathtag.com
URL: https://pixel.mathtag.com/sync/iframe?mt_uuid=3c146412-8055-4a00-966b-ee3f29a568d0&no_iframe=1&exsync=https%3A%2F%2Fapp.retargetly.com%2Fsync%3Fsid%3D%5BMM_UUID%5D%26pid%3D10&mt_lim=12&source=mathtag
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-201.deploy.static.akamaitechnologies.com
Software
MT3 569 46451a0 master cdg-pixel-x31 config:1.0.0 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pixel.mathtag.com/sync/iframe?mt_uuid=3c146412-8055-4a00-966b-ee3f29a568d0&no_iframe=1&exsync=https%3A%2F%2Fapp.retargetly.com%2Fsync%3Fsid%3D%5BMM_UUID%5D%26pid%3D10&mt_lim=12&source=mathtag
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Thu, 16 Mar 2023 02:35:01 GMT
Server
MT3 569 46451a0 master cdg-pixel-x31 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
*
Content-Type
image/gif
Cache-Control
no-cache
Connection
keep-alive
Content-Length
43
Expires
Thu, 16 Mar 2023 02:35:00 GMT
adunitMapping
webservices.webspectator.com/ Frame C346 		727 B
768 B 		Script
General
Check archive.org
Download Go to
Full URL
https://webservices.webspectator.com/adunitMapping?appId=2739&eaup=/22452847/Istoe_Home&eolid=null&eci=null&ct=%7B%7D&w=300&h=250&wsRotSlot=&isda=1
Requested by
Host: wfpscripts.webspectator.com
URL: https://wfpscripts.webspectator.com/ws-4.4.62.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.192.67.210 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-192-67-210.compute-1.amazonaws.com
Software
WildFly/10 / Undertow/1
Resource Hash
4eb4d1d5bedb6805642bcdd713d83f53d23909bcb267fb84b2e48f8115e43019

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://istoe.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 16 Mar 2023 02:35:01 GMT
Content-Encoding
gzip
Server
WildFly/10
X-Powered-By
Undertow/1
Transfer-Encoding
chunked
Content-Type
text/javascript;charset=UTF-8
X-NoCache
true
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Jan 1970 00:00:00 GMT
img
pixel.mathtag.com/comp/ Frame 0452 		0
480 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.mathtag.com/comp/img?mt_id=99&ns=xx&bcdv=0
Requested by
Host: pixel.mathtag.com
URL: https://pixel.mathtag.com/sync/iframe?mt_uuid=3c146412-8055-4a00-966b-ee3f29a568d0&no_iframe=1&exsync=https%3A%2F%2Fapp.retargetly.com%2Fsync%3Fsid%3D%5BMM_UUID%5D%26pid%3D10&mt_lim=12&source=mathtag
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-201.deploy.static.akamaitechnologies.com
Software
MT3 569 46451a0 master cdg-pixel-x26 config:1.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pixel.mathtag.com/sync/iframe?mt_uuid=3c146412-8055-4a00-966b-ee3f29a568d0&no_iframe=1&exsync=https%3A%2F%2Fapp.retargetly.com%2Fsync%3Fsid%3D%5BMM_UUID%5D%26pid%3D10&mt_lim=12&source=mathtag
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Thu, 16 Mar 2023 02:35:01 GMT
Server
MT3 569 46451a0 master cdg-pixel-x26 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
*
Content-Type
image/gif
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Expires
Thu, 16 Mar 2023 02:35:00 GMT
rs
ad4m.at/ Frame 3020 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b6137519b23512fb824399e27cab378499f19343851a2bc4b1f226a8790211b9

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 16 Mar 2023 02:35:02 GMT
via
1.1 google
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0yAXaoa%2BHyIrpi0yDglCpi1rDv4%2BbOmD0%2FJ9mu6QBg38wROQr%2BL7jBt3HgZr7n7iCf89CB5A5TpWjOwKH9%2B%2BI5%2Bfm7bBN%2FBTcQah9zNwZAMlwAUhovLUHasu0xLGo56fOM8NBxk%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://as.ad4m.at
access-control-allow-credentials
true
cf-ray
7a8999b959739295-FRA
x-backend-server
aa-reachservice-group-europe-west1-8tkt
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
rs
ad4m.at/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin
https://as.ad4m.at
access-control-max-age
1800
allow
HEAD,POST,GET,OPTIONS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7a8999b929609295-FRA
content-length
24
content-type
text/plain
date
Thu, 16 Mar 2023 02:35:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TwAoZx6bWpI6lqMKEP%2F5hp5MDLnycbDV0j9f3LmXoiQ1mwd1d4nVKXrg0kwdtx3z8EjFGfZbRqbO4qZkyIe5RTDpQaeLpmhIfR%2BGvBn4qiXKXkYMm95G0ApKuDBAhjDSqDEV7wE%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
via
1.1 google
x-backend-server
aa-reachservice-group-europe-west1-8tkt
adview
securepubads.g.doubleclick.net/pagead/ Frame 7D55 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CM2DLVYASZLbjII2VgAfdx5iYA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2NjM3NTM0Njc5OTk1OTTIAQmpAgDnZx5_v7E-4AIAqAMBqgSCAk_QGQSz3xJT6XZ4DEnkwwisfGIhGSDp8Jl6OntfMt1X59Cerd7AVG0oaSmxr47qczQUoJn5e1AQiJIuRgvJYRyU-OaaUlm9Ae5C0vazt3UXYvVUvVyq74YmFOEigWHkDkSOyX-u85m94P4Otz_QOfqGujjmzZ8ynG9-W3ZlsXpXlYg2E7U7xGrRqAk6L2FKukezTrEUzS5bRt4OOiMByl2VWfsqT7Xe2LVZSHMArglChQHj_M2dDJBVA64T_9L_cF4Su6tFRK7kc-QTL1qhkVOd18PwIHLajW93m4CbCNLD2qnGdpW0MwBwdLRaaVR-NMMyRo_VeUsXiAexA_8R4Homh-AEAYAG79rjt9a5xbd1oAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQIAKAfoLAggBgAwB0BUBgBcBshccChoSFHB1Yi00NjYzNzUzNDY3OTk5NTk0GIewDg&sigh=9Df9nlh4mbs&uach_m=[UACH]&cid=CAQSPADUE5ymtFh8PMpYLV_FxM_F4B5YQHqqmBU_Zf8psNskRpvNItmbBH7CAlXo3Xo8828mO0NukS3evi_XlRgB
Requested by
Host: istoe.com.br
URL: https://istoe.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers
winResponse
prod-rtb.ad4mat.net/ Frame 7D55 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prod-rtb.ad4mat.net/winResponse?a=1jdjg1srmjxergtbc3rf0xvbhvvq4yzwkdvhjjgj7wrfsvqrqcy8r522g7v7h06jpk6f5ejayjtt7e0qs5s8fzab44xqsgzhtb210tkdd1j2jdd4ddz9gfz4717793hnyebdqj1nycxsrnxbestb6yaggdypfnj32zq7ke5myaqshmc866mym327ecp89k6skq9dbv51r0krexrd2jerfz9vnh48fs9t677heg3xnm93srd39swepapjpxz8d3vxnmatkwpd22sa4b4abwpa5t7c74mrs39sjgnv317mth8qemdxc4n4e6g2jyag0wb3s80p174e74qe35a8b42x9r342b8bman9swg0nqgd7z70erq54k53389tc7p2xg8qaqbkjvnwfm7f13r&b=ZBKAVQAIMbYK4AqNAAYj3QcYNDg0fxa__7JGNQ
Requested by
Host: istoe.com.br
URL: https://istoe.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 16 Mar 2023 02:35:01 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
image/gif
dr
as.ad4m.at/ad/ Frame 73A8 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/dr?ed=1jknb8d1qvdc9hnxr0jfwhzz0xva55vm0fkayd9k8e8xe4j85h9ss27vq5wj9ther6t49f266sy26zx3v8ds8kgxmtd8g2yxgxnshyh7e9p1fmxv4ncsqctapv9k3wck4rgg3a0rfakh2fk45vetpzx04yzfvxbdh082g3d0zd4qa0744kt2vmy8dzkr8gb27x3cj9gngxp6e0aj2wnzgbdr8ek9fjnckbfx9qjf0y5bk55cqr7s4hy9nvgj33pbafm0mf6a7c52yj1rrbj6na9b330wh7xag25q91vc7jheejhqabwx9apaks5btvpjt4m1p5pkw59r87pn8c8rpdwjr375jdc83rczrpt8sw0zg3zv62mjszw0hfwm3d3pbp51ekgq7xtkfnwdadb07m8j69x0xjvjqmg10jtc7mj35rnnb6cfn3jf04p5c5zccn88mwndxg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCIcIfVYASZLbjII2VgAfdx5iYA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2NjM3NTM0Njc5OTk1OTTIAQmpAgDnZx5_v7E-4AIAqAMBqgSFAk_QGQSz3xJT6XZ4DEnkwwisfGIhGSDp8Jl6OntfMt1X59Cerd7AVG0oaSmxr47qczQUoJn5e1AQiJIuRgvJYRyU-OaaUlm9Ae5C0vazt3UXYvVUvVyq74YmFOEigWHkDkSOyX-u85m94P4Otz_QOfqGujjmzZ8ynG9-W3ZlsXpXlYg2E7U7xGrRqAk6L2FKukezTrEUzS5bRt4OOiMByl2VWfsqT7Xe2LVZSHMArglChQHj_M2dDJBVA64T_9L_cF4Su6tFRK7kc-QTL1qhkVOd18PwIHLajW93m4DZCvNRDVBBNl0ze5aqPSaoUEB0mckcXlJVuwKFcJOvL-fEPOVmT57nteAEAYAG79rjt9a5xbd1oAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1-Or66cd7sSfL0C0ihoipdMfswLQ%26client%3Dca-pub-4663753467999594%26adurl%3D
Requested by
Host: istoe.com.br
URL: https://istoe.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
32691b1ddb86afce3ca38147476525191fae65f4a47c2adb775604d83a6157b3
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
7a8999b95a879213-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Thu, 16 Mar 2023 02:35:01 GMT
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230314/r20110914/client/ Frame 7D55 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230314/r20110914/client/window_focus_fy2021.js
Requested by
Host: istoe.com.br
URL: https://istoe.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 15 Mar 2023 22:31:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
14631
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 29 Mar 2023 22:31:10 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 3152 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: istoe.com.br
URL: https://istoe.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
51100
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 15 Mar 2023 12:23:21 GMT
etag
48472445140208031
expires
Thu, 16 Mar 2023 12:23:21 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230314/r20110914/client/ Frame 7D55 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230314/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: istoe.com.br
URL: https://istoe.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a9161954861bb1fd7d5044d99f9ce04137b3836979ce8c5c75d224642f57c3f9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 15 Mar 2023 18:10:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
30269
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8559
x-xss-protection
0
server
cafe
etag
11326455550778179109
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 29 Mar 2023 18:10:32 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 7D55 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: istoe.com.br
URL: https://istoe.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 09 Mar 2023 10:51:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
575012
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 08 Mar 2024 10:51:29 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 7D55 		158 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: istoe.com.br
URL: https://istoe.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3456dcd3eb25196e68e2822cca66a20c2f123bedf5986f159be674e4c40a05cb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:35:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49519
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1678880156327103"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 16 Mar 2023 02:35:01 GMT
pvClk.min.js
analytics.webgains.io/ Frame 6DA3 		85 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.webgains.io/pvClk.min.js
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=3641431&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1j4ca0zxhgtab8sh1xapdbmngwgd377pvmg98vr2r65j72y7zvq6gy9zz1zyhx82wqx7a12yawgdvmk9vfybky27kd1vzrzbq8z12yfb9x9r23qy4e2swj28tw5nedzn9nzs9shdb746rs2gz1na0z646esyc10cn22wass6hd2gaqddv5qwghcrqcpre5e9x7fa7rwham410cykm9nj4576wf931811k50q6gwgx76xa96yfr51xq7mqppq1dg0519fy%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1kz9c904epy01zzg2d0zamjzmdn9qxncctnp9mbqkva43fc7dx3nwm2x4r9qk8ben4v2pky3s6vxb80h2a4qhk17080472w5y4y13scp7y82jf9bx0aq4mn42eh3df93e63jw88syhvzgzwjtfr51sd6n5wryn4y22w501vghf6t7f7sej7a9ca8d7fcmch8c46eq192a028e0a8vrw0d46e7291dgqb0f9td21n5q12hswpmeh4cekfdg02xbm5svv1sre5gd2hb7tjyvpwe7w1%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC_Cj5VIASZPm9OIrQgAeQqK2oA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2NjM3NTM0Njc5OTk1OTTIAQmpAgDnZx5_v7E-4AIAqAMBqgSAAk_QAd2LJOOOnqgkFMSbiMaukxvt8ZPXCDXdilCKZ9AAFAfxolbWpuWJrB8Ic67iSMW8ztUC_TebhLRp6SVIMr92MusQfdQ8q8YG8BPKw595FA08thWJLoYK1A0zVKJFlgKxuFgZ3R61gYXlb3J7h_hmKst4-vPuW42PuiRMFr0hRrHx1ZDIa6MUNjWTQWwp-yAPu51ab46Ezd93h1VcbuTZYgIGnmbxOiCvcTY9JysZZ34obeXJvpeh1oOctauNsu5H9MO9vgX2HCq5e4SH8Xym342nzlJ7-2StG9rHNmELdVv-WshtJRs6i473kfNHE_aAYQcwyz3K4jTGltKYxFXgBAGABoGV2N-QofbviAGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_1-0bIM517TruYWEzUEr2gX30cMFg%252526client%25253Dca-pub-4663753467999594%252526adurl%25253D&clickref=oneidWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8Woneid__suite_Netmix_Reach121_BESTPERFORMER&viewref=oneid3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3oneid__suite_Netmix_Reach121_BESTPERFORMER
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-120.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
00c5621a3f56c052959f8f0591b65e893f132b49b1447fde20767966cacbfbfe

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 15 Mar 2023 17:26:36 GMT
content-encoding
gzip
via
1.1 da392114e7046bd9720a70f40c796f62.cloudfront.net (CloudFront)
last-modified
Wed, 08 Mar 2023 12:12:35 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P4
age
32907
etag
W/"876c293e6c37046ecb0c11ce2e276942"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
x-amz-cf-id
x_PiLCBJPzrX24AxOU3B2I_XXUHRYkNPEdzDwdAnf84mnW5x-OnIIg==
1619604937_fPkEZHu3MNy3GC7XuV3lA1s9E5XlSAcF.png
cdn.track.production.webgains.team/286305/ Frame 6DA3 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.track.production.webgains.team/286305/1619604937_fPkEZHu3MNy3GC7XuV3lA1s9E5XlSAcF.png?Expires=1678934401&Signature=JPnfnyWMoAoNE38O3phm8Jg8X1h4hXCvz8qabNezRJI~PrYfZSEFzYm4nAsEFUOi6cseh3ZozWwPvPg1WxCXApyKeraXuIM6KNRal--v2y4qEX8Kb4DfzEXJMzTQl72dyhByPJ~eraYF~OUrcGmn1FEj5O15ipxPhiw43NPIYmscyWWNtMLsPNExr2QYOzc5VHDSaJha9WtB1ZPUs8w8GF8LyyFTytRg0-xtOR4vtpx3xoiEyd2lIPAMjLWNg9aAwF1HWII5dBnngCUTbQW91U5Wd~kE~cffF8tHeEHivYqjXeaw4qOM3aVo61JMWOwAMijLHiHs9PR1EhIwYH5NtA__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C188429%2C197862&b=1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQ%2CmD8hefGfWJ6jsmHZHZtztJGjTKSwTeezuGgw2%2C3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3&f=w7DHdfjf8V8cEHRH2tEC447HzSATmm3aKJ23%2C791CqfzfjD9JarHXHgtECVdXS4S1TQQ2f2kBW%2CWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W&c=970&d=90&e=&g=7c690a3cdd766b61e9925b3172d84479%2F13427897391999105021&i=20774%2C21596%2C71725&j=14%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1678934101730&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kz9c904epy01zzg2d0zamjzmdn9qxncctnp9mbqkva43fc7dx3nwm2x4r9qk8ben4v2pky3s6vxb80h2a4qhk17080472w5y4y13scp7y82jf9bx0aq4mn42eh3df93e63jw88syhvzgzwjtfr51sd6n5wryn4y22w501vghf6t7f7sej7a9ca8d7fcmch8c46eq192a028e0a8vrw0d46e7291dgqb0f9td21n5q12hswpmeh4cekfdg02xbm5svv1sre5gd2hb7tjyvpwe7w1%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC_Cj5VIASZPm9OIrQgAeQqK2oA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2NjM3NTM0Njc5OTk1OTTIAQmpAgDnZx5_v7E-4AIAqAMBqgSAAk_QAd2LJOOOnqgkFMSbiMaukxvt8ZPXCDXdilCKZ9AAFAfxolbWpuWJrB8Ic67iSMW8ztUC_TebhLRp6SVIMr92MusQfdQ8q8YG8BPKw595FA08thWJLoYK1A0zVKJFlgKxuFgZ3R61gYXlb3J7h_hmKst4-vPuW42PuiRMFr0hRrHx1ZDIa6MUNjWTQWwp-yAPu51ab46Ezd93h1VcbuTZYgIGnmbxOiCvcTY9JysZZ34obeXJvpeh1oOctauNsu5H9MO9vgX2HCq5e4SH8Xym342nzlJ7-2StG9rHNmELdVv-WshtJRs6i473kfNHE_aAYQcwyz3K4jTGltKYxFXgBAGABoGV2N-QofbviAGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1-0bIM517TruYWEzUEr2gX30cMFg%2526client%253Dca-pub-4663753467999594%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-94.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
60bf02832688d14251ec1c7b8acfda233a91f927f26c7202bdaba781a1f0fcdf

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id
null
date
Wed, 15 Mar 2023 21:11:44 GMT
via
1.1 c6b364b1181abfafd7a69f210841edca.cloudfront.net (CloudFront)
last-modified
Fri, 06 May 2022 10:41:35 GMT
server
AmazonS3
x-amz-cf-pop
FRA6-C1
age
19399
etag
"d4e8f970f24f6d19b53aa92b1907c1ef"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
15054
x-amz-cf-id
19E2kuehJ_QZiO_QEIgrp7YiljUkk1IRCBZVc7mKqpsoIFwH6KQIUw==
default.css
as.ad4m.at/ad/style/0.1.35/one-ad/ Frame 73A8 		94 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.35/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1jknb8d1qvdc9hnxr0jfwhzz0xva55vm0fkayd9k8e8xe4j85h9ss27vq5wj9ther6t49f266sy26zx3v8ds8kgxmtd8g2yxgxnshyh7e9p1fmxv4ncsqctapv9k3wck4rgg3a0rfakh2fk45vetpzx04yzfvxbdh082g3d0zd4qa0744kt2vmy8dzkr8gb27x3cj9gngxp6e0aj2wnzgbdr8ek9fjnckbfx9qjf0y5bk55cqr7s4hy9nvgj33pbafm0mf6a7c52yj1rrbj6na9b330wh7xag25q91vc7jheejhqabwx9apaks5btvpjt4m1p5pkw59r87pn8c8rpdwjr375jdc83rczrpt8sw0zg3zv62mjszw0hfwm3d3pbp51ekgq7xtkfnwdadb07m8j69x0xjvjqmg10jtc7mj35rnnb6cfn3jf04p5c5zccn88mwndxg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCIcIfVYASZLbjII2VgAfdx5iYA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2NjM3NTM0Njc5OTk1OTTIAQmpAgDnZx5_v7E-4AIAqAMBqgSFAk_QGQSz3xJT6XZ4DEnkwwisfGIhGSDp8Jl6OntfMt1X59Cerd7AVG0oaSmxr47qczQUoJn5e1AQiJIuRgvJYRyU-OaaUlm9Ae5C0vazt3UXYvVUvVyq74YmFOEigWHkDkSOyX-u85m94P4Otz_QOfqGujjmzZ8ynG9-W3ZlsXpXlYg2E7U7xGrRqAk6L2FKukezTrEUzS5bRt4OOiMByl2VWfsqT7Xe2LVZSHMArglChQHj_M2dDJBVA64T_9L_cF4Su6tFRK7kc-QTL1qhkVOd18PwIHLajW93m4DZCvNRDVBBNl0ze5aqPSaoUEB0mckcXlJVuwKFcJOvL-fEPOVmT57nteAEAYAG79rjt9a5xbd1oAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1-Or66cd7sSfL0C0ihoipdMfswLQ%26client%3Dca-pub-4663753467999594%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
926a4ca073c39c40cabffbf1b0371803f245f084cdb9177fc7b3f9d81c0e394d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1jknb8d1qvdc9hnxr0jfwhzz0xva55vm0fkayd9k8e8xe4j85h9ss27vq5wj9ther6t49f266sy26zx3v8ds8kgxmtd8g2yxgxnshyh7e9p1fmxv4ncsqctapv9k3wck4rgg3a0rfakh2fk45vetpzx04yzfvxbdh082g3d0zd4qa0744kt2vmy8dzkr8gb27x3cj9gngxp6e0aj2wnzgbdr8ek9fjnckbfx9qjf0y5bk55cqr7s4hy9nvgj33pbafm0mf6a7c52yj1rrbj6na9b330wh7xag25q91vc7jheejhqabwx9apaks5btvpjt4m1p5pkw59r87pn8c8rpdwjr375jdc83rczrpt8sw0zg3zv62mjszw0hfwm3d3pbp51ekgq7xtkfnwdadb07m8j69x0xjvjqmg10jtc7mj35rnnb6cfn3jf04p5c5zccn88mwndxg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCIcIfVYASZLbjII2VgAfdx5iYA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2NjM3NTM0Njc5OTk1OTTIAQmpAgDnZx5_v7E-4AIAqAMBqgSFAk_QGQSz3xJT6XZ4DEnkwwisfGIhGSDp8Jl6OntfMt1X59Cerd7AVG0oaSmxr47qczQUoJn5e1AQiJIuRgvJYRyU-OaaUlm9Ae5C0vazt3UXYvVUvVyq74YmFOEigWHkDkSOyX-u85m94P4Otz_QOfqGujjmzZ8ynG9-W3ZlsXpXlYg2E7U7xGrRqAk6L2FKukezTrEUzS5bRt4OOiMByl2VWfsqT7Xe2LVZSHMArglChQHj_M2dDJBVA64T_9L_cF4Su6tFRK7kc-QTL1qhkVOd18PwIHLajW93m4DZCvNRDVBBNl0ze5aqPSaoUEB0mckcXlJVuwKFcJOvL-fEPOVmT57nteAEAYAG79rjt9a5xbd1oAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1-Or66cd7sSfL0C0ihoipdMfswLQ%26client%3Dca-pub-4663753467999594%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:35:02 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime
1677666448
age
57690
cf-polished
origSize=96968
x-guploader-uploadid
ADPycduxnnyMRJTFaD4Dg7Hd8aRn6xTYu1PRy7TXWWh0GjCBxwAMZMkehaNAf-UCycuwqnGLPQWuj1EZCp5aL6ZRZOMYGSoR-sy7
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 01 Mar 2023 10:28:06 GMT
server
cloudflare
etag
W/"6110dc3a24c902508647a582294bcc25"
vary
Accept-Encoding
x-goog-generation
1677666486645030
content-type
text/css
x-goog-hash
crc32c=6qzuyQ==, md5=YRDcOiTJAlCGR6WCKUvMJQ==
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nd3%2BMneL2Kd1HF6jmyZYkwFt0La3E%2F70yv9XO2x95gRRiCOZlydgIjaccUe1uyXF1xj4pWQ7Up2xllCI2SPAhXLdqq%2Bx4ztWXzdRdGT5o7dENoyvmus1VPVjcdnXTIOxcXwMASQHVUU%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
96968
cf-ray
7a8999b98a999213-FRA
expires
Thu, 16 Mar 2023 03:35:02 GMT
r62eglto.js
ad4m.at/ Frame 73A8 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/r62eglto.js
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1jknb8d1qvdc9hnxr0jfwhzz0xva55vm0fkayd9k8e8xe4j85h9ss27vq5wj9ther6t49f266sy26zx3v8ds8kgxmtd8g2yxgxnshyh7e9p1fmxv4ncsqctapv9k3wck4rgg3a0rfakh2fk45vetpzx04yzfvxbdh082g3d0zd4qa0744kt2vmy8dzkr8gb27x3cj9gngxp6e0aj2wnzgbdr8ek9fjnckbfx9qjf0y5bk55cqr7s4hy9nvgj33pbafm0mf6a7c52yj1rrbj6na9b330wh7xag25q91vc7jheejhqabwx9apaks5btvpjt4m1p5pkw59r87pn8c8rpdwjr375jdc83rczrpt8sw0zg3zv62mjszw0hfwm3d3pbp51ekgq7xtkfnwdadb07m8j69x0xjvjqmg10jtc7mj35rnnb6cfn3jf04p5c5zccn88mwndxg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCIcIfVYASZLbjII2VgAfdx5iYA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2NjM3NTM0Njc5OTk1OTTIAQmpAgDnZx5_v7E-4AIAqAMBqgSFAk_QGQSz3xJT6XZ4DEnkwwisfGIhGSDp8Jl6OntfMt1X59Cerd7AVG0oaSmxr47qczQUoJn5e1AQiJIuRgvJYRyU-OaaUlm9Ae5C0vazt3UXYvVUvVyq74YmFOEigWHkDkSOyX-u85m94P4Otz_QOfqGujjmzZ8ynG9-W3ZlsXpXlYg2E7U7xGrRqAk6L2FKukezTrEUzS5bRt4OOiMByl2VWfsqT7Xe2LVZSHMArglChQHj_M2dDJBVA64T_9L_cF4Su6tFRK7kc-QTL1qhkVOd18PwIHLajW93m4DZCvNRDVBBNl0ze5aqPSaoUEB0mckcXlJVuwKFcJOvL-fEPOVmT57nteAEAYAG79rjt9a5xbd1oAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1-Or66cd7sSfL0C0ihoipdMfswLQ%26client%3Dca-pub-4663753467999594%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2d5e67a38c9a11424cac19ce192c9fd124a6d74e64d3791a01561dbd3e39c0b4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:35:02 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 14 Mar 2023 13:45:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
132565
etag
W/"fcb2a26b07bd76d9a925cae661d6d94d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TgTRW%2BsrZ3CS49Lyhap1IweG%2BAzoN2kkdkBh8b5l%2FYBXYvwEQL%2B6Ul9dBRbz9fYP0rvQ1gdAL97QVzc2MhdOKHBOxR7kASu9PTSXUmYaBKpe8S2thMwZKtZc8EpZzQki0bEN2JI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray
7a8999b98a9b9213-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 14 Mar 2023 13:45:37 GMT
truncated
/ Frame 7D55 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1285418564ad994095d4818a7f67d208215b4674b1c2c3ced46fe691eb6f3cf1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type
image/png
rar
as.ad4m.at/ad/ Frame 31EB 		5 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/rar?a=183975&b=Z28fwfBfz65xcmHDHDt3tJ41C6SXTQQefY5jB&f=9kMaMfmfdxAeTKHBH2tzCrAPh9SmTzzmSrbBX&c=300&d=50&e=&g=cd1fb562a5c28a206adb2f621606ffec%2F12969081154049086728&i=20597&j=21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1678934102002&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kw2v85m5xpjr2ywr1z63batqxjr7se1q050nq2c803qdb8petef495yd83rxz6p54p6an3rk8w13c0nr1ephp70t766b0f19m3pbn75qc7mkhvge82essvm9ykmrc974bahsaxhndkwjz8cchgw2nba68gb89k5k9e5e6b727rah696z8z32s4ec9tbaxg2ffqqe1b477m36zw7dh5j87sh42g5q6f5nyeqw14smr0p6whpa60zs9h28nmr6y761qdz33xxxcqp2cwj26d0fqwe%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC1PsgVYASZMPXFtPl7gOmtYSIDJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2NjM3NTM0Njc5OTk1OTTIAQmpAgDnZx5_v7E-4AIAqAMBqgSAAk_Q7KJpvZhMgEubt9hAermc6GrbdHIM1pm8a1K-2TI0EQLg4DH6JMTjB1_XbCsEy65MkF9VLvZ-AepGxjtuiYjUut4GZTZsO2niciZJNqJbhYdbu8Br24a-6Z1LsumTq-cJSUkaF6PlsQRrVYfkm2sF6xytxlo8fuWswthrnVVr6zTJdHiaAuJzuw-VsPrFZ4fuYMqkwOAB-DmmB37--yVDV4YxLMQeJWUXmx_nyxZ40BE4uF3qveoCCxUZr92k7j0yGd2pD9vpXykMxHUGlM8JTylQGqSJRAxw9QU0kFZz7LtAs6eIB77MbHE4ZXbta0pmWUYcSzpCcNsgI8RcrLzgBAGABpqW_rH7lvf1yAGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2-SAun4UsMWBuXvTgeIAvi4nR7uw%2526client%253Dca-pub-4663753467999594%2526adurl%253D&y=1&s=&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
130424464126de3f030995d9c9e4cab9dd45ed63918f4fd2bcd7216048487834
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://as.ad4m.at/ad/dr?ed=1g294dxd48kkn0mscv844628xc0bsmfgwp61vwzpj3dn90essn44h41jyxzgfx788zpvx4e0zdt7hxq2j5n5z6t4fafgv2jb5bcx8wdd4g03xhfct2j884s1n1af6qr5t3wkm722y3d6rtxb52gpytc3v0zyeejqmetcw0d62d9nhkjbs7ew11zh7yt0zb4p2fk0d8v9b0ky2nge1npw4kay8dyjekb80ensaxt03ka9nydwr62psy7x8vxn7s5v20n28v6vvqhs013rrmg7gptne7hxq078gm4yzhnhad5hg0wbzqznjeezbcbned3kbtxqv43yqnbngm0skmm51zk7ms0ntck9y9b6aqzk4a2wvte3zrt9yy7x177599ptpm4nnna4c88efmwyqpv8qd5s6dbng2m6yt9gfkfwwv5gvwq8bmnb2vt20gqq2a52vkd01cd0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC1PsgVYASZMPXFtPl7gOmtYSIDJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2NjM3NTM0Njc5OTk1OTTIAQmpAgDnZx5_v7E-4AIAqAMBqgSAAk_Q7KJpvZhMgEubt9hAermc6GrbdHIM1pm8a1K-2TI0EQLg4DH6JMTjB1_XbCsEy65MkF9VLvZ-AepGxjtuiYjUut4GZTZsO2niciZJNqJbhYdbu8Br24a-6Z1LsumTq-cJSUkaF6PlsQRrVYfkm2sF6xytxlo8fuWswthrnVVr6zTJdHiaAuJzuw-VsPrFZ4fuYMqkwOAB-DmmB37--yVDV4YxLMQeJWUXmx_nyxZ40BE4uF3qveoCCxUZr92k7j0yGd2pD9vpXykMxHUGlM8JTylQGqSJRAxw9QU0kFZz7LtAs6eIB77MbHE4ZXbta0pmWUYcSzpCcNsgI8RcrLzgBAGABpqW_rH7lvf1yAGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2-SAun4UsMWBuXvTgeIAvi4nR7uw%26client%3Dca-pub-4663753467999594%26adurl%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
7a8999b9bab29213-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Thu, 16 Mar 2023 02:35:02 GMT
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
i.match
a.tribalfusion.com/ Frame 3152 		43 B
444 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.tribalfusion.com/i.match?p=b6&u=CAESELLNEKg5eK5X3oSgLJHuwpU&google_cver=1&google_push=Aa02lx_Z2-0YgWCYXnHFe97ae9bCkbqCwOKC_R6NU43eyMDFpdsw27yPvyJWHa5kp2V0PvuwPROmnQfYzNq3yzuJUzC49mRhhnMa88g&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAa02lx_Z2-0YgWCYXnHFe97ae9bCkbqCwOKC_R6NU43eyMDFpdsw27yPvyJWHa5kp2V0PvuwPROmnQfYzNq3yzuJUzC49mRhhnMa88g%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: 3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com
URL: https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Mar 2023 02:35:02 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
7a8999b9cb749010-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 3152
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEMBeRjSBEzF5OgSmxThLHlY&google_cver=1&google_push=Aa02lx9UzgVPSvv0onwioxKO5GVMXhxnYTPM7_56KcilsmtFwzt-i78dEeR9zd8CEnU0xxEeVHSPfM8XhHPmxXYeG3WJqLjxDkZv4uY
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=D8ACA06350D24CF5A364B7DEDB2460F0&google_push=Aa02lx9UzgVPSvv0onwioxKO5GVMXhxnYTPM7_56KcilsmtFwzt-i78dEeR9zd8CEnU0xxEeVHSPfM8XhHPmxXY...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=D8ACA06350D24CF5A364B7DEDB2460F0&google_push=Aa02lx9UzgVPSvv0onwioxKO5GVMXhxnYTPM7_56KcilsmtFwzt-i78dEeR9zd8CEnU0xxEeVHSPfM8XhHPmxXYeG3WJqLjxDkZv4uY
Requested by
Host: 3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com
URL: https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Mar 2023 02:35:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 16 Mar 2023 02:35:02 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=D8ACA06350D24CF5A364B7DEDB2460F0&google_push=Aa02lx9UzgVPSvv0onwioxKO5GVMXhxnYTPM7_56KcilsmtFwzt-i78dEeR9zd8CEnU0xxEeVHSPfM8XhHPmxXYeG3WJqLjxDkZv4uY
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Wed, 15 Mar 2023 02:35:02 GMT
pixel
cm.g.doubleclick.net/ Frame 3152
Redirect Chain
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEGTzDEZTDv90a38cJwFw8nI&google_cver=1&google_push=Aa02lx_TXxzJoIKZBee0uZRtSncYOiImIvs-rkXuKQFknUFhj05fUKMKIC-eL6eh5eew9MzDaF1v8xC_45k...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=Aa02lx_TXxzJoIKZBee0uZRtSncYOiImIvs-rkXuKQFknUFhj05fUKMKIC-eL6eh5eew9MzDaF1v8xC_45k8ATuhBS5fQhW0eZHsiRk&google_hm=ByENoGx2RMqXwURk2...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=Aa02lx_TXxzJoIKZBee0uZRtSncYOiImIvs-rkXuKQFknUFhj05fUKMKIC-eL6eh5eew9MzDaF1v8xC_45k8ATuhBS5fQhW0eZHsiRk&google_hm=ByENoGx2RMqXwURk2vgpLY0
Requested by
Host: 3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com
URL: https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Mar 2023 02:35:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 16 Mar 2023 02:35:02 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NOI DSP COR NID CUR OUR NOR"
status
302
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=Aa02lx_TXxzJoIKZBee0uZRtSncYOiImIvs-rkXuKQFknUFhj05fUKMKIC-eL6eh5eew9MzDaF1v8xC_45k8ATuhBS5fQhW0eZHsiRk&google_hm=ByENoGx2RMqXwURk2vgpLY0
content-type
text/html;charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 3152
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEI-Zy5h64n_RSir9zAFOQjY&google_cver=1&google_push=Aa02lx8M3eUgMhw325Zd82mtqwmF3Whog4wOC2kAALm_G5q2HATjRfvh1U36nKRLimkq3R-mu9ozYMeuhtK0TF...
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIxMDk2NzA1NTk0MzU5NjE4NQ%3D%3D&google_push=Aa02lx8M3eUgMhw325Zd82mtqwmF3Whog4wOC2kAALm_G5q2HATjRfvh1U36nKRLimkq3R-mu9ozYMeuhtK0TFsVFJ...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIxMDk2NzA1NTk0MzU5NjE4NQ%3D%3D&google_push=Aa02lx8M3eUgMhw325Zd82mtqwmF3Whog4wOC2kAALm_G5q2HATjRfvh1U36nKRLimkq3R-mu9ozYMeuhtK0TFsVFJ0oyjg5wI2hhZw
Requested by
Host: 3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com
URL: https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Mar 2023 02:35:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIxMDk2NzA1NTk0MzU5NjE4NQ%3D%3D&google_push=Aa02lx8M3eUgMhw325Zd82mtqwmF3Whog4wOC2kAALm_G5q2HATjRfvh1U36nKRLimkq3R-mu9ozYMeuhtK0TFsVFJ0oyjg5wI2hhZw
Date
Thu, 16 Mar 2023 02:35:02 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
pixel
cm.g.doubleclick.net/ Frame 3152
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEHDfcIaEAAEnDscBpDYTEYs&google_cver=1&google_push=Aa02lx9CjXAaBpBpWRrKRiet7WZEvg7t3dDquwcRT68ChmqSmHtczt-9Ve7yvSuCPYcBt31H7c_z_EAWC33Ilfzce2cd...
  • https://p.rfihub.com/cm?in=1&pub=20513&ssp=google
  • https://x.bidswitch.net/sync?dsp_id=119&user_id=5133329524710691937&expires=30&ssp=google
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aa02lx9CjXAaBpBpWRrKRiet7WZEvg7t3dDquwcRT68ChmqSmHtczt-9Ve7yvSuCPYcBt31H7c_z_EAWC33Ilfzce2cd9TwfjsQ19Rg&google_hm=61oV0SubRpeZ0qD2sK8L...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aa02lx9CjXAaBpBpWRrKRiet7WZEvg7t3dDquwcRT68ChmqSmHtczt-9Ve7yvSuCPYcBt31H7c_z_EAWC33Ilfzce2cd9TwfjsQ19Rg&google_hm=61oV0SubRpeZ0qD2sK8LDA==
Protocol
H3
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Mar 2023 02:35:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
//cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aa02lx9CjXAaBpBpWRrKRiet7WZEvg7t3dDquwcRT68ChmqSmHtczt-9Ve7yvSuCPYcBt31H7c_z_EAWC33Ilfzce2cd9TwfjsQ19Rg&google_hm=61oV0SubRpeZ0qD2sK8LDA==
date
Thu, 16 Mar 2023 02:35:02 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
pixel
cm.g.doubleclick.net/ Frame 3152
Redirect Chain
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEI5ks1LqCig4iYCZL3TMt7Q&google_cver=1&google_push=Aa02lx_tK56n9RTm-XmkiOopFwjg8J5DmN-kaH3qE59l3He3ugbCy9erzd25epiKDCoXNUjfamV8mvlPe93I...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx_tK56n9RTm-XmkiOopFwjg8J5DmN-kaH3qE59l3He3ugbCy9erzd25epiKDCoXNUjfamV8mvlPe93IdRjK6p6jsG5Pn1iBkw
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx_tK56n9RTm-XmkiOopFwjg8J5DmN-kaH3qE59l3He3ugbCy9erzd25epiKDCoXNUjfamV8mvlPe93IdRjK6p6jsG5Pn1iBkw
Requested by
Host: 3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com
URL: https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Mar 2023 02:35:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx_tK56n9RTm-XmkiOopFwjg8J5DmN-kaH3qE59l3He3ugbCy9erzd25epiKDCoXNUjfamV8mvlPe93IdRjK6p6jsG5Pn1iBkw
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
report
sync.teads.tv/um/ Frame 3152
Redirect Chain
  • https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEJnIis-XYbXTwgFSCG8-YDM&...
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=Aa02lx9gvHhzR2WZFNTPaO3se6l8cZoyyBBlsqMTHsVFe6ylaaDGXwKoHeHd_DxEv1a4Wwz_a_eQTuF-7FQNfGBNwQeGKT7ySglsUdiM
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by
Host: 3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com
URL: https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
104.111.217.42 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-217-42.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.10 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

expires
Thu, 16 Mar 2023 02:35:02 GMT
pragma
no-cache
date
Thu, 16 Mar 2023 02:35:02 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.10
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 16 Mar 2023 02:35:02 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
260
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 3152 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13L-xPILe906EqXbTSQnCD9xUCrZweQEoLBFA6qz1P9-QMgEBsb55q-BPX-FNEQiebW17ktLSw
Requested by
Host: 3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com
URL: https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:35:02 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 73A8 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.35/one-ad/default.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:444e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:35:02 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2741
x-guploader-uploadid
ADPycds1SLdGXbfm0r3qDGy8sfwZXQfpj1kJA4sERetf1LIRiVzV7g41c7a-EwZMzWmu5dxBmhh2VgdQIymIU8Old3wWOUTyb-2i
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3262
last-modified
Tue, 21 Jun 2022 12:31:17 GMT
server
cloudflare
etag
"794c84d30e213ec6a144d64215f07551"
vary
Accept-Encoding
x-goog-generation
1655814677405990
content-type
image/png
content-language
en
x-goog-hash
crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
cache-control
public, max-age=7200
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4Ecb9JhSWCsfg%2FNzNidXL7iqra2ug3h7SF8BHf2LYfuOKpFUuXoQRSmXKPss1SA7mrkKl9xEUfb%2BNTi0GtEyoQBc0Rmmk1UfyBdwCXgJODsDjqwJG4FrmVD7XPXWjYmktvpHPcji8f19K5WcJNoMrGoP"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
3262
accept-ranges
bytes
cf-ray
7a8999b9ff282c4f-FRA
expires
Thu, 16 Mar 2023 02:18:59 GMT
ws-ad.js
wfpscripts.webspectator.com/ Frame C346 		21 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wfpscripts.webspectator.com/ws-ad.js
Requested by
Host: webservices.webspectator.com
URL: https://webservices.webspectator.com/adunitMapping?appId=2739&eaup=/22452847/Istoe_Home&eolid=null&eci=null&ct=%7B%7D&w=300&h=250&wsRotSlot=&isda=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.1.252.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-252-251.compute-1.amazonaws.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
9d02c3facc410ee6a9dceade80ce0bc710f6037df881453124d3f5c83a6241b5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://istoe.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:35:02 GMT
content-encoding
gzip
last-modified
Tue, 12 Feb 2019 15:34:42 GMT
server
nginx/1.10.3 (Ubuntu)
etag
"5134affc2f01c20ef17e399c5c7cbfbd"
x-cache-status
HIT
content-type
application/javascript
cache-control
max-age=300
content-length
8492
default.css
as.ad4m.at/ad/style/0.1.35/one-ad/ Frame 31EB 		94 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.35/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975&b=Z28fwfBfz65xcmHDHDt3tJ41C6SXTQQefY5jB&f=9kMaMfmfdxAeTKHBH2tzCrAPh9SmTzzmSrbBX&c=300&d=50&e=&g=cd1fb562a5c28a206adb2f621606ffec%2F12969081154049086728&i=20597&j=21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1678934102002&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kw2v85m5xpjr2ywr1z63batqxjr7se1q050nq2c803qdb8petef495yd83rxz6p54p6an3rk8w13c0nr1ephp70t766b0f19m3pbn75qc7mkhvge82essvm9ykmrc974bahsaxhndkwjz8cchgw2nba68gb89k5k9e5e6b727rah696z8z32s4ec9tbaxg2ffqqe1b477m36zw7dh5j87sh42g5q6f5nyeqw14smr0p6whpa60zs9h28nmr6y761qdz33xxxcqp2cwj26d0fqwe%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC1PsgVYASZMPXFtPl7gOmtYSIDJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2NjM3NTM0Njc5OTk1OTTIAQmpAgDnZx5_v7E-4AIAqAMBqgSAAk_Q7KJpvZhMgEubt9hAermc6GrbdHIM1pm8a1K-2TI0EQLg4DH6JMTjB1_XbCsEy65MkF9VLvZ-AepGxjtuiYjUut4GZTZsO2niciZJNqJbhYdbu8Br24a-6Z1LsumTq-cJSUkaF6PlsQRrVYfkm2sF6xytxlo8fuWswthrnVVr6zTJdHiaAuJzuw-VsPrFZ4fuYMqkwOAB-DmmB37--yVDV4YxLMQeJWUXmx_nyxZ40BE4uF3qveoCCxUZr92k7j0yGd2pD9vpXykMxHUGlM8JTylQGqSJRAxw9QU0kFZz7LtAs6eIB77MbHE4ZXbta0pmWUYcSzpCcNsgI8RcrLzgBAGABpqW_rH7lvf1yAGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2-SAun4UsMWBuXvTgeIAvi4nR7uw%2526client%253Dca-pub-4663753467999594%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
926a4ca073c39c40cabffbf1b0371803f245f084cdb9177fc7b3f9d81c0e394d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/rar?a=183975&b=Z28fwfBfz65xcmHDHDt3tJ41C6SXTQQefY5jB&f=9kMaMfmfdxAeTKHBH2tzCrAPh9SmTzzmSrbBX&c=300&d=50&e=&g=cd1fb562a5c28a206adb2f621606ffec%2F12969081154049086728&i=20597&j=21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1678934102002&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kw2v85m5xpjr2ywr1z63batqxjr7se1q050nq2c803qdb8petef495yd83rxz6p54p6an3rk8w13c0nr1ephp70t766b0f19m3pbn75qc7mkhvge82essvm9ykmrc974bahsaxhndkwjz8cchgw2nba68gb89k5k9e5e6b727rah696z8z32s4ec9tbaxg2ffqqe1b477m36zw7dh5j87sh42g5q6f5nyeqw14smr0p6whpa60zs9h28nmr6y761qdz33xxxcqp2cwj26d0fqwe%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC1PsgVYASZMPXFtPl7gOmtYSIDJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2NjM3NTM0Njc5OTk1OTTIAQmpAgDnZx5_v7E-4AIAqAMBqgSAAk_Q7KJpvZhMgEubt9hAermc6GrbdHIM1pm8a1K-2TI0EQLg4DH6JMTjB1_XbCsEy65MkF9VLvZ-AepGxjtuiYjUut4GZTZsO2niciZJNqJbhYdbu8Br24a-6Z1LsumTq-cJSUkaF6PlsQRrVYfkm2sF6xytxlo8fuWswthrnVVr6zTJdHiaAuJzuw-VsPrFZ4fuYMqkwOAB-DmmB37--yVDV4YxLMQeJWUXmx_nyxZ40BE4uF3qveoCCxUZr92k7j0yGd2pD9vpXykMxHUGlM8JTylQGqSJRAxw9QU0kFZz7LtAs6eIB77MbHE4ZXbta0pmWUYcSzpCcNsgI8RcrLzgBAGABpqW_rH7lvf1yAGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2-SAun4UsMWBuXvTgeIAvi4nR7uw%2526client%253Dca-pub-4663753467999594%2526adurl%253D&y=1&s=&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:35:02 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime
1677666448
age
57690
cf-polished
origSize=96968
x-guploader-uploadid
ADPycduxnnyMRJTFaD4Dg7Hd8aRn6xTYu1PRy7TXWWh0GjCBxwAMZMkehaNAf-UCycuwqnGLPQWuj1EZCp5aL6ZRZOMYGSoR-sy7
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 01 Mar 2023 10:28:06 GMT
server
cloudflare
etag
W/"6110dc3a24c902508647a582294bcc25"
vary
Accept-Encoding
x-goog-generation
1677666486645030
content-type
text/css
x-goog-hash
crc32c=6qzuyQ==, md5=YRDcOiTJAlCGR6WCKUvMJQ==
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hfujmH9QI2AoaczFqPPnTAI5%2Bkuq%2F5WBIR3zylfMfxd4u4%2FiYXnIk4%2FimHXQ7zBwWHZAp98G30AEInoR4pgsaRtk3KUw8FIYRnGaVfK%2BgNKuiXhiKli1yMkewu7V6QsFYnEAagRwoiE%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
96968
cf-ray
7a8999ba1ad79213-FRA
expires
Thu, 16 Mar 2023 03:35:02 GMT
F9B39585BFA0505D63AEC15D6DB1B02D9089CB0BB1445FD9678DBB04C32C81A56DC3B966E24F60B1752A92F908AA27DE3F0994E5B1621436EB0D2328EC61055B
assets.ad4m.at/logo/ Frame 31EB 		127 KB
128 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/F9B39585BFA0505D63AEC15D6DB1B02D9089CB0BB1445FD9678DBB04C32C81A56DC3B966E24F60B1752A92F908AA27DE3F0994E5B1621436EB0D2328EC61055B
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975&b=Z28fwfBfz65xcmHDHDt3tJ41C6SXTQQefY5jB&f=9kMaMfmfdxAeTKHBH2tzCrAPh9SmTzzmSrbBX&c=300&d=50&e=&g=cd1fb562a5c28a206adb2f621606ffec%2F12969081154049086728&i=20597&j=21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1678934102002&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kw2v85m5xpjr2ywr1z63batqxjr7se1q050nq2c803qdb8petef495yd83rxz6p54p6an3rk8w13c0nr1ephp70t766b0f19m3pbn75qc7mkhvge82essvm9ykmrc974bahsaxhndkwjz8cchgw2nba68gb89k5k9e5e6b727rah696z8z32s4ec9tbaxg2ffqqe1b477m36zw7dh5j87sh42g5q6f5nyeqw14smr0p6whpa60zs9h28nmr6y761qdz33xxxcqp2cwj26d0fqwe%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC1PsgVYASZMPXFtPl7gOmtYSIDJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2NjM3NTM0Njc5OTk1OTTIAQmpAgDnZx5_v7E-4AIAqAMBqgSAAk_Q7KJpvZhMgEubt9hAermc6GrbdHIM1pm8a1K-2TI0EQLg4DH6JMTjB1_XbCsEy65MkF9VLvZ-AepGxjtuiYjUut4GZTZsO2niciZJNqJbhYdbu8Br24a-6Z1LsumTq-cJSUkaF6PlsQRrVYfkm2sF6xytxlo8fuWswthrnVVr6zTJdHiaAuJzuw-VsPrFZ4fuYMqkwOAB-DmmB37--yVDV4YxLMQeJWUXmx_nyxZ40BE4uF3qveoCCxUZr92k7j0yGd2pD9vpXykMxHUGlM8JTylQGqSJRAxw9QU0kFZz7LtAs6eIB77MbHE4ZXbta0pmWUYcSzpCcNsgI8RcrLzgBAGABpqW_rH7lvf1yAGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2-SAun4UsMWBuXvTgeIAvi4nR7uw%2526client%253Dca-pub-4663753467999594%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
418c1cc5e3fe5dab64df68fee91403c4af6a0b5ee68f12c2717956b216b08b8b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:35:02 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
116960
cf-polished
origFmt=png, origSize=233620
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
130162
cf-bgj
imgq:85,h2pri
last-modified
Tue, 29 Mar 2022 07:10:51 GMT
server
cloudflare
etag
"d1d171dd651522f41a2fc0dba256a546"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RqledKgUhKhhacv0iiaJ%2FfBwVDgCFxNZBTxHPexPIlB945OuH2SomSTBHTrUtHuvWYFhvdVsk06bIOqGB9qL1wn9yh8Kx7qIK5h7Vw9FBkozqMDfYezQ6B9uaUjyP6MCO3jy2%2BDK%2BrMFwH9B"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7a8999ba1ad89213-FRA
expires
Fri, 17 Mar 2023 02:35:02 GMT
1408E404D125984EC307986C30204BFB93CEF5A079A8B664A2AB24EB8E10E04B06FC2810F2A3432611FA8E4EB56D40C4CE476E3578F76162AC45AD15ADEE2CC0
assets.ad4m.at/product_image/ Frame 31EB 		461 KB
461 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/1408E404D125984EC307986C30204BFB93CEF5A079A8B664A2AB24EB8E10E04B06FC2810F2A3432611FA8E4EB56D40C4CE476E3578F76162AC45AD15ADEE2CC0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975&b=Z28fwfBfz65xcmHDHDt3tJ41C6SXTQQefY5jB&f=9kMaMfmfdxAeTKHBH2tzCrAPh9SmTzzmSrbBX&c=300&d=50&e=&g=cd1fb562a5c28a206adb2f621606ffec%2F12969081154049086728&i=20597&j=21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1678934102002&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kw2v85m5xpjr2ywr1z63batqxjr7se1q050nq2c803qdb8petef495yd83rxz6p54p6an3rk8w13c0nr1ephp70t766b0f19m3pbn75qc7mkhvge82essvm9ykmrc974bahsaxhndkwjz8cchgw2nba68gb89k5k9e5e6b727rah696z8z32s4ec9tbaxg2ffqqe1b477m36zw7dh5j87sh42g5q6f5nyeqw14smr0p6whpa60zs9h28nmr6y761qdz33xxxcqp2cwj26d0fqwe%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC1PsgVYASZMPXFtPl7gOmtYSIDJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2NjM3NTM0Njc5OTk1OTTIAQmpAgDnZx5_v7E-4AIAqAMBqgSAAk_Q7KJpvZhMgEubt9hAermc6GrbdHIM1pm8a1K-2TI0EQLg4DH6JMTjB1_XbCsEy65MkF9VLvZ-AepGxjtuiYjUut4GZTZsO2niciZJNqJbhYdbu8Br24a-6Z1LsumTq-cJSUkaF6PlsQRrVYfkm2sF6xytxlo8fuWswthrnVVr6zTJdHiaAuJzuw-VsPrFZ4fuYMqkwOAB-DmmB37--yVDV4YxLMQeJWUXmx_nyxZ40BE4uF3qveoCCxUZr92k7j0yGd2pD9vpXykMxHUGlM8JTylQGqSJRAxw9QU0kFZz7LtAs6eIB77MbHE4ZXbta0pmWUYcSzpCcNsgI8RcrLzgBAGABpqW_rH7lvf1yAGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2-SAun4UsMWBuXvTgeIAvi4nR7uw%2526client%253Dca-pub-4663753467999594%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ec335cbc056796d69797fd1ef82fc0abd9159579add0bf72e3f54fc0acba786b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:35:02 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1626399
cf-polished
origFmt=png, origSize=731561
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
471752
cf-bgj
imgq:85,h2pri
last-modified
Tue, 29 Mar 2022 07:03:31 GMT
server
cloudflare
etag
"1b69278243c107df5b11186b1f6ca585"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VfQ4PIu7jBsrTcNSEWWbRY1Kb1oEUgakreppzOEJb9SDpiNpnAYNZYY%2BSgoI6MYu3qravXBNQEo8EwEy2xodiRw6BoxKmx3HECWNPxcw%2BNXauPsa%2BLnmIL%2BPW8ZowW1t1Etf9jTD8VyHbgmQ"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7a8999ba6b009213-FRA
expires
Fri, 17 Mar 2023 02:35:02 GMT
frame.html
ad4m.at/ Frame 1BCC 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
293467
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
public, max-age=3600
cf-cache-status
HIT
cf-ray
7a8999ba5aff9213-FRA
content-encoding
br
content-language
en
content-type
text/html; charset=utf-8
date
Thu, 16 Mar 2023 02:35:02 GMT
expires
Mon, 27 Feb 2023 21:37:06 GMT
last-modified
Thu, 25 Aug 2022 14:12:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OkrXlMzxtNJ6RJFlAb5VRHa0F8eviypm4amvzshV2riIHwt2bpof3YQGvnOPMY8aRiIj4d2N%2F0BjRtKoHWSVgWm5rqs3VvaaLeCMe9mg3qU0wi9HIxN6WMlz6YLAr%2BhWxNuPATo%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
container.html
3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 0BE8 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031301.js?cb=31073052
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://istoe.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
3
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 16 Mar 2023 02:34:59 GMT
expires
Fri, 15 Mar 2024 02:34:59 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
SystemPersona
www.dataunion.com.br/Home/ 		37 B
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.dataunion.com.br/Home/SystemPersona
Requested by
Host: www.dataunion.com.br
URL: https://www.dataunion.com.br/6e5a2071-a481-4f87-a09b-4f996121ee30
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
187.72.39.252 São Paulo, Brazil, ASN16735 (ALGAR TELECOM SA, BR),
Reverse DNS
www.dataunion.com.br
Software
/
Resource Hash
e72da6c6070859082c40ba44a3a4f6d69a53bc018e0c07ca54a56d764f6f8760

Request headers

Referer
https://istoe.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Thu, 16 Mar 2023 02:35:01 GMT
content-encoding
gzip
access-control-allow-methods
GET, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
content-length
57
SystemTreatment
www.dataunion.com.br/Home/ 		4 B
63 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.dataunion.com.br/Home/SystemTreatment
Requested by
Host: www.dataunion.com.br
URL: https://www.dataunion.com.br/6e5a2071-a481-4f87-a09b-4f996121ee30
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
187.72.39.252 São Paulo, Brazil, ASN16735 (ALGAR TELECOM SA, BR),
Reverse DNS
www.dataunion.com.br
Software
/
Resource Hash
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Referer
https://istoe.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Thu, 16 Mar 2023 02:35:01 GMT
content-encoding
gzip
access-control-allow-methods
GET, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
content-length
24
link.html
track.webgains.com/ Frame 31EB 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=2194035&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1g1emt6x4hveq38h0xm53xsn2sde1wc02qzv0kegk6axcywgys23v179h42t8k4sn3pdts6cz48hhyezbhw1d187ryqhaenszrq8h7xerca1sna0me36328ff5xmkq06hchys3xktvcterh0zks4a54ben37rvp0nkvqpac0h2qsccchh1av897x4j25dqnfq99q9kecya554hkn904tk1eej1g5hrd9mfkg3px8y3hwncfapbp0qdc76wmc0pveryrww%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1kw2v85m5xpjr2ywr1z63batqxjr7se1q050nq2c803qdb8petef495yd83rxz6p54p6an3rk8w13c0nr1ephp70t766b0f19m3pbn75qc7mkhvge82essvm9ykmrc974bahsaxhndkwjz8cchgw2nba68gb89k5k9e5e6b727rah696z8z32s4ec9tbaxg2ffqqe1b477m36zw7dh5j87sh42g5q6f5nyeqw14smr0p6whpa60zs9h28nmr6y761qdz33xxxcqp2cwj26d0fqwe%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC1PsgVYASZMPXFtPl7gOmtYSIDJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2NjM3NTM0Njc5OTk1OTTIAQmpAgDnZx5_v7E-4AIAqAMBqgSAAk_Q7KJpvZhMgEubt9hAermc6GrbdHIM1pm8a1K-2TI0EQLg4DH6JMTjB1_XbCsEy65MkF9VLvZ-AepGxjtuiYjUut4GZTZsO2niciZJNqJbhYdbu8Br24a-6Z1LsumTq-cJSUkaF6PlsQRrVYfkm2sF6xytxlo8fuWswthrnVVr6zTJdHiaAuJzuw-VsPrFZ4fuYMqkwOAB-DmmB37--yVDV4YxLMQeJWUXmx_nyxZ40BE4uF3qveoCCxUZr92k7j0yGd2pD9vpXykMxHUGlM8JTylQGqSJRAxw9QU0kFZz7LtAs6eIB77MbHE4ZXbta0pmWUYcSzpCcNsgI8RcrLzgBAGABpqW_rH7lvf1yAGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_2-SAun4UsMWBuXvTgeIAvi4nR7uw%252526client%25253Dca-pub-4663753467999594%252526adurl%25253D&clickref=oneid9kMaMfmfdxAeTKHBH2tzCrAPh9SmTzzmSrbBXoneid__suite_Netmix_Reach121_BESTPERFORMER&viewref=oneidZ28fwfBfz65xcmHDHDt3tJ41C6SXTQQefY5jBoneid__suite_Netmix_Reach121_BESTPERFORMER
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975&b=Z28fwfBfz65xcmHDHDt3tJ41C6SXTQQefY5jB&f=9kMaMfmfdxAeTKHBH2tzCrAPh9SmTzzmSrbBX&c=300&d=50&e=&g=cd1fb562a5c28a206adb2f621606ffec%2F12969081154049086728&i=20597&j=21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1678934102002&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kw2v85m5xpjr2ywr1z63batqxjr7se1q050nq2c803qdb8petef495yd83rxz6p54p6an3rk8w13c0nr1ephp70t766b0f19m3pbn75qc7mkhvge82essvm9ykmrc974bahsaxhndkwjz8cchgw2nba68gb89k5k9e5e6b727rah696z8z32s4ec9tbaxg2ffqqe1b477m36zw7dh5j87sh42g5q6f5nyeqw14smr0p6whpa60zs9h28nmr6y761qdz33xxxcqp2cwj26d0fqwe%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC1PsgVYASZMPXFtPl7gOmtYSIDJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2NjM3NTM0Njc5OTk1OTTIAQmpAgDnZx5_v7E-4AIAqAMBqgSAAk_Q7KJpvZhMgEubt9hAermc6GrbdHIM1pm8a1K-2TI0EQLg4DH6JMTjB1_XbCsEy65MkF9VLvZ-AepGxjtuiYjUut4GZTZsO2niciZJNqJbhYdbu8Br24a-6Z1LsumTq-cJSUkaF6PlsQRrVYfkm2sF6xytxlo8fuWswthrnVVr6zTJdHiaAuJzuw-VsPrFZ4fuYMqkwOAB-DmmB37--yVDV4YxLMQeJWUXmx_nyxZ40BE4uF3qveoCCxUZr92k7j0yGd2pD9vpXykMxHUGlM8JTylQGqSJRAxw9QU0kFZz7LtAs6eIB77MbHE4ZXbta0pmWUYcSzpCcNsgI8RcrLzgBAGABpqW_rH7lvf1yAGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2-SAun4UsMWBuXvTgeIAvi4nR7uw%2526client%253Dca-pub-4663753467999594%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.132.110.241 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-132-110-241.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
490e13f989c599b1ec48f135c287703eae89692cf7d573ca82ae339c52d1fffc

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:35:02 GMT
last-modified
Thu, 16 Mar 2023 02:35:02 GMT
server
nginx
x-powered-by
PHP/7.4.26
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=60
access-control-allow-headers
Authorization
expires
Thu, 16 Mar 2023 02:36:02 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 0BE8 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CXD7aVYASZPOwM_Xgx_AP58il0AHJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2NjM3NTM0Njc5OTk1OTTIAQmpAgDnZx5_v7E-4AIAqAMBqgSBAk_QZ1_AETdkrhzfclfKtbKewy0r-RCp7BpvyMlkU_csQRrxdUDwH8E5pDKQ7TsAkd2siBzxGXfLm4Cbw2KMNbzpFChu4IHYditfQ7NDCXpo4trBmjfo0wrlgJNJ6Ev6V8dFa9d1WQccCko_PaH25bvM6qy9XC9Owywc7eqrp4nCbUdre9_F1X8QT5cjJ1K7EauXK0O12VMBMxs2JhUNtS59tfgFuWpTR9APCRFBqOtc5UDpgCxa3AJlp3WiXfA7I0opOnBdsHpcSM5oE1PnlDv9hSqJN6CTO4WoTPz-I9Z4uc7yQdZJ4c1rXew2X75ifuNk1f-BTcre1yLO9m8BtvNd4AQBgAaDlJjj1KzUrV2gBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBAgAoB-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTQ2NjM3NTM0Njc5OTk1OTQYh7AO&sigh=oFz5WcSk0Qg&uach_m=[UACH]&cid=CAQSPADUE5ymG9DM25-uMap2Swo8jUg1qO_qUPT0uXuKCRud8pgmYcUUhEVm02zE5A9nNHegLGOPZ7IOIDO7kBgB
Requested by
Host: istoe.com.br
URL: https://istoe.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers
notify
rtb.fr.eu.criteo.com/google/auction/ Frame 0BE8 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=kP79Euv_CsoH-gGdg2ICAgAAAHU6N8dud3yQEFWAEmTJfaB8vQwc900mAAASAAAKDkFRVUJCUVlCQlFFQkJR&wp=ZBKAVQAM2HMIEfB1AAlkZ_9xwddT7hYBjNkCew
Requested by
Host: istoe.com.br
URL: https://istoe.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::2 -, , ASN (),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:35:01 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
184356
content-length
0
afr.php
ads.eu.criteo.com/delivery/r/ Frame BFE8 		150 KB
49 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=ZBKAVQAM2HMIEfB1AAlkZ_9xwddT7hYBjNkCew&u=%7CtL5M0cBJr6hUM1OTb3nul9t2gLQ456%2FJKMSvvDk%2FLl4%3D%7C&c1=YJ4X_nXZn4MS-Vyc1jpPlV4VTPO6xzWbMW9ePYRMUYXVfUoF4cAXWY4IDGxyAu5zOLBuBlPze-AX3ZVsQJGtw57CEIsnB4xvtzisV2IamoyYEv1G_xfosXphBmvyyeWyLHYscSWQnlN-n8ol_-8rBJfNE9hQ7t8p6M-wzoRjP6MI1XytYNZGZcpQbBu1mDk019XTpzxA0F3xm_LOZiIVwdvebgqO5IebWmPwZ7gwyhp9Oje4AYyrbnKfyGeLRyR3-B5qYHoHy-L5ul2timwYyhI0n_Ar_x-1a5Ps_hL8WZL_sjIy8ZX6eILr-Z_M614usVHFhEJMcAkPrRvWkmnyFe4yJ-vPn6A0CPBKO84wVDG7RvouXE_5fcPZ0eUr0Kn3mWEcReZsyrE4GXr3YSJTKaDEAOA_e-BbjYvTKZ1uzwHtBOX26TPw-UQaVA7xMWVf7JGQkW9NoJDE_M7uW6Ks3LgD3cBXrEI0wk-bUvJv7Ym_fNw9-cMMfl3EB23U2ZRS-zKhxm1uej0Q1SXI8HMTmCgpBjKcO9QU6VhIXg61MGDmfXbgzax187gYGsaqDUWJa2DumDTi3tF7NKLxclI049DHTCd_yRTfPkCfHxyv1j4Ws5hyjxYkdy5LZqNKcB73qKRcNMmGUls&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCOydXVYASZPOwM_Xgx_AP58il0AHJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2NjM3NTM0Njc5OTk1OTTIAQmpAgDnZx5_v7E-4AIAqAMBqgSEAk_QZ1_AETdkrhzfclfKtbKewy0r-RCp7BpvyMlkU_csQRrxdUDwH8E5pDKQ7TsAkd2siBzxGXfLm4Cbw2KMNbzpFChu4IHYditfQ7NDCXpo4trBmjfo0wrlgJNJ6Ev6V8dFa9d1WQccCko_PaH25bvM6qy9XC9Owywc7eqrp4nCbUdre9_F1X8QT5cjJ1K7EauXK0O12VMBMxs2JhUNtS59tfgFuWpTR9APCRFBqOtc5UDpgCxa3AJlp3WiXfA7I0opOnBdsHpcSM5oE1PnlDv9hSqJN6CTO4WoTL78AkT_NlLh_kpdQh1W-xQ_S7TUdM18V0tJcGwsaDzi7uqrMuDiJ8Rn4AQBgAaDlJjj1KzUrV2gBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1ZxzDPY8B0zZOaUZ2Q4TddrRDzCg%26client%3Dca-pub-4663753467999594%26adurl%3D
Requested by
Host: 3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com
URL: https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
a4089d5c56ae6a3a4ceed8e65e475872081884cfc137a2542d156997466f8c09
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Thu, 16 Mar 2023 02:35:01 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=b34X4ZbAYzd9tt7luo2V7jaNB7LzZLJ6jJOPcYajF_aEVmghjfKcG_GSxlR5UCuTVZYXKWJFnm2fHqOxFwWT5Ll2lh6fRX6MCBZoiTB2jW6Ei7E4O8ije1f_Za7rk2zI7EVfEw6aEjvbLIH8wuf9iOf1DZmHZ_VITBNnxr29_qKmOth2RPg8GtApSyABMQhZczDkcl0w6gqH2xeZyJd8du4yradHZL6Lrvk3fqmOfppk8nkPilTH9JgEkcyiEwFYeR7XYA"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
49506458
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230314/r20110914/client/ Frame 0BE8 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230314/r20110914/client/window_focus_fy2021.js
Requested by
Host: 3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com
URL: https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 15 Mar 2023 22:31:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
14632
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 29 Mar 2023 22:31:10 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame EECF 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com
URL: https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
51101
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 15 Mar 2023 12:23:21 GMT
etag
48472445140208031
expires
Thu, 16 Mar 2023 12:23:21 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230314/r20110914/client/ Frame 0BE8 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230314/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com
URL: https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a9161954861bb1fd7d5044d99f9ce04137b3836979ce8c5c75d224642f57c3f9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 15 Mar 2023 18:10:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
30270
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8559
x-xss-protection
0
server
cafe
etag
11326455550778179109
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 29 Mar 2023 18:10:32 GMT
l
www.google.com/ads/measurement/ Frame 0BE8 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQhaMwlbiqVYppK5Si0IEVf9As4lqi5onV0HESSDfC_5Ig1Pbkypon9UVrGKVy6SX4NrB310Uu6xZBSSKB1ulFFor2roA
Requested by
Host: 3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com
URL: https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 0BE8 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com
URL: https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 09 Mar 2023 10:51:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
575013
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 08 Mar 2024 10:51:29 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 0BE8 		158 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com
URL: https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3456dcd3eb25196e68e2822cca66a20c2f123bedf5986f159be674e4c40a05cb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:35:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49519
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1678880156327103"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 16 Mar 2023 02:35:02 GMT
adunitMapping
webservices.webspectator.com/ Frame 85ED 		727 B
767 B 		Script
General
Check archive.org
Download Go to
Full URL
https://webservices.webspectator.com/adunitMapping?appId=2739&eaup=/22452847/Istoe_Home&eolid=null&eci=null&ct=%7B%7D&w=300&h=600&wsRotSlot=&isda=1
Requested by
Host: wfpscripts.webspectator.com
URL: https://wfpscripts.webspectator.com/ws-4.4.62.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.192.67.210 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-192-67-210.compute-1.amazonaws.com
Software
WildFly/10 / Undertow/1
Resource Hash
6dd9bc6ee0533fd57234b394dd8f94f20dc6c859363d5eea185a0b4991215861

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://istoe.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 16 Mar 2023 02:35:02 GMT
Content-Encoding
gzip
Server
WildFly/10
X-Powered-By
Undertow/1
Transfer-Encoding
chunked
Content-Type
text/javascript;charset=UTF-8
X-NoCache
true
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Jan 1970 00:00:00 GMT
rs
ad4m.at/ Frame 73A8 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bda78dc14119f22570204d0b36b92a55815f37baa2b6354a2c087917dbc485ed

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 16 Mar 2023 02:35:02 GMT
via
1.1 google
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pPoFSzClKWylf%2B%2BtMO4OREv71KsXE5Vw%2FERGr2EfLYPv544DQlYe7zX%2Bt0tVGgYXBkqVw9m9DZPD3lsGlh8RYKFkp0bBbg0bNwFDWkD7C0UI0cqbhTZBIStprdBd96R8EfAEGz4%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://as.ad4m.at
access-control-allow-credentials
true
cf-ray
7a8999bb3a809295-FRA
x-backend-server
aa-reachservice-group-europe-west1-8tkt
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
rs
ad4m.at/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin
https://as.ad4m.at
access-control-max-age
1800
allow
HEAD,POST,GET,OPTIONS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7a8999bb0a639295-FRA
content-length
24
content-type
text/plain
date
Thu, 16 Mar 2023 02:35:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BXBjCvJWPkU7i%2Fiqdqs6I8Zk2l03R89WBAb6Ha3%2BkQd9L%2BMRigACJrfdSNaUSuDewnJPgemB%2Bz5vrs6BoWVF0VP3tEosKIyLiRXN5ClArSzROsH8llH49A614u%2FrXMV0dHIX3Y0%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
via
1.1 google
x-backend-server
aa-reachservice-group-europe-west1-8tkt
pvClk.min.js
analytics.webgains.io/ Frame 31EB 		85 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.webgains.io/pvClk.min.js
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=2194035&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1g1emt6x4hveq38h0xm53xsn2sde1wc02qzv0kegk6axcywgys23v179h42t8k4sn3pdts6cz48hhyezbhw1d187ryqhaenszrq8h7xerca1sna0me36328ff5xmkq06hchys3xktvcterh0zks4a54ben37rvp0nkvqpac0h2qsccchh1av897x4j25dqnfq99q9kecya554hkn904tk1eej1g5hrd9mfkg3px8y3hwncfapbp0qdc76wmc0pveryrww%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1kw2v85m5xpjr2ywr1z63batqxjr7se1q050nq2c803qdb8petef495yd83rxz6p54p6an3rk8w13c0nr1ephp70t766b0f19m3pbn75qc7mkhvge82essvm9ykmrc974bahsaxhndkwjz8cchgw2nba68gb89k5k9e5e6b727rah696z8z32s4ec9tbaxg2ffqqe1b477m36zw7dh5j87sh42g5q6f5nyeqw14smr0p6whpa60zs9h28nmr6y761qdz33xxxcqp2cwj26d0fqwe%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC1PsgVYASZMPXFtPl7gOmtYSIDJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2NjM3NTM0Njc5OTk1OTTIAQmpAgDnZx5_v7E-4AIAqAMBqgSAAk_Q7KJpvZhMgEubt9hAermc6GrbdHIM1pm8a1K-2TI0EQLg4DH6JMTjB1_XbCsEy65MkF9VLvZ-AepGxjtuiYjUut4GZTZsO2niciZJNqJbhYdbu8Br24a-6Z1LsumTq-cJSUkaF6PlsQRrVYfkm2sF6xytxlo8fuWswthrnVVr6zTJdHiaAuJzuw-VsPrFZ4fuYMqkwOAB-DmmB37--yVDV4YxLMQeJWUXmx_nyxZ40BE4uF3qveoCCxUZr92k7j0yGd2pD9vpXykMxHUGlM8JTylQGqSJRAxw9QU0kFZz7LtAs6eIB77MbHE4ZXbta0pmWUYcSzpCcNsgI8RcrLzgBAGABpqW_rH7lvf1yAGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_2-SAun4UsMWBuXvTgeIAvi4nR7uw%252526client%25253Dca-pub-4663753467999594%252526adurl%25253D&clickref=oneid9kMaMfmfdxAeTKHBH2tzCrAPh9SmTzzmSrbBXoneid__suite_Netmix_Reach121_BESTPERFORMER&viewref=oneidZ28fwfBfz65xcmHDHDt3tJ41C6SXTQQefY5jBoneid__suite_Netmix_Reach121_BESTPERFORMER
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-120.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
00c5621a3f56c052959f8f0591b65e893f132b49b1447fde20767966cacbfbfe

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 15 Mar 2023 17:26:36 GMT
content-encoding
gzip
via
1.1 da392114e7046bd9720a70f40c796f62.cloudfront.net (CloudFront)
last-modified
Wed, 08 Mar 2023 12:12:35 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P4
age
32907
etag
W/"876c293e6c37046ecb0c11ce2e276942"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
x-amz-cf-id
Ay055wJxxqWJM-ucUXNpVQcyYYztFq4efy8srNlF_tPbGI01BwoKkw==
link.html
track.webgains.com/ Frame 31EB 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.webgains.com/link.html?wgdedup=1&wgcampaignid=1384975&viewref=oneidZ28fwfBfz65xcmHDHDt3tJ41C6SXTQQefY5jBoneid__suite_Netmix_Reach121_BESTPERFORMER&wglinkid=2194035
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975&b=Z28fwfBfz65xcmHDHDt3tJ41C6SXTQQefY5jB&f=9kMaMfmfdxAeTKHBH2tzCrAPh9SmTzzmSrbBX&c=300&d=50&e=&g=cd1fb562a5c28a206adb2f621606ffec%2F12969081154049086728&i=20597&j=21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1678934102002&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kw2v85m5xpjr2ywr1z63batqxjr7se1q050nq2c803qdb8petef495yd83rxz6p54p6an3rk8w13c0nr1ephp70t766b0f19m3pbn75qc7mkhvge82essvm9ykmrc974bahsaxhndkwjz8cchgw2nba68gb89k5k9e5e6b727rah696z8z32s4ec9tbaxg2ffqqe1b477m36zw7dh5j87sh42g5q6f5nyeqw14smr0p6whpa60zs9h28nmr6y761qdz33xxxcqp2cwj26d0fqwe%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC1PsgVYASZMPXFtPl7gOmtYSIDJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2NjM3NTM0Njc5OTk1OTTIAQmpAgDnZx5_v7E-4AIAqAMBqgSAAk_Q7KJpvZhMgEubt9hAermc6GrbdHIM1pm8a1K-2TI0EQLg4DH6JMTjB1_XbCsEy65MkF9VLvZ-AepGxjtuiYjUut4GZTZsO2niciZJNqJbhYdbu8Br24a-6Z1LsumTq-cJSUkaF6PlsQRrVYfkm2sF6xytxlo8fuWswthrnVVr6zTJdHiaAuJzuw-VsPrFZ4fuYMqkwOAB-DmmB37--yVDV4YxLMQeJWUXmx_nyxZ40BE4uF3qveoCCxUZr92k7j0yGd2pD9vpXykMxHUGlM8JTylQGqSJRAxw9QU0kFZz7LtAs6eIB77MbHE4ZXbta0pmWUYcSzpCcNsgI8RcrLzgBAGABpqW_rH7lvf1yAGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2-SAun4UsMWBuXvTgeIAvi4nR7uw%2526client%253Dca-pub-4663753467999594%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.132.110.241 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-132-110-241.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
e634cdea6fc8a42921753f7da1799c4719b763400d8891a778bdcc519e43c919

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:35:02 GMT
last-modified
Thu, 16 Mar 2023 02:35:02 GMT
server
nginx
x-powered-by
PHP/7.4.26
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
private, max-age=60
access-control-allow-headers
Authorization
expires
Thu, 16 Mar 2023 02:36:02 GMT
privacy_small.svg
static.criteo.net/flash/icon/ Frame BFE8 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZBKAVQAM2HMIEfB1AAlkZ_9xwddT7hYBjNkCew&u=%7CtL5M0cBJr6hUM1OTb3nul9t2gLQ456%2FJKMSvvDk%2FLl4%3D%7C&c1=YJ4X_nXZn4MS-Vyc1jpPlV4VTPO6xzWbMW9ePYRMUYXVfUoF4cAXWY4IDGxyAu5zOLBuBlPze-AX3ZVsQJGtw57CEIsnB4xvtzisV2IamoyYEv1G_xfosXphBmvyyeWyLHYscSWQnlN-n8ol_-8rBJfNE9hQ7t8p6M-wzoRjP6MI1XytYNZGZcpQbBu1mDk019XTpzxA0F3xm_LOZiIVwdvebgqO5IebWmPwZ7gwyhp9Oje4AYyrbnKfyGeLRyR3-B5qYHoHy-L5ul2timwYyhI0n_Ar_x-1a5Ps_hL8WZL_sjIy8ZX6eILr-Z_M614usVHFhEJMcAkPrRvWkmnyFe4yJ-vPn6A0CPBKO84wVDG7RvouXE_5fcPZ0eUr0Kn3mWEcReZsyrE4GXr3YSJTKaDEAOA_e-BbjYvTKZ1uzwHtBOX26TPw-UQaVA7xMWVf7JGQkW9NoJDE_M7uW6Ks3LgD3cBXrEI0wk-bUvJv7Ym_fNw9-cMMfl3EB23U2ZRS-zKhxm1uej0Q1SXI8HMTmCgpBjKcO9QU6VhIXg61MGDmfXbgzax187gYGsaqDUWJa2DumDTi3tF7NKLxclI049DHTCd_yRTfPkCfHxyv1j4Ws5hyjxYkdy5LZqNKcB73qKRcNMmGUls&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCOydXVYASZPOwM_Xgx_AP58il0AHJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2NjM3NTM0Njc5OTk1OTTIAQmpAgDnZx5_v7E-4AIAqAMBqgSEAk_QZ1_AETdkrhzfclfKtbKewy0r-RCp7BpvyMlkU_csQRrxdUDwH8E5pDKQ7TsAkd2siBzxGXfLm4Cbw2KMNbzpFChu4IHYditfQ7NDCXpo4trBmjfo0wrlgJNJ6Ev6V8dFa9d1WQccCko_PaH25bvM6qy9XC9Owywc7eqrp4nCbUdre9_F1X8QT5cjJ1K7EauXK0O12VMBMxs2JhUNtS59tfgFuWpTR9APCRFBqOtc5UDpgCxa3AJlp3WiXfA7I0opOnBdsHpcSM5oE1PnlDv9hSqJN6CTO4WoTL78AkT_NlLh_kpdQh1W-xQ_S7TUdM18V0tJcGwsaDzi7uqrMuDiJ8Rn4AQBgAaDlJjj1KzUrV2gBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1ZxzDPY8B0zZOaUZ2Q4TddrRDzCg%26client%3Dca-pub-4663753467999594%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:35:02 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 10 Mar 2024 02:35:02 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame BFE8 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZBKAVQAM2HMIEfB1AAlkZ_9xwddT7hYBjNkCew&u=%7CtL5M0cBJr6hUM1OTb3nul9t2gLQ456%2FJKMSvvDk%2FLl4%3D%7C&c1=YJ4X_nXZn4MS-Vyc1jpPlV4VTPO6xzWbMW9ePYRMUYXVfUoF4cAXWY4IDGxyAu5zOLBuBlPze-AX3ZVsQJGtw57CEIsnB4xvtzisV2IamoyYEv1G_xfosXphBmvyyeWyLHYscSWQnlN-n8ol_-8rBJfNE9hQ7t8p6M-wzoRjP6MI1XytYNZGZcpQbBu1mDk019XTpzxA0F3xm_LOZiIVwdvebgqO5IebWmPwZ7gwyhp9Oje4AYyrbnKfyGeLRyR3-B5qYHoHy-L5ul2timwYyhI0n_Ar_x-1a5Ps_hL8WZL_sjIy8ZX6eILr-Z_M614usVHFhEJMcAkPrRvWkmnyFe4yJ-vPn6A0CPBKO84wVDG7RvouXE_5fcPZ0eUr0Kn3mWEcReZsyrE4GXr3YSJTKaDEAOA_e-BbjYvTKZ1uzwHtBOX26TPw-UQaVA7xMWVf7JGQkW9NoJDE_M7uW6Ks3LgD3cBXrEI0wk-bUvJv7Ym_fNw9-cMMfl3EB23U2ZRS-zKhxm1uej0Q1SXI8HMTmCgpBjKcO9QU6VhIXg61MGDmfXbgzax187gYGsaqDUWJa2DumDTi3tF7NKLxclI049DHTCd_yRTfPkCfHxyv1j4Ws5hyjxYkdy5LZqNKcB73qKRcNMmGUls&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCOydXVYASZPOwM_Xgx_AP58il0AHJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2NjM3NTM0Njc5OTk1OTTIAQmpAgDnZx5_v7E-4AIAqAMBqgSEAk_QZ1_AETdkrhzfclfKtbKewy0r-RCp7BpvyMlkU_csQRrxdUDwH8E5pDKQ7TsAkd2siBzxGXfLm4Cbw2KMNbzpFChu4IHYditfQ7NDCXpo4trBmjfo0wrlgJNJ6Ev6V8dFa9d1WQccCko_PaH25bvM6qy9XC9Owywc7eqrp4nCbUdre9_F1X8QT5cjJ1K7EauXK0O12VMBMxs2JhUNtS59tfgFuWpTR9APCRFBqOtc5UDpgCxa3AJlp3WiXfA7I0opOnBdsHpcSM5oE1PnlDv9hSqJN6CTO4WoTL78AkT_NlLh_kpdQh1W-xQ_S7TUdM18V0tJcGwsaDzi7uqrMuDiJ8Rn4AQBgAaDlJjj1KzUrV2gBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1ZxzDPY8B0zZOaUZ2Q4TddrRDzCg%26client%3Dca-pub-4663753467999594%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:35:02 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 10 Mar 2024 02:35:02 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame BFE8 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZBKAVQAM2HMIEfB1AAlkZ_9xwddT7hYBjNkCew&u=%7CtL5M0cBJr6hUM1OTb3nul9t2gLQ456%2FJKMSvvDk%2FLl4%3D%7C&c1=YJ4X_nXZn4MS-Vyc1jpPlV4VTPO6xzWbMW9ePYRMUYXVfUoF4cAXWY4IDGxyAu5zOLBuBlPze-AX3ZVsQJGtw57CEIsnB4xvtzisV2IamoyYEv1G_xfosXphBmvyyeWyLHYscSWQnlN-n8ol_-8rBJfNE9hQ7t8p6M-wzoRjP6MI1XytYNZGZcpQbBu1mDk019XTpzxA0F3xm_LOZiIVwdvebgqO5IebWmPwZ7gwyhp9Oje4AYyrbnKfyGeLRyR3-B5qYHoHy-L5ul2timwYyhI0n_Ar_x-1a5Ps_hL8WZL_sjIy8ZX6eILr-Z_M614usVHFhEJMcAkPrRvWkmnyFe4yJ-vPn6A0CPBKO84wVDG7RvouXE_5fcPZ0eUr0Kn3mWEcReZsyrE4GXr3YSJTKaDEAOA_e-BbjYvTKZ1uzwHtBOX26TPw-UQaVA7xMWVf7JGQkW9NoJDE_M7uW6Ks3LgD3cBXrEI0wk-bUvJv7Ym_fNw9-cMMfl3EB23U2ZRS-zKhxm1uej0Q1SXI8HMTmCgpBjKcO9QU6VhIXg61MGDmfXbgzax187gYGsaqDUWJa2DumDTi3tF7NKLxclI049DHTCd_yRTfPkCfHxyv1j4Ws5hyjxYkdy5LZqNKcB73qKRcNMmGUls&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCOydXVYASZPOwM_Xgx_AP58il0AHJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2NjM3NTM0Njc5OTk1OTTIAQmpAgDnZx5_v7E-4AIAqAMBqgSEAk_QZ1_AETdkrhzfclfKtbKewy0r-RCp7BpvyMlkU_csQRrxdUDwH8E5pDKQ7TsAkd2siBzxGXfLm4Cbw2KMNbzpFChu4IHYditfQ7NDCXpo4trBmjfo0wrlgJNJ6Ev6V8dFa9d1WQccCko_PaH25bvM6qy9XC9Owywc7eqrp4nCbUdre9_F1X8QT5cjJ1K7EauXK0O12VMBMxs2JhUNtS59tfgFuWpTR9APCRFBqOtc5UDpgCxa3AJlp3WiXfA7I0opOnBdsHpcSM5oE1PnlDv9hSqJN6CTO4WoTL78AkT_NlLh_kpdQh1W-xQ_S7TUdM18V0tJcGwsaDzi7uqrMuDiJ8Rn4AQBgAaDlJjj1KzUrV2gBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1ZxzDPY8B0zZOaUZ2Q4TddrRDzCg%26client%3Dca-pub-4663753467999594%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:35:02 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Sun, 10 Mar 2024 02:35:02 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame BFE8 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZBKAVQAM2HMIEfB1AAlkZ_9xwddT7hYBjNkCew&u=%7CtL5M0cBJr6hUM1OTb3nul9t2gLQ456%2FJKMSvvDk%2FLl4%3D%7C&c1=YJ4X_nXZn4MS-Vyc1jpPlV4VTPO6xzWbMW9ePYRMUYXVfUoF4cAXWY4IDGxyAu5zOLBuBlPze-AX3ZVsQJGtw57CEIsnB4xvtzisV2IamoyYEv1G_xfosXphBmvyyeWyLHYscSWQnlN-n8ol_-8rBJfNE9hQ7t8p6M-wzoRjP6MI1XytYNZGZcpQbBu1mDk019XTpzxA0F3xm_LOZiIVwdvebgqO5IebWmPwZ7gwyhp9Oje4AYyrbnKfyGeLRyR3-B5qYHoHy-L5ul2timwYyhI0n_Ar_x-1a5Ps_hL8WZL_sjIy8ZX6eILr-Z_M614usVHFhEJMcAkPrRvWkmnyFe4yJ-vPn6A0CPBKO84wVDG7RvouXE_5fcPZ0eUr0Kn3mWEcReZsyrE4GXr3YSJTKaDEAOA_e-BbjYvTKZ1uzwHtBOX26TPw-UQaVA7xMWVf7JGQkW9NoJDE_M7uW6Ks3LgD3cBXrEI0wk-bUvJv7Ym_fNw9-cMMfl3EB23U2ZRS-zKhxm1uej0Q1SXI8HMTmCgpBjKcO9QU6VhIXg61MGDmfXbgzax187gYGsaqDUWJa2DumDTi3tF7NKLxclI049DHTCd_yRTfPkCfHxyv1j4Ws5hyjxYkdy5LZqNKcB73qKRcNMmGUls&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCOydXVYASZPOwM_Xgx_AP58il0AHJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2NjM3NTM0Njc5OTk1OTTIAQmpAgDnZx5_v7E-4AIAqAMBqgSEAk_QZ1_AETdkrhzfclfKtbKewy0r-RCp7BpvyMlkU_csQRrxdUDwH8E5pDKQ7TsAkd2siBzxGXfLm4Cbw2KMNbzpFChu4IHYditfQ7NDCXpo4trBmjfo0wrlgJNJ6Ev6V8dFa9d1WQccCko_PaH25bvM6qy9XC9Owywc7eqrp4nCbUdre9_F1X8QT5cjJ1K7EauXK0O12VMBMxs2JhUNtS59tfgFuWpTR9APCRFBqOtc5UDpgCxa3AJlp3WiXfA7I0opOnBdsHpcSM5oE1PnlDv9hSqJN6CTO4WoTL78AkT_NlLh_kpdQh1W-xQ_S7TUdM18V0tJcGwsaDzi7uqrMuDiJ8Rn4AQBgAaDlJjj1KzUrV2gBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1ZxzDPY8B0zZOaUZ2Q4TddrRDzCg%26client%3Dca-pub-4663753467999594%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:35:02 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Sun, 10 Mar 2024 02:35:02 GMT
lg.php
cat.nl3.eu.criteo.com/delivery/ Frame BFE8 		43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=OFdZ59zcxLb0aY-tLF4OOKXLC6IcfHKm3Xax1VLim8UpIBdwL1ufx5JcLJMLtkZQO3L8JR2zn6fVQoeMbnfF6c2scKLGY3jWUtzC4MOu2gvtjEu37t4H6nMVq65m4ZO5mLl36G-f53wPJjpDBiE44EmWyZceN-dR0DgBDPgZYu4JP6Ne9g7C752e_IOlPE1vOoXynJnLKV2hcbkZKzmT3kWVJx9bhsy-25PS97BpPWgNgZ_DpXWHAgOkH1wjhebkP6C5_u_5MXRtK1r34FPiTwSc1xZEMCaV8IfLK332Bj8346xJiYCv85ho3zaa3oB8IqBDCtMUj50gMTT1QInBb3dzGU2z1qNGnSAAoHfTHFNGS3aO_1AIKQN1ovfxDlrmBTEgquYWkX3uKh-O9vWfDypCUw7CDlb3wUh6HXar2k1BgAfK9oA-rHX0LSvHFncVts-1-w
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZBKAVQAM2HMIEfB1AAlkZ_9xwddT7hYBjNkCew&u=%7CtL5M0cBJr6hUM1OTb3nul9t2gLQ456%2FJKMSvvDk%2FLl4%3D%7C&c1=YJ4X_nXZn4MS-Vyc1jpPlV4VTPO6xzWbMW9ePYRMUYXVfUoF4cAXWY4IDGxyAu5zOLBuBlPze-AX3ZVsQJGtw57CEIsnB4xvtzisV2IamoyYEv1G_xfosXphBmvyyeWyLHYscSWQnlN-n8ol_-8rBJfNE9hQ7t8p6M-wzoRjP6MI1XytYNZGZcpQbBu1mDk019XTpzxA0F3xm_LOZiIVwdvebgqO5IebWmPwZ7gwyhp9Oje4AYyrbnKfyGeLRyR3-B5qYHoHy-L5ul2timwYyhI0n_Ar_x-1a5Ps_hL8WZL_sjIy8ZX6eILr-Z_M614usVHFhEJMcAkPrRvWkmnyFe4yJ-vPn6A0CPBKO84wVDG7RvouXE_5fcPZ0eUr0Kn3mWEcReZsyrE4GXr3YSJTKaDEAOA_e-BbjYvTKZ1uzwHtBOX26TPw-UQaVA7xMWVf7JGQkW9NoJDE_M7uW6Ks3LgD3cBXrEI0wk-bUvJv7Ym_fNw9-cMMfl3EB23U2ZRS-zKhxm1uej0Q1SXI8HMTmCgpBjKcO9QU6VhIXg61MGDmfXbgzax187gYGsaqDUWJa2DumDTi3tF7NKLxclI049DHTCd_yRTfPkCfHxyv1j4Ws5hyjxYkdy5LZqNKcB73qKRcNMmGUls&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCOydXVYASZPOwM_Xgx_AP58il0AHJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2NjM3NTM0Njc5OTk1OTTIAQmpAgDnZx5_v7E-4AIAqAMBqgSEAk_QZ1_AETdkrhzfclfKtbKewy0r-RCp7BpvyMlkU_csQRrxdUDwH8E5pDKQ7TsAkd2siBzxGXfLm4Cbw2KMNbzpFChu4IHYditfQ7NDCXpo4trBmjfo0wrlgJNJ6Ev6V8dFa9d1WQccCko_PaH25bvM6qy9XC9Owywc7eqrp4nCbUdre9_F1X8QT5cjJ1K7EauXK0O12VMBMxs2JhUNtS59tfgFuWpTR9APCRFBqOtc5UDpgCxa3AJlp3WiXfA7I0opOnBdsHpcSM5oE1PnlDv9hSqJN6CTO4WoTL78AkT_NlLh_kpdQh1W-xQ_S7TUdM18V0tJcGwsaDzi7uqrMuDiJ8Rn4AQBgAaDlJjj1KzUrV2gBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1ZxzDPY8B0zZOaUZ2Q4TddrRDzCg%26client%3Dca-pub-4663753467999594%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Mar 2023 02:35:02 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1785698
expires
Mon, 26 Jul 1997 05:00:00 GMT
webfontloader.js
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame BFE8 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZBKAVQAM2HMIEfB1AAlkZ_9xwddT7hYBjNkCew&u=%7CtL5M0cBJr6hUM1OTb3nul9t2gLQ456%2FJKMSvvDk%2FLl4%3D%7C&c1=YJ4X_nXZn4MS-Vyc1jpPlV4VTPO6xzWbMW9ePYRMUYXVfUoF4cAXWY4IDGxyAu5zOLBuBlPze-AX3ZVsQJGtw57CEIsnB4xvtzisV2IamoyYEv1G_xfosXphBmvyyeWyLHYscSWQnlN-n8ol_-8rBJfNE9hQ7t8p6M-wzoRjP6MI1XytYNZGZcpQbBu1mDk019XTpzxA0F3xm_LOZiIVwdvebgqO5IebWmPwZ7gwyhp9Oje4AYyrbnKfyGeLRyR3-B5qYHoHy-L5ul2timwYyhI0n_Ar_x-1a5Ps_hL8WZL_sjIy8ZX6eILr-Z_M614usVHFhEJMcAkPrRvWkmnyFe4yJ-vPn6A0CPBKO84wVDG7RvouXE_5fcPZ0eUr0Kn3mWEcReZsyrE4GXr3YSJTKaDEAOA_e-BbjYvTKZ1uzwHtBOX26TPw-UQaVA7xMWVf7JGQkW9NoJDE_M7uW6Ks3LgD3cBXrEI0wk-bUvJv7Ym_fNw9-cMMfl3EB23U2ZRS-zKhxm1uej0Q1SXI8HMTmCgpBjKcO9QU6VhIXg61MGDmfXbgzax187gYGsaqDUWJa2DumDTi3tF7NKLxclI049DHTCd_yRTfPkCfHxyv1j4Ws5hyjxYkdy5LZqNKcB73qKRcNMmGUls&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCOydXVYASZPOwM_Xgx_AP58il0AHJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2NjM3NTM0Njc5OTk1OTTIAQmpAgDnZx5_v7E-4AIAqAMBqgSEAk_QZ1_AETdkrhzfclfKtbKewy0r-RCp7BpvyMlkU_csQRrxdUDwH8E5pDKQ7TsAkd2siBzxGXfLm4Cbw2KMNbzpFChu4IHYditfQ7NDCXpo4trBmjfo0wrlgJNJ6Ev6V8dFa9d1WQccCko_PaH25bvM6qy9XC9Owywc7eqrp4nCbUdre9_F1X8QT5cjJ1K7EauXK0O12VMBMxs2JhUNtS59tfgFuWpTR9APCRFBqOtc5UDpgCxa3AJlp3WiXfA7I0opOnBdsHpcSM5oE1PnlDv9hSqJN6CTO4WoTL78AkT_NlLh_kpdQh1W-xQ_S7TUdM18V0tJcGwsaDzi7uqrMuDiJ8Rn4AQBgAaDlJjj1KzUrV2gBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1ZxzDPY8B0zZOaUZ2Q4TddrRDzCg%26client%3Dca-pub-4663753467999594%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:35:02 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
2348214
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4420
last-modified
Mon, 04 May 2020 16:17:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04030-30d9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dXeYexE3nMFynxSg%2FsNBGFXOtZHvMdyu3PaHfbwT%2BLtTP4h3%2BAQDGhY5a15v423qmP4xVUPXGnuuivVHbFnijf66PyeI0wgaYXPw4dvrw3X41lfSIuECxm%2B0zvNlLBSKVS65%2F5i3FWm2PhPlolLhXFUH"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7a8999bb8afc381a-FRA
expires
Tue, 05 Mar 2024 02:35:02 GMT
animejs.js
static.criteo.net/animejs/ Frame BFE8 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZBKAVQAM2HMIEfB1AAlkZ_9xwddT7hYBjNkCew&u=%7CtL5M0cBJr6hUM1OTb3nul9t2gLQ456%2FJKMSvvDk%2FLl4%3D%7C&c1=YJ4X_nXZn4MS-Vyc1jpPlV4VTPO6xzWbMW9ePYRMUYXVfUoF4cAXWY4IDGxyAu5zOLBuBlPze-AX3ZVsQJGtw57CEIsnB4xvtzisV2IamoyYEv1G_xfosXphBmvyyeWyLHYscSWQnlN-n8ol_-8rBJfNE9hQ7t8p6M-wzoRjP6MI1XytYNZGZcpQbBu1mDk019XTpzxA0F3xm_LOZiIVwdvebgqO5IebWmPwZ7gwyhp9Oje4AYyrbnKfyGeLRyR3-B5qYHoHy-L5ul2timwYyhI0n_Ar_x-1a5Ps_hL8WZL_sjIy8ZX6eILr-Z_M614usVHFhEJMcAkPrRvWkmnyFe4yJ-vPn6A0CPBKO84wVDG7RvouXE_5fcPZ0eUr0Kn3mWEcReZsyrE4GXr3YSJTKaDEAOA_e-BbjYvTKZ1uzwHtBOX26TPw-UQaVA7xMWVf7JGQkW9NoJDE_M7uW6Ks3LgD3cBXrEI0wk-bUvJv7Ym_fNw9-cMMfl3EB23U2ZRS-zKhxm1uej0Q1SXI8HMTmCgpBjKcO9QU6VhIXg61MGDmfXbgzax187gYGsaqDUWJa2DumDTi3tF7NKLxclI049DHTCd_yRTfPkCfHxyv1j4Ws5hyjxYkdy5LZqNKcB73qKRcNMmGUls&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCOydXVYASZPOwM_Xgx_AP58il0AHJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2NjM3NTM0Njc5OTk1OTTIAQmpAgDnZx5_v7E-4AIAqAMBqgSEAk_QZ1_AETdkrhzfclfKtbKewy0r-RCp7BpvyMlkU_csQRrxdUDwH8E5pDKQ7TsAkd2siBzxGXfLm4Cbw2KMNbzpFChu4IHYditfQ7NDCXpo4trBmjfo0wrlgJNJ6Ev6V8dFa9d1WQccCko_PaH25bvM6qy9XC9Owywc7eqrp4nCbUdre9_F1X8QT5cjJ1K7EauXK0O12VMBMxs2JhUNtS59tfgFuWpTR9APCRFBqOtc5UDpgCxa3AJlp3WiXfA7I0opOnBdsHpcSM5oE1PnlDv9hSqJN6CTO4WoTL78AkT_NlLh_kpdQh1W-xQ_S7TUdM18V0tJcGwsaDzi7uqrMuDiJ8Rn4AQBgAaDlJjj1KzUrV2gBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1ZxzDPY8B0zZOaUZ2Q4TddrRDzCg%26client%3Dca-pub-4663753467999594%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:35:02 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 10 Mar 2024 02:35:02 GMT
9af63da692984f7884d89dad36906685_makeitsans-bold.woff
static.criteo.net/design/dt/ Frame BFE8 		58 KB
58 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/dt/9af63da692984f7884d89dad36906685_makeitsans-bold.woff
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZBKAVQAM2HMIEfB1AAlkZ_9xwddT7hYBjNkCew&u=%7CtL5M0cBJr6hUM1OTb3nul9t2gLQ456%2FJKMSvvDk%2FLl4%3D%7C&c1=YJ4X_nXZn4MS-Vyc1jpPlV4VTPO6xzWbMW9ePYRMUYXVfUoF4cAXWY4IDGxyAu5zOLBuBlPze-AX3ZVsQJGtw57CEIsnB4xvtzisV2IamoyYEv1G_xfosXphBmvyyeWyLHYscSWQnlN-n8ol_-8rBJfNE9hQ7t8p6M-wzoRjP6MI1XytYNZGZcpQbBu1mDk019XTpzxA0F3xm_LOZiIVwdvebgqO5IebWmPwZ7gwyhp9Oje4AYyrbnKfyGeLRyR3-B5qYHoHy-L5ul2timwYyhI0n_Ar_x-1a5Ps_hL8WZL_sjIy8ZX6eILr-Z_M614usVHFhEJMcAkPrRvWkmnyFe4yJ-vPn6A0CPBKO84wVDG7RvouXE_5fcPZ0eUr0Kn3mWEcReZsyrE4GXr3YSJTKaDEAOA_e-BbjYvTKZ1uzwHtBOX26TPw-UQaVA7xMWVf7JGQkW9NoJDE_M7uW6Ks3LgD3cBXrEI0wk-bUvJv7Ym_fNw9-cMMfl3EB23U2ZRS-zKhxm1uej0Q1SXI8HMTmCgpBjKcO9QU6VhIXg61MGDmfXbgzax187gYGsaqDUWJa2DumDTi3tF7NKLxclI049DHTCd_yRTfPkCfHxyv1j4Ws5hyjxYkdy5LZqNKcB73qKRcNMmGUls&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCOydXVYASZPOwM_Xgx_AP58il0AHJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2NjM3NTM0Njc5OTk1OTTIAQmpAgDnZx5_v7E-4AIAqAMBqgSEAk_QZ1_AETdkrhzfclfKtbKewy0r-RCp7BpvyMlkU_csQRrxdUDwH8E5pDKQ7TsAkd2siBzxGXfLm4Cbw2KMNbzpFChu4IHYditfQ7NDCXpo4trBmjfo0wrlgJNJ6Ev6V8dFa9d1WQccCko_PaH25bvM6qy9XC9Owywc7eqrp4nCbUdre9_F1X8QT5cjJ1K7EauXK0O12VMBMxs2JhUNtS59tfgFuWpTR9APCRFBqOtc5UDpgCxa3AJlp3WiXfA7I0opOnBdsHpcSM5oE1PnlDv9hSqJN6CTO4WoTL78AkT_NlLh_kpdQh1W-xQ_S7TUdM18V0tJcGwsaDzi7uqrMuDiJ8Rn4AQBgAaDlJjj1KzUrV2gBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1ZxzDPY8B0zZOaUZ2Q4TddrRDzCg%26client%3Dca-pub-4663753467999594%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
ebb2026eba76b777cd1cc6d694a4609324304eeb1129a9fe0fb5a616590cc3ee
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
Origin
https://ads.eu.criteo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:35:02 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 05 Feb 2020 10:30:18 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e3a993a-e7e4"
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 10 Mar 2024 02:35:02 GMT
bb3faf863f1b470cb6abbfbf9cd4e6c1_makeitsans-regular.woff
static.criteo.net/design/dt/ Frame BFE8 		56 KB
56 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/dt/bb3faf863f1b470cb6abbfbf9cd4e6c1_makeitsans-regular.woff
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZBKAVQAM2HMIEfB1AAlkZ_9xwddT7hYBjNkCew&u=%7CtL5M0cBJr6hUM1OTb3nul9t2gLQ456%2FJKMSvvDk%2FLl4%3D%7C&c1=YJ4X_nXZn4MS-Vyc1jpPlV4VTPO6xzWbMW9ePYRMUYXVfUoF4cAXWY4IDGxyAu5zOLBuBlPze-AX3ZVsQJGtw57CEIsnB4xvtzisV2IamoyYEv1G_xfosXphBmvyyeWyLHYscSWQnlN-n8ol_-8rBJfNE9hQ7t8p6M-wzoRjP6MI1XytYNZGZcpQbBu1mDk019XTpzxA0F3xm_LOZiIVwdvebgqO5IebWmPwZ7gwyhp9Oje4AYyrbnKfyGeLRyR3-B5qYHoHy-L5ul2timwYyhI0n_Ar_x-1a5Ps_hL8WZL_sjIy8ZX6eILr-Z_M614usVHFhEJMcAkPrRvWkmnyFe4yJ-vPn6A0CPBKO84wVDG7RvouXE_5fcPZ0eUr0Kn3mWEcReZsyrE4GXr3YSJTKaDEAOA_e-BbjYvTKZ1uzwHtBOX26TPw-UQaVA7xMWVf7JGQkW9NoJDE_M7uW6Ks3LgD3cBXrEI0wk-bUvJv7Ym_fNw9-cMMfl3EB23U2ZRS-zKhxm1uej0Q1SXI8HMTmCgpBjKcO9QU6VhIXg61MGDmfXbgzax187gYGsaqDUWJa2DumDTi3tF7NKLxclI049DHTCd_yRTfPkCfHxyv1j4Ws5hyjxYkdy5LZqNKcB73qKRcNMmGUls&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCOydXVYASZPOwM_Xgx_AP58il0AHJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2NjM3NTM0Njc5OTk1OTTIAQmpAgDnZx5_v7E-4AIAqAMBqgSEAk_QZ1_AETdkrhzfclfKtbKewy0r-RCp7BpvyMlkU_csQRrxdUDwH8E5pDKQ7TsAkd2siBzxGXfLm4Cbw2KMNbzpFChu4IHYditfQ7NDCXpo4trBmjfo0wrlgJNJ6Ev6V8dFa9d1WQccCko_PaH25bvM6qy9XC9Owywc7eqrp4nCbUdre9_F1X8QT5cjJ1K7EauXK0O12VMBMxs2JhUNtS59tfgFuWpTR9APCRFBqOtc5UDpgCxa3AJlp3WiXfA7I0opOnBdsHpcSM5oE1PnlDv9hSqJN6CTO4WoTL78AkT_NlLh_kpdQh1W-xQ_S7TUdM18V0tJcGwsaDzi7uqrMuDiJ8Rn4AQBgAaDlJjj1KzUrV2gBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1ZxzDPY8B0zZOaUZ2Q4TddrRDzCg%26client%3Dca-pub-4663753467999594%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
09fe7be89711f0dc0ba47ab8a1a1865df7b660a1f1359d29c4c3445683d2f61f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
Origin
https://ads.eu.criteo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:35:02 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 05 Feb 2020 10:30:18 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e3a993a-de74"
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 10 Mar 2024 02:35:02 GMT
truncated
/ Frame 0BE8 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
93012b8dc685e142ea8dc9087b1b5a27502188ea81dd095ade39738710f44df1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type
image/png
rar
as.ad4m.at/ad/ Frame A7D1 		11 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/rar?a=15573%2C196439%2C321735&b=G1rtBfpfVz7cKHeHGtPtdwJHZSYTJJkCQV5M%2CM7YHzfrfjePRUWHEHGtDt2jpCBS4TxxZhE2wV%2C3qjcpf4fVbD3f7HrHAtEtMAbQaPSWTKKMsg2Y3&f=Vb8twfmfRKbSVHbHAtXC4bmHBSzTggWuDJ7x%2C61wtef3fMW9mfeHmHYtEC5kmtYS1T33PTERYG%2CWPefrfdfVrKWfYH5HjtDCEP1qt3SETVVmU9Q8W&c=120&d=600&e=&g=869f10d2fd16e15a18b2b3676b17bd38%2F15749568168597614057&i=26474%2C25174%2C110819&j=41%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1678934102297&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jy1z1n2g71jdkm05axvscd31wzx33vbmt1hb5g2f17s232h860htthpjwjfb9v7msbt2qpvrjkjtgcvrx4r412qkcdm2n247vbs83pxt0p11j7mgtrjvaxr38bkacjn4g8sc21ahqzae1g0bxbzmtng5k78g30bd721r7yzkvdvnh3sht53w1812ab08f3p8rtgx49tayr11m62y8m9qnqqkmbpm2rk0pbtnmc5sh19erqw8gxcsm9nb9j4187jj44mp3shj2p1wcebrgxpkj2j%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCIcIfVYASZLbjII2VgAfdx5iYA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2NjM3NTM0Njc5OTk1OTTIAQmpAgDnZx5_v7E-4AIAqAMBqgSFAk_QGQSz3xJT6XZ4DEnkwwisfGIhGSDp8Jl6OntfMt1X59Cerd7AVG0oaSmxr47qczQUoJn5e1AQiJIuRgvJYRyU-OaaUlm9Ae5C0vazt3UXYvVUvVyq74YmFOEigWHkDkSOyX-u85m94P4Otz_QOfqGujjmzZ8ynG9-W3ZlsXpXlYg2E7U7xGrRqAk6L2FKukezTrEUzS5bRt4OOiMByl2VWfsqT7Xe2LVZSHMArglChQHj_M2dDJBVA64T_9L_cF4Su6tFRK7kc-QTL1qhkVOd18PwIHLajW93m4DZCvNRDVBBNl0ze5aqPSaoUEB0mckcXlJVuwKFcJOvL-fEPOVmT57nteAEAYAG79rjt9a5xbd1oAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1-Or66cd7sSfL0C0ihoipdMfswLQ%2526client%253Dca-pub-4663753467999594%2526adurl%253D&y=1&s=&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
05dd96763d6ab50bed3a089eb3392d895c60fcca638ae1ff8dcdeb14d5a23179
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://as.ad4m.at/ad/dr?ed=1jknb8d1qvdc9hnxr0jfwhzz0xva55vm0fkayd9k8e8xe4j85h9ss27vq5wj9ther6t49f266sy26zx3v8ds8kgxmtd8g2yxgxnshyh7e9p1fmxv4ncsqctapv9k3wck4rgg3a0rfakh2fk45vetpzx04yzfvxbdh082g3d0zd4qa0744kt2vmy8dzkr8gb27x3cj9gngxp6e0aj2wnzgbdr8ek9fjnckbfx9qjf0y5bk55cqr7s4hy9nvgj33pbafm0mf6a7c52yj1rrbj6na9b330wh7xag25q91vc7jheejhqabwx9apaks5btvpjt4m1p5pkw59r87pn8c8rpdwjr375jdc83rczrpt8sw0zg3zv62mjszw0hfwm3d3pbp51ekgq7xtkfnwdadb07m8j69x0xjvjqmg10jtc7mj35rnnb6cfn3jf04p5c5zccn88mwndxg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCIcIfVYASZLbjII2VgAfdx5iYA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2NjM3NTM0Njc5OTk1OTTIAQmpAgDnZx5_v7E-4AIAqAMBqgSFAk_QGQSz3xJT6XZ4DEnkwwisfGIhGSDp8Jl6OntfMt1X59Cerd7AVG0oaSmxr47qczQUoJn5e1AQiJIuRgvJYRyU-OaaUlm9Ae5C0vazt3UXYvVUvVyq74YmFOEigWHkDkSOyX-u85m94P4Otz_QOfqGujjmzZ8ynG9-W3ZlsXpXlYg2E7U7xGrRqAk6L2FKukezTrEUzS5bRt4OOiMByl2VWfsqT7Xe2LVZSHMArglChQHj_M2dDJBVA64T_9L_cF4Su6tFRK7kc-QTL1qhkVOd18PwIHLajW93m4DZCvNRDVBBNl0ze5aqPSaoUEB0mckcXlJVuwKFcJOvL-fEPOVmT57nteAEAYAG79rjt9a5xbd1oAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1-Or66cd7sSfL0C0ihoipdMfswLQ%26client%3Dca-pub-4663753467999594%26adurl%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
7a8999bbcb949213-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Thu, 16 Mar 2023 02:35:02 GMT
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
pixel
cm.g.doubleclick.net/ Frame EECF
Redirect Chain
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEEKtMdyNsrH9eU_fyNx6BYw&google_cver=1&google_push=Aa02lx97Q6Diry8Fn8K7uGMAUxApGxqcExF7Fsz6lHI9LVjY-YDoWjQoub...
  • https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=Aa02lx97Q6Diry8Fn8K7uGMAUxApGxqcExF7Fsz6lHI9LVjY-YDoWjQoubtHnoHHL-BPQR_wIcaSudHzJzYmsXxUbhW2vPpEMDfK6w&google_hm=RRHcez6TAy...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=Aa02lx97Q6Diry8Fn8K7uGMAUxApGxqcExF7Fsz6lHI9LVjY-YDoWjQoubtHnoHHL-BPQR_wIcaSudHzJzYmsXxUbhW2vPpEMDfK6w&google_hm=RRHcez6TAyIA49RpZJ4gmQ
Requested by
Host: 3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com
URL: https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Mar 2023 02:35:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=Aa02lx97Q6Diry8Fn8K7uGMAUxApGxqcExF7Fsz6lHI9LVjY-YDoWjQoubtHnoHHL-BPQR_wIcaSudHzJzYmsXxUbhW2vPpEMDfK6w&google_hm=RRHcez6TAyIA49RpZJ4gmQ
pragma
no-cache
date
Thu, 16 Mar 2023 02:35:02 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
strict-transport-security
max-age=86400
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
google
match.adsrvr.org/track/cmf/ Frame EECF 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESENr_twMPMTtAKHYjR9ZJdOc&google_cver=1&google_push=Aa02lx8PrQd5YngIHBxKyL8WLfDl-izj4nwWWOFhzMWnskPEcjMDtIQppr7PoRUilbV59pWlxFbI62IdH_HxCXJSaiCgZseNEU5H
Requested by
Host: 3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com
URL: https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 16 Mar 2023 02:35:02 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame EECF
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=R2P-67vIS-uNSMH57vsZFQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=R2P-67vIS-uNSMH57vsZFQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aa02lx-lezr5GyVutY-JtT_EmpxWlrUrFVGztv7pEXgOjEbSgpyrnqb91J5QY8BHA6tRb5NV58aGIodjSoGq_D8Tvi96liTj_g4L
Requested by
Host: 3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com
URL: https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Mar 2023 02:35:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=R2P-67vIS-uNSMH57vsZFQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aa02lx-lezr5GyVutY-JtT_EmpxWlrUrFVGztv7pEXgOjEbSgpyrnqb91J5QY8BHA6tRb5NV58aGIodjSoGq_D8Tvi96liTj_g4L
date
Thu, 16 Mar 2023 02:35:02 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame EECF
Redirect Chain
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEMPXCZwxfyLrOaJB_cdfmvM&google_cver=1&google_push=Aa02lx82FK1PHwTD6iIH7F6VU6A0ijoZY_oZl2Y-tk5RopIRAjy1nZIGWzZRIaINC583R2QkPcZqr5qsqsciyo4Z8...
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=Aa02lx82FK1PHwTD6iIH7F6VU6A0ijoZY_oZl2Y-tk5RopIRAjy1nZIGWzZRIaINC583R2QkPcZqr5qsqsciyo4Z87kY0mzXH2FK&google_hm=GUVbuGZHvBNjuENaQKekY4O-
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=Aa02lx82FK1PHwTD6iIH7F6VU6A0ijoZY_oZl2Y-tk5RopIRAjy1nZIGWzZRIaINC583R2QkPcZqr5qsqsciyo4Z87kY0mzXH2FK&google_hm=GUVbuGZHvBNjuENaQKekY4O-
Requested by
Host: 3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com
URL: https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Mar 2023 02:35:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Thu, 16 Mar 2023 02:35:02 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=Aa02lx82FK1PHwTD6iIH7F6VU6A0ijoZY_oZl2Y-tk5RopIRAjy1nZIGWzZRIaINC583R2QkPcZqr5qsqsciyo4Z87kY0mzXH2FK&google_hm=GUVbuGZHvBNjuENaQKekY4O-
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap6ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame EECF
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEMBPexfjrSUFe_hyznI5s-E&google_cver=1&google_push=Aa02lx9BvUz9g13sjntri_hSkto29Kab0DVQpluTMTrFaPkE_i47rzCHezGOIFN6-TgyIiBSUmlrD0jghuqUzWdRbhASsn48RY...
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTI4NDIyMzk1MzA2MzIxMzE4Mjc5&google_push=Aa02lx9BvUz9g13sjntri_hSkto29Kab0DVQpluTMTrFaPkE_i47rzCHezGOIFN6...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTI4NDIyMzk1MzA2MzIxMzE4Mjc5&google_push=Aa02lx9BvUz9g13sjntri_hSkto29Kab0DVQpluTMTrFaPkE_i47rzCHezGOIFN6-TgyIiBSUmlrD0jghuqUzWdRbhASsn48RYTSRg
Requested by
Host: 3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com
URL: https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Mar 2023 02:35:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTI4NDIyMzk1MzA2MzIxMzE4Mjc5&google_push=Aa02lx9BvUz9g13sjntri_hSkto29Kab0DVQpluTMTrFaPkE_i47rzCHezGOIFN6-TgyIiBSUmlrD0jghuqUzWdRbhASsn48RYTSRg
date
Thu, 16 Mar 2023 02:35:02 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
pixel
cm.g.doubleclick.net/ Frame EECF
Redirect Chain
  • https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEJV6SruycOmJSKK4BCJA5-Q&google_cver=1&google_push=Aa02lx88aL0vguIlk...
  • https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MzY1NzQ5MTg1OTMwOTk0MjQ4NA%3D%3D&google_gid=CAESEJV6SruycOmJSKK4BCJA5-Q&google_cver=1&google_push=Aa02lx88aL0vguIlkP1aof6ezJqIQhpIy5...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MzY1NzQ5MTg1OTMwOTk0MjQ4NA%3D%3D&google_gid=CAESEJV6SruycOmJSKK4BCJA5-Q&google_cver=1&google_push=Aa02lx88aL0vguIlkP1aof6ezJqIQhpIy5TWW25wXBJ6ifLDAG0A__PfJcxnFT8h1IsdDqx3hjqCaPkkeH245XxovdDiHJB8nfaj4yQ
Requested by
Host: 3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com
URL: https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Mar 2023 02:35:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Thu, 16 Mar 2023 02:35:02 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
185.213.155.141; 185.213.155.141; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
d27bffac-3ee4-4c65-a089-d2ed627941cf
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MzY1NzQ5MTg1OTMwOTk0MjQ4NA%3D%3D&google_gid=CAESEJV6SruycOmJSKK4BCJA5-Q&google_cver=1&google_push=Aa02lx88aL0vguIlkP1aof6ezJqIQhpIy5TWW25wXBJ6ifLDAG0A__PfJcxnFT8h1IsdDqx3hjqCaPkkeH245XxovdDiHJB8nfaj4yQ
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame EECF
Redirect Chain
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEOIkVCMiO...
  • https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=eb5a15d1-2b9b-4697-99d2-a0f6b0af0b0c&%%GOOGLE_PUSH_PAIR%%
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=eb5a15d1-2b9b-4697-99d2-a0f6b0af0b0c&%%GOOGLE_PUSH_PAIR%%
Requested by
Host: 3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com
URL: https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Mar 2023 02:35:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=eb5a15d1-2b9b-4697-99d2-a0f6b0af0b0c&%%GOOGLE_PUSH_PAIR%%
date
Thu, 16 Mar 2023 02:35:02 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
attr
cm.g.doubleclick.net/pixel/ Frame EECF 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Kuu2cZIpxUScgOoeZhvRRhxdp1YU0_eUIgkE4k9ioP6veirU-X8THGfs_0oADHtBaCIG0cSUA
Requested by
Host: 3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com
URL: https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:35:02 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
img
imageproxy.eu.criteo.net/img/ Frame BFE8 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?h=496&m=0&partner=2000&q=80&r=0&u=http%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F2000%2F200316%2Fc7db8369314c442a8dd94287a8ff8fb8_square.png&v=3&w=356&s=_YNTJvzvcO4UEwGGmdBc2Nz6
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZBKAVQAM2HMIEfB1AAlkZ_9xwddT7hYBjNkCew&u=%7CtL5M0cBJr6hUM1OTb3nul9t2gLQ456%2FJKMSvvDk%2FLl4%3D%7C&c1=YJ4X_nXZn4MS-Vyc1jpPlV4VTPO6xzWbMW9ePYRMUYXVfUoF4cAXWY4IDGxyAu5zOLBuBlPze-AX3ZVsQJGtw57CEIsnB4xvtzisV2IamoyYEv1G_xfosXphBmvyyeWyLHYscSWQnlN-n8ol_-8rBJfNE9hQ7t8p6M-wzoRjP6MI1XytYNZGZcpQbBu1mDk019XTpzxA0F3xm_LOZiIVwdvebgqO5IebWmPwZ7gwyhp9Oje4AYyrbnKfyGeLRyR3-B5qYHoHy-L5ul2timwYyhI0n_Ar_x-1a5Ps_hL8WZL_sjIy8ZX6eILr-Z_M614usVHFhEJMcAkPrRvWkmnyFe4yJ-vPn6A0CPBKO84wVDG7RvouXE_5fcPZ0eUr0Kn3mWEcReZsyrE4GXr3YSJTKaDEAOA_e-BbjYvTKZ1uzwHtBOX26TPw-UQaVA7xMWVf7JGQkW9NoJDE_M7uW6Ks3LgD3cBXrEI0wk-bUvJv7Ym_fNw9-cMMfl3EB23U2ZRS-zKhxm1uej0Q1SXI8HMTmCgpBjKcO9QU6VhIXg61MGDmfXbgzax187gYGsaqDUWJa2DumDTi3tF7NKLxclI049DHTCd_yRTfPkCfHxyv1j4Ws5hyjxYkdy5LZqNKcB73qKRcNMmGUls&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCOydXVYASZPOwM_Xgx_AP58il0AHJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2NjM3NTM0Njc5OTk1OTTIAQmpAgDnZx5_v7E-4AIAqAMBqgSEAk_QZ1_AETdkrhzfclfKtbKewy0r-RCp7BpvyMlkU_csQRrxdUDwH8E5pDKQ7TsAkd2siBzxGXfLm4Cbw2KMNbzpFChu4IHYditfQ7NDCXpo4trBmjfo0wrlgJNJ6Ev6V8dFa9d1WQccCko_PaH25bvM6qy9XC9Owywc7eqrp4nCbUdre9_F1X8QT5cjJ1K7EauXK0O12VMBMxs2JhUNtS59tfgFuWpTR9APCRFBqOtc5UDpgCxa3AJlp3WiXfA7I0opOnBdsHpcSM5oE1PnlDv9hSqJN6CTO4WoTL78AkT_NlLh_kpdQh1W-xQ_S7TUdM18V0tJcGwsaDzi7uqrMuDiJ8Rn4AQBgAaDlJjj1KzUrV2gBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1ZxzDPY8B0zZOaUZ2Q4TddrRDzCg%26client%3Dca-pub-4663753467999594%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 -, , ASN (),
Reverse DNS
Software
Kestrel /
Resource Hash
611b06da99c3705cbe326e1e3b508a060123625ac8f5452a9e4ff45893bc4ca1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:35:01 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/png
cache-control
public, max-age=31104000
content-length
23545
expires
Sun, 25 Feb 2024 14:19:39 GMT
img
imageproxy.eu.criteo.net/img/ Frame BFE8 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2000&q=80&r=0&u=https%3A%2F%2Fprod.pictures.autoscout24.net%2Flisting-images%2F3b100d53-451e-48f3-a766-f09a4df351dc_ea9a9ae9-4b4f-433c-ae40-409e2ac5819f.jpg%2F1280x960.jpg&v=3&w=400&s=3o-XjctVwcdgY88pTNXhXF7o&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZBKAVQAM2HMIEfB1AAlkZ_9xwddT7hYBjNkCew&u=%7CtL5M0cBJr6hUM1OTb3nul9t2gLQ456%2FJKMSvvDk%2FLl4%3D%7C&c1=YJ4X_nXZn4MS-Vyc1jpPlV4VTPO6xzWbMW9ePYRMUYXVfUoF4cAXWY4IDGxyAu5zOLBuBlPze-AX3ZVsQJGtw57CEIsnB4xvtzisV2IamoyYEv1G_xfosXphBmvyyeWyLHYscSWQnlN-n8ol_-8rBJfNE9hQ7t8p6M-wzoRjP6MI1XytYNZGZcpQbBu1mDk019XTpzxA0F3xm_LOZiIVwdvebgqO5IebWmPwZ7gwyhp9Oje4AYyrbnKfyGeLRyR3-B5qYHoHy-L5ul2timwYyhI0n_Ar_x-1a5Ps_hL8WZL_sjIy8ZX6eILr-Z_M614usVHFhEJMcAkPrRvWkmnyFe4yJ-vPn6A0CPBKO84wVDG7RvouXE_5fcPZ0eUr0Kn3mWEcReZsyrE4GXr3YSJTKaDEAOA_e-BbjYvTKZ1uzwHtBOX26TPw-UQaVA7xMWVf7JGQkW9NoJDE_M7uW6Ks3LgD3cBXrEI0wk-bUvJv7Ym_fNw9-cMMfl3EB23U2ZRS-zKhxm1uej0Q1SXI8HMTmCgpBjKcO9QU6VhIXg61MGDmfXbgzax187gYGsaqDUWJa2DumDTi3tF7NKLxclI049DHTCd_yRTfPkCfHxyv1j4Ws5hyjxYkdy5LZqNKcB73qKRcNMmGUls&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCOydXVYASZPOwM_Xgx_AP58il0AHJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2NjM3NTM0Njc5OTk1OTTIAQmpAgDnZx5_v7E-4AIAqAMBqgSEAk_QZ1_AETdkrhzfclfKtbKewy0r-RCp7BpvyMlkU_csQRrxdUDwH8E5pDKQ7TsAkd2siBzxGXfLm4Cbw2KMNbzpFChu4IHYditfQ7NDCXpo4trBmjfo0wrlgJNJ6Ev6V8dFa9d1WQccCko_PaH25bvM6qy9XC9Owywc7eqrp4nCbUdre9_F1X8QT5cjJ1K7EauXK0O12VMBMxs2JhUNtS59tfgFuWpTR9APCRFBqOtc5UDpgCxa3AJlp3WiXfA7I0opOnBdsHpcSM5oE1PnlDv9hSqJN6CTO4WoTL78AkT_NlLh_kpdQh1W-xQ_S7TUdM18V0tJcGwsaDzi7uqrMuDiJ8Rn4AQBgAaDlJjj1KzUrV2gBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1ZxzDPY8B0zZOaUZ2Q4TddrRDzCg%26client%3Dca-pub-4663753467999594%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 -, , ASN (),
Reverse DNS
Software
Kestrel /
Resource Hash
6b6319ce3b4b545b569d62b375fb96994ebb64265dc6c0331f8b312c45b5bf94
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:35:02 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=1209600
content-length
17718
expires
Wed, 22 Mar 2023 18:06:27 GMT
img
imageproxy.eu.criteo.net/img/ Frame BFE8 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2000&q=80&r=0&u=https%3A%2F%2Fprod.pictures.autoscout24.net%2Flisting-images%2Fbf5b9cf6-4b2b-4368-95dd-c1b2df1cf2bd_944f1784-8b2c-4e57-ab11-8b5007c7cee2.jpg%2F1280x960.jpg&v=3&w=400&s=Nj4nHmgUK61VR34hfSyKh5PE&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZBKAVQAM2HMIEfB1AAlkZ_9xwddT7hYBjNkCew&u=%7CtL5M0cBJr6hUM1OTb3nul9t2gLQ456%2FJKMSvvDk%2FLl4%3D%7C&c1=YJ4X_nXZn4MS-Vyc1jpPlV4VTPO6xzWbMW9ePYRMUYXVfUoF4cAXWY4IDGxyAu5zOLBuBlPze-AX3ZVsQJGtw57CEIsnB4xvtzisV2IamoyYEv1G_xfosXphBmvyyeWyLHYscSWQnlN-n8ol_-8rBJfNE9hQ7t8p6M-wzoRjP6MI1XytYNZGZcpQbBu1mDk019XTpzxA0F3xm_LOZiIVwdvebgqO5IebWmPwZ7gwyhp9Oje4AYyrbnKfyGeLRyR3-B5qYHoHy-L5ul2timwYyhI0n_Ar_x-1a5Ps_hL8WZL_sjIy8ZX6eILr-Z_M614usVHFhEJMcAkPrRvWkmnyFe4yJ-vPn6A0CPBKO84wVDG7RvouXE_5fcPZ0eUr0Kn3mWEcReZsyrE4GXr3YSJTKaDEAOA_e-BbjYvTKZ1uzwHtBOX26TPw-UQaVA7xMWVf7JGQkW9NoJDE_M7uW6Ks3LgD3cBXrEI0wk-bUvJv7Ym_fNw9-cMMfl3EB23U2ZRS-zKhxm1uej0Q1SXI8HMTmCgpBjKcO9QU6VhIXg61MGDmfXbgzax187gYGsaqDUWJa2DumDTi3tF7NKLxclI049DHTCd_yRTfPkCfHxyv1j4Ws5hyjxYkdy5LZqNKcB73qKRcNMmGUls&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCOydXVYASZPOwM_Xgx_AP58il0AHJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2NjM3NTM0Njc5OTk1OTTIAQmpAgDnZx5_v7E-4AIAqAMBqgSEAk_QZ1_AETdkrhzfclfKtbKewy0r-RCp7BpvyMlkU_csQRrxdUDwH8E5pDKQ7TsAkd2siBzxGXfLm4Cbw2KMNbzpFChu4IHYditfQ7NDCXpo4trBmjfo0wrlgJNJ6Ev6V8dFa9d1WQccCko_PaH25bvM6qy9XC9Owywc7eqrp4nCbUdre9_F1X8QT5cjJ1K7EauXK0O12VMBMxs2JhUNtS59tfgFuWpTR9APCRFBqOtc5UDpgCxa3AJlp3WiXfA7I0opOnBdsHpcSM5oE1PnlDv9hSqJN6CTO4WoTL78AkT_NlLh_kpdQh1W-xQ_S7TUdM18V0tJcGwsaDzi7uqrMuDiJ8Rn4AQBgAaDlJjj1KzUrV2gBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1ZxzDPY8B0zZOaUZ2Q4TddrRDzCg%26client%3Dca-pub-4663753467999594%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 -, , ASN (),
Reverse DNS
Software
Kestrel /
Resource Hash
c70c3bb5e862f7c86db4e91ec2b56a8bc629572836f14bac8c42171503ab2c34
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:35:02 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=1209600
content-length
34360
expires
Thu, 23 Mar 2023 15:12:39 GMT
img
imageproxy.eu.criteo.net/img/ Frame BFE8 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2000&q=80&r=0&u=https%3A%2F%2Fprod.pictures.autoscout24.net%2Flisting-images%2F0d37489e-2e2c-4c85-b980-4ef75b6ad078_1a37162f-3393-4117-9434-01579750c358.jpg%2F1280x960.jpg&v=3&w=400&s=zS_uPWE6w5KtLWmmLdVV-_V8&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZBKAVQAM2HMIEfB1AAlkZ_9xwddT7hYBjNkCew&u=%7CtL5M0cBJr6hUM1OTb3nul9t2gLQ456%2FJKMSvvDk%2FLl4%3D%7C&c1=YJ4X_nXZn4MS-Vyc1jpPlV4VTPO6xzWbMW9ePYRMUYXVfUoF4cAXWY4IDGxyAu5zOLBuBlPze-AX3ZVsQJGtw57CEIsnB4xvtzisV2IamoyYEv1G_xfosXphBmvyyeWyLHYscSWQnlN-n8ol_-8rBJfNE9hQ7t8p6M-wzoRjP6MI1XytYNZGZcpQbBu1mDk019XTpzxA0F3xm_LOZiIVwdvebgqO5IebWmPwZ7gwyhp9Oje4AYyrbnKfyGeLRyR3-B5qYHoHy-L5ul2timwYyhI0n_Ar_x-1a5Ps_hL8WZL_sjIy8ZX6eILr-Z_M614usVHFhEJMcAkPrRvWkmnyFe4yJ-vPn6A0CPBKO84wVDG7RvouXE_5fcPZ0eUr0Kn3mWEcReZsyrE4GXr3YSJTKaDEAOA_e-BbjYvTKZ1uzwHtBOX26TPw-UQaVA7xMWVf7JGQkW9NoJDE_M7uW6Ks3LgD3cBXrEI0wk-bUvJv7Ym_fNw9-cMMfl3EB23U2ZRS-zKhxm1uej0Q1SXI8HMTmCgpBjKcO9QU6VhIXg61MGDmfXbgzax187gYGsaqDUWJa2DumDTi3tF7NKLxclI049DHTCd_yRTfPkCfHxyv1j4Ws5hyjxYkdy5LZqNKcB73qKRcNMmGUls&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCOydXVYASZPOwM_Xgx_AP58il0AHJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2NjM3NTM0Njc5OTk1OTTIAQmpAgDnZx5_v7E-4AIAqAMBqgSEAk_QZ1_AETdkrhzfclfKtbKewy0r-RCp7BpvyMlkU_csQRrxdUDwH8E5pDKQ7TsAkd2siBzxGXfLm4Cbw2KMNbzpFChu4IHYditfQ7NDCXpo4trBmjfo0wrlgJNJ6Ev6V8dFa9d1WQccCko_PaH25bvM6qy9XC9Owywc7eqrp4nCbUdre9_F1X8QT5cjJ1K7EauXK0O12VMBMxs2JhUNtS59tfgFuWpTR9APCRFBqOtc5UDpgCxa3AJlp3WiXfA7I0opOnBdsHpcSM5oE1PnlDv9hSqJN6CTO4WoTL78AkT_NlLh_kpdQh1W-xQ_S7TUdM18V0tJcGwsaDzi7uqrMuDiJ8Rn4AQBgAaDlJjj1KzUrV2gBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1ZxzDPY8B0zZOaUZ2Q4TddrRDzCg%26client%3Dca-pub-4663753467999594%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 -, , ASN (),
Reverse DNS
Software
Kestrel /
Resource Hash
6ea5c941a4ef5e05a75f50fa3306f69e6fa1f8b6a181b28f70dee20ed7de985a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:35:02 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=1209600
content-length
23402
expires
Wed, 22 Mar 2023 08:35:35 GMT
img
imageproxy.eu.criteo.net/img/ Frame BFE8 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2000&q=80&r=0&u=https%3A%2F%2Fprod.pictures.autoscout24.net%2Flisting-images%2F79ecb220-fcc2-465c-be70-1bb899ad7dad_d2295400-2ab8-46bf-9ec2-a1cfb5df4a0f.jpg%2F1280x960.jpg&v=3&w=400&s=7rIAMBh5FVOhpkwAOk88i4iO&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZBKAVQAM2HMIEfB1AAlkZ_9xwddT7hYBjNkCew&u=%7CtL5M0cBJr6hUM1OTb3nul9t2gLQ456%2FJKMSvvDk%2FLl4%3D%7C&c1=YJ4X_nXZn4MS-Vyc1jpPlV4VTPO6xzWbMW9ePYRMUYXVfUoF4cAXWY4IDGxyAu5zOLBuBlPze-AX3ZVsQJGtw57CEIsnB4xvtzisV2IamoyYEv1G_xfosXphBmvyyeWyLHYscSWQnlN-n8ol_-8rBJfNE9hQ7t8p6M-wzoRjP6MI1XytYNZGZcpQbBu1mDk019XTpzxA0F3xm_LOZiIVwdvebgqO5IebWmPwZ7gwyhp9Oje4AYyrbnKfyGeLRyR3-B5qYHoHy-L5ul2timwYyhI0n_Ar_x-1a5Ps_hL8WZL_sjIy8ZX6eILr-Z_M614usVHFhEJMcAkPrRvWkmnyFe4yJ-vPn6A0CPBKO84wVDG7RvouXE_5fcPZ0eUr0Kn3mWEcReZsyrE4GXr3YSJTKaDEAOA_e-BbjYvTKZ1uzwHtBOX26TPw-UQaVA7xMWVf7JGQkW9NoJDE_M7uW6Ks3LgD3cBXrEI0wk-bUvJv7Ym_fNw9-cMMfl3EB23U2ZRS-zKhxm1uej0Q1SXI8HMTmCgpBjKcO9QU6VhIXg61MGDmfXbgzax187gYGsaqDUWJa2DumDTi3tF7NKLxclI049DHTCd_yRTfPkCfHxyv1j4Ws5hyjxYkdy5LZqNKcB73qKRcNMmGUls&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCOydXVYASZPOwM_Xgx_AP58il0AHJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2NjM3NTM0Njc5OTk1OTTIAQmpAgDnZx5_v7E-4AIAqAMBqgSEAk_QZ1_AETdkrhzfclfKtbKewy0r-RCp7BpvyMlkU_csQRrxdUDwH8E5pDKQ7TsAkd2siBzxGXfLm4Cbw2KMNbzpFChu4IHYditfQ7NDCXpo4trBmjfo0wrlgJNJ6Ev6V8dFa9d1WQccCko_PaH25bvM6qy9XC9Owywc7eqrp4nCbUdre9_F1X8QT5cjJ1K7EauXK0O12VMBMxs2JhUNtS59tfgFuWpTR9APCRFBqOtc5UDpgCxa3AJlp3WiXfA7I0opOnBdsHpcSM5oE1PnlDv9hSqJN6CTO4WoTL78AkT_NlLh_kpdQh1W-xQ_S7TUdM18V0tJcGwsaDzi7uqrMuDiJ8Rn4AQBgAaDlJjj1KzUrV2gBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1ZxzDPY8B0zZOaUZ2Q4TddrRDzCg%26client%3Dca-pub-4663753467999594%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 -, , ASN (),
Reverse DNS
Software
Kestrel /
Resource Hash
ac7893b03956fae168dea35abf52a62ebd93953e78d024d74dcd05a3aef9c518
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:35:02 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=1209600
content-length
23774
expires
Wed, 22 Mar 2023 08:41:00 GMT
img
imageproxy.eu.criteo.net/img/ Frame BFE8 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2000&q=80&r=0&u=https%3A%2F%2Fprod.pictures.autoscout24.net%2Flisting-images%2F584c6cd6-2cf7-481a-902c-ec495299f5c3_3771d9e6-31ca-4d3f-b847-7d95ac778449.jpg%2F1280x960.jpg&v=3&w=400&s=bPLaBLx2Jnqw3G2onnZRt7g4&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZBKAVQAM2HMIEfB1AAlkZ_9xwddT7hYBjNkCew&u=%7CtL5M0cBJr6hUM1OTb3nul9t2gLQ456%2FJKMSvvDk%2FLl4%3D%7C&c1=YJ4X_nXZn4MS-Vyc1jpPlV4VTPO6xzWbMW9ePYRMUYXVfUoF4cAXWY4IDGxyAu5zOLBuBlPze-AX3ZVsQJGtw57CEIsnB4xvtzisV2IamoyYEv1G_xfosXphBmvyyeWyLHYscSWQnlN-n8ol_-8rBJfNE9hQ7t8p6M-wzoRjP6MI1XytYNZGZcpQbBu1mDk019XTpzxA0F3xm_LOZiIVwdvebgqO5IebWmPwZ7gwyhp9Oje4AYyrbnKfyGeLRyR3-B5qYHoHy-L5ul2timwYyhI0n_Ar_x-1a5Ps_hL8WZL_sjIy8ZX6eILr-Z_M614usVHFhEJMcAkPrRvWkmnyFe4yJ-vPn6A0CPBKO84wVDG7RvouXE_5fcPZ0eUr0Kn3mWEcReZsyrE4GXr3YSJTKaDEAOA_e-BbjYvTKZ1uzwHtBOX26TPw-UQaVA7xMWVf7JGQkW9NoJDE_M7uW6Ks3LgD3cBXrEI0wk-bUvJv7Ym_fNw9-cMMfl3EB23U2ZRS-zKhxm1uej0Q1SXI8HMTmCgpBjKcO9QU6VhIXg61MGDmfXbgzax187gYGsaqDUWJa2DumDTi3tF7NKLxclI049DHTCd_yRTfPkCfHxyv1j4Ws5hyjxYkdy5LZqNKcB73qKRcNMmGUls&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCOydXVYASZPOwM_Xgx_AP58il0AHJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2NjM3NTM0Njc5OTk1OTTIAQmpAgDnZx5_v7E-4AIAqAMBqgSEAk_QZ1_AETdkrhzfclfKtbKewy0r-RCp7BpvyMlkU_csQRrxdUDwH8E5pDKQ7TsAkd2siBzxGXfLm4Cbw2KMNbzpFChu4IHYditfQ7NDCXpo4trBmjfo0wrlgJNJ6Ev6V8dFa9d1WQccCko_PaH25bvM6qy9XC9Owywc7eqrp4nCbUdre9_F1X8QT5cjJ1K7EauXK0O12VMBMxs2JhUNtS59tfgFuWpTR9APCRFBqOtc5UDpgCxa3AJlp3WiXfA7I0opOnBdsHpcSM5oE1PnlDv9hSqJN6CTO4WoTL78AkT_NlLh_kpdQh1W-xQ_S7TUdM18V0tJcGwsaDzi7uqrMuDiJ8Rn4AQBgAaDlJjj1KzUrV2gBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1ZxzDPY8B0zZOaUZ2Q4TddrRDzCg%26client%3Dca-pub-4663753467999594%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 -, , ASN (),
Reverse DNS
Software
Kestrel /
Resource Hash
7e4e0a17a11f8e0006e161e4a387358f2919f2d6868829f07484808d483998df
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:35:01 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=1209600
content-length
37608
expires
Thu, 23 Mar 2023 01:56:05 GMT
img
imageproxy.eu.criteo.net/img/ Frame BFE8 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2000&q=80&r=0&u=https%3A%2F%2Fprod.pictures.autoscout24.net%2Flisting-images%2Fd891ed8f-77ea-4f52-b159-55cd6d5cb8f2_90233b37-66b3-4c33-a120-938010bd201a.jpg%2F1280x960.jpg&v=3&w=400&s=aRNO7DPQV1_vHvW9NvdOr7EI&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZBKAVQAM2HMIEfB1AAlkZ_9xwddT7hYBjNkCew&u=%7CtL5M0cBJr6hUM1OTb3nul9t2gLQ456%2FJKMSvvDk%2FLl4%3D%7C&c1=YJ4X_nXZn4MS-Vyc1jpPlV4VTPO6xzWbMW9ePYRMUYXVfUoF4cAXWY4IDGxyAu5zOLBuBlPze-AX3ZVsQJGtw57CEIsnB4xvtzisV2IamoyYEv1G_xfosXphBmvyyeWyLHYscSWQnlN-n8ol_-8rBJfNE9hQ7t8p6M-wzoRjP6MI1XytYNZGZcpQbBu1mDk019XTpzxA0F3xm_LOZiIVwdvebgqO5IebWmPwZ7gwyhp9Oje4AYyrbnKfyGeLRyR3-B5qYHoHy-L5ul2timwYyhI0n_Ar_x-1a5Ps_hL8WZL_sjIy8ZX6eILr-Z_M614usVHFhEJMcAkPrRvWkmnyFe4yJ-vPn6A0CPBKO84wVDG7RvouXE_5fcPZ0eUr0Kn3mWEcReZsyrE4GXr3YSJTKaDEAOA_e-BbjYvTKZ1uzwHtBOX26TPw-UQaVA7xMWVf7JGQkW9NoJDE_M7uW6Ks3LgD3cBXrEI0wk-bUvJv7Ym_fNw9-cMMfl3EB23U2ZRS-zKhxm1uej0Q1SXI8HMTmCgpBjKcO9QU6VhIXg61MGDmfXbgzax187gYGsaqDUWJa2DumDTi3tF7NKLxclI049DHTCd_yRTfPkCfHxyv1j4Ws5hyjxYkdy5LZqNKcB73qKRcNMmGUls&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCOydXVYASZPOwM_Xgx_AP58il0AHJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2NjM3NTM0Njc5OTk1OTTIAQmpAgDnZx5_v7E-4AIAqAMBqgSEAk_QZ1_AETdkrhzfclfKtbKewy0r-RCp7BpvyMlkU_csQRrxdUDwH8E5pDKQ7TsAkd2siBzxGXfLm4Cbw2KMNbzpFChu4IHYditfQ7NDCXpo4trBmjfo0wrlgJNJ6Ev6V8dFa9d1WQccCko_PaH25bvM6qy9XC9Owywc7eqrp4nCbUdre9_F1X8QT5cjJ1K7EauXK0O12VMBMxs2JhUNtS59tfgFuWpTR9APCRFBqOtc5UDpgCxa3AJlp3WiXfA7I0opOnBdsHpcSM5oE1PnlDv9hSqJN6CTO4WoTL78AkT_NlLh_kpdQh1W-xQ_S7TUdM18V0tJcGwsaDzi7uqrMuDiJ8Rn4AQBgAaDlJjj1KzUrV2gBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1ZxzDPY8B0zZOaUZ2Q4TddrRDzCg%26client%3Dca-pub-4663753467999594%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 -, , ASN (),
Reverse DNS
Software
Kestrel /
Resource Hash
263b4fb33d72825df3bc3233191adc056b33d24b65f6ef874650d28b3c85fe9f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:35:02 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=1209600
content-length
17072
expires
Wed, 22 Mar 2023 10:14:16 GMT
img
imageproxy.eu.criteo.net/img/ Frame BFE8 		133 KB
133 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?h=1200&m=0&partner=2000&q=80&r=0&u=http%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F2000%2F220429%2F6a0067bf4afe49a0a7c182dac5a60db1_img_square_1.png&v=3&w=1200&s=LCf7rix-_tcdCgtoDKSCgzeJ
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZBKAVQAM2HMIEfB1AAlkZ_9xwddT7hYBjNkCew&u=%7CtL5M0cBJr6hUM1OTb3nul9t2gLQ456%2FJKMSvvDk%2FLl4%3D%7C&c1=YJ4X_nXZn4MS-Vyc1jpPlV4VTPO6xzWbMW9ePYRMUYXVfUoF4cAXWY4IDGxyAu5zOLBuBlPze-AX3ZVsQJGtw57CEIsnB4xvtzisV2IamoyYEv1G_xfosXphBmvyyeWyLHYscSWQnlN-n8ol_-8rBJfNE9hQ7t8p6M-wzoRjP6MI1XytYNZGZcpQbBu1mDk019XTpzxA0F3xm_LOZiIVwdvebgqO5IebWmPwZ7gwyhp9Oje4AYyrbnKfyGeLRyR3-B5qYHoHy-L5ul2timwYyhI0n_Ar_x-1a5Ps_hL8WZL_sjIy8ZX6eILr-Z_M614usVHFhEJMcAkPrRvWkmnyFe4yJ-vPn6A0CPBKO84wVDG7RvouXE_5fcPZ0eUr0Kn3mWEcReZsyrE4GXr3YSJTKaDEAOA_e-BbjYvTKZ1uzwHtBOX26TPw-UQaVA7xMWVf7JGQkW9NoJDE_M7uW6Ks3LgD3cBXrEI0wk-bUvJv7Ym_fNw9-cMMfl3EB23U2ZRS-zKhxm1uej0Q1SXI8HMTmCgpBjKcO9QU6VhIXg61MGDmfXbgzax187gYGsaqDUWJa2DumDTi3tF7NKLxclI049DHTCd_yRTfPkCfHxyv1j4Ws5hyjxYkdy5LZqNKcB73qKRcNMmGUls&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCOydXVYASZPOwM_Xgx_AP58il0AHJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2NjM3NTM0Njc5OTk1OTTIAQmpAgDnZx5_v7E-4AIAqAMBqgSEAk_QZ1_AETdkrhzfclfKtbKewy0r-RCp7BpvyMlkU_csQRrxdUDwH8E5pDKQ7TsAkd2siBzxGXfLm4Cbw2KMNbzpFChu4IHYditfQ7NDCXpo4trBmjfo0wrlgJNJ6Ev6V8dFa9d1WQccCko_PaH25bvM6qy9XC9Owywc7eqrp4nCbUdre9_F1X8QT5cjJ1K7EauXK0O12VMBMxs2JhUNtS59tfgFuWpTR9APCRFBqOtc5UDpgCxa3AJlp3WiXfA7I0opOnBdsHpcSM5oE1PnlDv9hSqJN6CTO4WoTL78AkT_NlLh_kpdQh1W-xQ_S7TUdM18V0tJcGwsaDzi7uqrMuDiJ8Rn4AQBgAaDlJjj1KzUrV2gBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1ZxzDPY8B0zZOaUZ2Q4TddrRDzCg%26client%3Dca-pub-4663753467999594%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 -, , ASN (),
Reverse DNS
Software
Kestrel /
Resource Hash
053a545a2651da3eb3900d00bf4d2a71cd6963612e64bfac036ba55554b2672b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:35:02 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=31104000
content-length
136144
expires
Sun, 25 Feb 2024 14:50:22 GMT
all
csm.eu.criteo.net/ Frame BFE8 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=b34X4ZbAYzd9tt7luo2V7jaNB7LzZLJ6jJOPcYajF_aEVmghjfKcG_GSxlR5UCuTVZYXKWJFnm2fHqOxFwWT5Ll2lh6fRX6MCBZoiTB2jW6Ei7E4O8ije1f_Za7rk2zI7EVfEw6aEjvbLIH8wuf9iOf1DZmHZ_VITBNnxr29_qKmOth2RPg8GtApSyABMQhZczDkcl0w6gqH2xeZyJd8du4yradHZL6Lrvk3fqmOfppk8nkPilTH9JgEkcyiEwFYeR7XYA&sds=2&rev=85089&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZBKAVQAM2HMIEfB1AAlkZ_9xwddT7hYBjNkCew&u=%7CtL5M0cBJr6hUM1OTb3nul9t2gLQ456%2FJKMSvvDk%2FLl4%3D%7C&c1=YJ4X_nXZn4MS-Vyc1jpPlV4VTPO6xzWbMW9ePYRMUYXVfUoF4cAXWY4IDGxyAu5zOLBuBlPze-AX3ZVsQJGtw57CEIsnB4xvtzisV2IamoyYEv1G_xfosXphBmvyyeWyLHYscSWQnlN-n8ol_-8rBJfNE9hQ7t8p6M-wzoRjP6MI1XytYNZGZcpQbBu1mDk019XTpzxA0F3xm_LOZiIVwdvebgqO5IebWmPwZ7gwyhp9Oje4AYyrbnKfyGeLRyR3-B5qYHoHy-L5ul2timwYyhI0n_Ar_x-1a5Ps_hL8WZL_sjIy8ZX6eILr-Z_M614usVHFhEJMcAkPrRvWkmnyFe4yJ-vPn6A0CPBKO84wVDG7RvouXE_5fcPZ0eUr0Kn3mWEcReZsyrE4GXr3YSJTKaDEAOA_e-BbjYvTKZ1uzwHtBOX26TPw-UQaVA7xMWVf7JGQkW9NoJDE_M7uW6Ks3LgD3cBXrEI0wk-bUvJv7Ym_fNw9-cMMfl3EB23U2ZRS-zKhxm1uej0Q1SXI8HMTmCgpBjKcO9QU6VhIXg61MGDmfXbgzax187gYGsaqDUWJa2DumDTi3tF7NKLxclI049DHTCd_yRTfPkCfHxyv1j4Ws5hyjxYkdy5LZqNKcB73qKRcNMmGUls&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCOydXVYASZPOwM_Xgx_AP58il0AHJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2NjM3NTM0Njc5OTk1OTTIAQmpAgDnZx5_v7E-4AIAqAMBqgSEAk_QZ1_AETdkrhzfclfKtbKewy0r-RCp7BpvyMlkU_csQRrxdUDwH8E5pDKQ7TsAkd2siBzxGXfLm4Cbw2KMNbzpFChu4IHYditfQ7NDCXpo4trBmjfo0wrlgJNJ6Ev6V8dFa9d1WQccCko_PaH25bvM6qy9XC9Owywc7eqrp4nCbUdre9_F1X8QT5cjJ1K7EauXK0O12VMBMxs2JhUNtS59tfgFuWpTR9APCRFBqOtc5UDpgCxa3AJlp3WiXfA7I0opOnBdsHpcSM5oE1PnlDv9hSqJN6CTO4WoTL78AkT_NlLh_kpdQh1W-xQ_S7TUdM18V0tJcGwsaDzi7uqrMuDiJ8Rn4AQBgAaDlJjj1KzUrV2gBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1ZxzDPY8B0zZOaUZ2Q4TddrRDzCg%26client%3Dca-pub-4663753467999594%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::21 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 16 Mar 2023 02:35:01 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame BFE8 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZBKAVQAM2HMIEfB1AAlkZ_9xwddT7hYBjNkCew&u=%7CtL5M0cBJr6hUM1OTb3nul9t2gLQ456%2FJKMSvvDk%2FLl4%3D%7C&c1=YJ4X_nXZn4MS-Vyc1jpPlV4VTPO6xzWbMW9ePYRMUYXVfUoF4cAXWY4IDGxyAu5zOLBuBlPze-AX3ZVsQJGtw57CEIsnB4xvtzisV2IamoyYEv1G_xfosXphBmvyyeWyLHYscSWQnlN-n8ol_-8rBJfNE9hQ7t8p6M-wzoRjP6MI1XytYNZGZcpQbBu1mDk019XTpzxA0F3xm_LOZiIVwdvebgqO5IebWmPwZ7gwyhp9Oje4AYyrbnKfyGeLRyR3-B5qYHoHy-L5ul2timwYyhI0n_Ar_x-1a5Ps_hL8WZL_sjIy8ZX6eILr-Z_M614usVHFhEJMcAkPrRvWkmnyFe4yJ-vPn6A0CPBKO84wVDG7RvouXE_5fcPZ0eUr0Kn3mWEcReZsyrE4GXr3YSJTKaDEAOA_e-BbjYvTKZ1uzwHtBOX26TPw-UQaVA7xMWVf7JGQkW9NoJDE_M7uW6Ks3LgD3cBXrEI0wk-bUvJv7Ym_fNw9-cMMfl3EB23U2ZRS-zKhxm1uej0Q1SXI8HMTmCgpBjKcO9QU6VhIXg61MGDmfXbgzax187gYGsaqDUWJa2DumDTi3tF7NKLxclI049DHTCd_yRTfPkCfHxyv1j4Ws5hyjxYkdy5LZqNKcB73qKRcNMmGUls&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCOydXVYASZPOwM_Xgx_AP58il0AHJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2NjM3NTM0Njc5OTk1OTTIAQmpAgDnZx5_v7E-4AIAqAMBqgSEAk_QZ1_AETdkrhzfclfKtbKewy0r-RCp7BpvyMlkU_csQRrxdUDwH8E5pDKQ7TsAkd2siBzxGXfLm4Cbw2KMNbzpFChu4IHYditfQ7NDCXpo4trBmjfo0wrlgJNJ6Ev6V8dFa9d1WQccCko_PaH25bvM6qy9XC9Owywc7eqrp4nCbUdre9_F1X8QT5cjJ1K7EauXK0O12VMBMxs2JhUNtS59tfgFuWpTR9APCRFBqOtc5UDpgCxa3AJlp3WiXfA7I0opOnBdsHpcSM5oE1PnlDv9hSqJN6CTO4WoTL78AkT_NlLh_kpdQh1W-xQ_S7TUdM18V0tJcGwsaDzi7uqrMuDiJ8Rn4AQBgAaDlJjj1KzUrV2gBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1ZxzDPY8B0zZOaUZ2Q4TddrRDzCg%26client%3Dca-pub-4663753467999594%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:35:02 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 10 Mar 2024 02:35:02 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame BFE8 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZBKAVQAM2HMIEfB1AAlkZ_9xwddT7hYBjNkCew&u=%7CtL5M0cBJr6hUM1OTb3nul9t2gLQ456%2FJKMSvvDk%2FLl4%3D%7C&c1=YJ4X_nXZn4MS-Vyc1jpPlV4VTPO6xzWbMW9ePYRMUYXVfUoF4cAXWY4IDGxyAu5zOLBuBlPze-AX3ZVsQJGtw57CEIsnB4xvtzisV2IamoyYEv1G_xfosXphBmvyyeWyLHYscSWQnlN-n8ol_-8rBJfNE9hQ7t8p6M-wzoRjP6MI1XytYNZGZcpQbBu1mDk019XTpzxA0F3xm_LOZiIVwdvebgqO5IebWmPwZ7gwyhp9Oje4AYyrbnKfyGeLRyR3-B5qYHoHy-L5ul2timwYyhI0n_Ar_x-1a5Ps_hL8WZL_sjIy8ZX6eILr-Z_M614usVHFhEJMcAkPrRvWkmnyFe4yJ-vPn6A0CPBKO84wVDG7RvouXE_5fcPZ0eUr0Kn3mWEcReZsyrE4GXr3YSJTKaDEAOA_e-BbjYvTKZ1uzwHtBOX26TPw-UQaVA7xMWVf7JGQkW9NoJDE_M7uW6Ks3LgD3cBXrEI0wk-bUvJv7Ym_fNw9-cMMfl3EB23U2ZRS-zKhxm1uej0Q1SXI8HMTmCgpBjKcO9QU6VhIXg61MGDmfXbgzax187gYGsaqDUWJa2DumDTi3tF7NKLxclI049DHTCd_yRTfPkCfHxyv1j4Ws5hyjxYkdy5LZqNKcB73qKRcNMmGUls&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCOydXVYASZPOwM_Xgx_AP58il0AHJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2NjM3NTM0Njc5OTk1OTTIAQmpAgDnZx5_v7E-4AIAqAMBqgSEAk_QZ1_AETdkrhzfclfKtbKewy0r-RCp7BpvyMlkU_csQRrxdUDwH8E5pDKQ7TsAkd2siBzxGXfLm4Cbw2KMNbzpFChu4IHYditfQ7NDCXpo4trBmjfo0wrlgJNJ6Ev6V8dFa9d1WQccCko_PaH25bvM6qy9XC9Owywc7eqrp4nCbUdre9_F1X8QT5cjJ1K7EauXK0O12VMBMxs2JhUNtS59tfgFuWpTR9APCRFBqOtc5UDpgCxa3AJlp3WiXfA7I0opOnBdsHpcSM5oE1PnlDv9hSqJN6CTO4WoTL78AkT_NlLh_kpdQh1W-xQ_S7TUdM18V0tJcGwsaDzi7uqrMuDiJ8Rn4AQBgAaDlJjj1KzUrV2gBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1ZxzDPY8B0zZOaUZ2Q4TddrRDzCg%26client%3Dca-pub-4663753467999594%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:35:02 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 10 Mar 2024 02:35:02 GMT
adunitMapping
webservices.webspectator.com/ Frame 106F 		727 B
767 B 		Script
General
Check archive.org
Download Go to
Full URL
https://webservices.webspectator.com/adunitMapping?appId=2739&eaup=/22452847/Istoe_Home&eolid=null&eci=null&ct=%7B%7D&w=970&h=250&wsRotSlot=&isda=1
Requested by
Host: wfpscripts.webspectator.com
URL: https://wfpscripts.webspectator.com/ws-4.4.62.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.192.67.210 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-192-67-210.compute-1.amazonaws.com
Software
WildFly/10 / Undertow/1
Resource Hash
73e0c7f304816b1d77d0fbd325454d51414e2fbb612da76cd4fc307ecbdec85d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://istoe.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 16 Mar 2023 02:35:02 GMT
Content-Encoding
gzip
Server
WildFly/10
X-Powered-By
Undertow/1
Transfer-Encoding
chunked
Content-Type
text/javascript;charset=UTF-8
X-NoCache
true
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Jan 1970 00:00:00 GMT
default.css
as.ad4m.at/ad/style/0.1.35/one-ad/ Frame A7D1 		94 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.35/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15573%2C196439%2C321735&b=G1rtBfpfVz7cKHeHGtPtdwJHZSYTJJkCQV5M%2CM7YHzfrfjePRUWHEHGtDt2jpCBS4TxxZhE2wV%2C3qjcpf4fVbD3f7HrHAtEtMAbQaPSWTKKMsg2Y3&f=Vb8twfmfRKbSVHbHAtXC4bmHBSzTggWuDJ7x%2C61wtef3fMW9mfeHmHYtEC5kmtYS1T33PTERYG%2CWPefrfdfVrKWfYH5HjtDCEP1qt3SETVVmU9Q8W&c=120&d=600&e=&g=869f10d2fd16e15a18b2b3676b17bd38%2F15749568168597614057&i=26474%2C25174%2C110819&j=41%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1678934102297&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jy1z1n2g71jdkm05axvscd31wzx33vbmt1hb5g2f17s232h860htthpjwjfb9v7msbt2qpvrjkjtgcvrx4r412qkcdm2n247vbs83pxt0p11j7mgtrjvaxr38bkacjn4g8sc21ahqzae1g0bxbzmtng5k78g30bd721r7yzkvdvnh3sht53w1812ab08f3p8rtgx49tayr11m62y8m9qnqqkmbpm2rk0pbtnmc5sh19erqw8gxcsm9nb9j4187jj44mp3shj2p1wcebrgxpkj2j%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCIcIfVYASZLbjII2VgAfdx5iYA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2NjM3NTM0Njc5OTk1OTTIAQmpAgDnZx5_v7E-4AIAqAMBqgSFAk_QGQSz3xJT6XZ4DEnkwwisfGIhGSDp8Jl6OntfMt1X59Cerd7AVG0oaSmxr47qczQUoJn5e1AQiJIuRgvJYRyU-OaaUlm9Ae5C0vazt3UXYvVUvVyq74YmFOEigWHkDkSOyX-u85m94P4Otz_QOfqGujjmzZ8ynG9-W3ZlsXpXlYg2E7U7xGrRqAk6L2FKukezTrEUzS5bRt4OOiMByl2VWfsqT7Xe2LVZSHMArglChQHj_M2dDJBVA64T_9L_cF4Su6tFRK7kc-QTL1qhkVOd18PwIHLajW93m4DZCvNRDVBBNl0ze5aqPSaoUEB0mckcXlJVuwKFcJOvL-fEPOVmT57nteAEAYAG79rjt9a5xbd1oAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1-Or66cd7sSfL0C0ihoipdMfswLQ%2526client%253Dca-pub-4663753467999594%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
926a4ca073c39c40cabffbf1b0371803f245f084cdb9177fc7b3f9d81c0e394d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/rar?a=15573%2C196439%2C321735&b=G1rtBfpfVz7cKHeHGtPtdwJHZSYTJJkCQV5M%2CM7YHzfrfjePRUWHEHGtDt2jpCBS4TxxZhE2wV%2C3qjcpf4fVbD3f7HrHAtEtMAbQaPSWTKKMsg2Y3&f=Vb8twfmfRKbSVHbHAtXC4bmHBSzTggWuDJ7x%2C61wtef3fMW9mfeHmHYtEC5kmtYS1T33PTERYG%2CWPefrfdfVrKWfYH5HjtDCEP1qt3SETVVmU9Q8W&c=120&d=600&e=&g=869f10d2fd16e15a18b2b3676b17bd38%2F15749568168597614057&i=26474%2C25174%2C110819&j=41%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1678934102297&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jy1z1n2g71jdkm05axvscd31wzx33vbmt1hb5g2f17s232h860htthpjwjfb9v7msbt2qpvrjkjtgcvrx4r412qkcdm2n247vbs83pxt0p11j7mgtrjvaxr38bkacjn4g8sc21ahqzae1g0bxbzmtng5k78g30bd721r7yzkvdvnh3sht53w1812ab08f3p8rtgx49tayr11m62y8m9qnqqkmbpm2rk0pbtnmc5sh19erqw8gxcsm9nb9j4187jj44mp3shj2p1wcebrgxpkj2j%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCIcIfVYASZLbjII2VgAfdx5iYA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2NjM3NTM0Njc5OTk1OTTIAQmpAgDnZx5_v7E-4AIAqAMBqgSFAk_QGQSz3xJT6XZ4DEnkwwisfGIhGSDp8Jl6OntfMt1X59Cerd7AVG0oaSmxr47qczQUoJn5e1AQiJIuRgvJYRyU-OaaUlm9Ae5C0vazt3UXYvVUvVyq74YmFOEigWHkDkSOyX-u85m94P4Otz_QOfqGujjmzZ8ynG9-W3ZlsXpXlYg2E7U7xGrRqAk6L2FKukezTrEUzS5bRt4OOiMByl2VWfsqT7Xe2LVZSHMArglChQHj_M2dDJBVA64T_9L_cF4Su6tFRK7kc-QTL1qhkVOd18PwIHLajW93m4DZCvNRDVBBNl0ze5aqPSaoUEB0mckcXlJVuwKFcJOvL-fEPOVmT57nteAEAYAG79rjt9a5xbd1oAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1-Or66cd7sSfL0C0ihoipdMfswLQ%2526client%253Dca-pub-4663753467999594%2526adurl%253D&y=1&s=&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:35:02 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime
1677666448
age
57690
cf-polished
origSize=96968
x-guploader-uploadid
ADPycduxnnyMRJTFaD4Dg7Hd8aRn6xTYu1PRy7TXWWh0GjCBxwAMZMkehaNAf-UCycuwqnGLPQWuj1EZCp5aL6ZRZOMYGSoR-sy7
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 01 Mar 2023 10:28:06 GMT
server
cloudflare
etag
W/"6110dc3a24c902508647a582294bcc25"
vary
Accept-Encoding
x-goog-generation
1677666486645030
content-type
text/css
x-goog-hash
crc32c=6qzuyQ==, md5=YRDcOiTJAlCGR6WCKUvMJQ==
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NAAB10F6r%2BgbaPbYca45v%2FeyJxFZGOXAPPFeGQPgXksH5SsJcQIl2JZ1Js7499W410sqb%2B3aQyv3Ns3%2F9Q9th3v8gzv1y6zZiuRUPNDFYcYMn8pf5mjxvzzshK0IXQs0bO5MnqFcME8%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
96968
cf-ray
7a8999bc5bd49213-FRA
expires
Thu, 16 Mar 2023 03:35:02 GMT
E622BC9BD82AE6F51E341CE5BBC00C7BCEF1113266FC86A7954D357A123D68059FD32592A221C64F87EEABAF18D4698D5388E6B9CA984D807BB6BB7E4D07744E
assets.ad4m.at/logo/ Frame A7D1 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/E622BC9BD82AE6F51E341CE5BBC00C7BCEF1113266FC86A7954D357A123D68059FD32592A221C64F87EEABAF18D4698D5388E6B9CA984D807BB6BB7E4D07744E
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15573%2C196439%2C321735&b=G1rtBfpfVz7cKHeHGtPtdwJHZSYTJJkCQV5M%2CM7YHzfrfjePRUWHEHGtDt2jpCBS4TxxZhE2wV%2C3qjcpf4fVbD3f7HrHAtEtMAbQaPSWTKKMsg2Y3&f=Vb8twfmfRKbSVHbHAtXC4bmHBSzTggWuDJ7x%2C61wtef3fMW9mfeHmHYtEC5kmtYS1T33PTERYG%2CWPefrfdfVrKWfYH5HjtDCEP1qt3SETVVmU9Q8W&c=120&d=600&e=&g=869f10d2fd16e15a18b2b3676b17bd38%2F15749568168597614057&i=26474%2C25174%2C110819&j=41%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1678934102297&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jy1z1n2g71jdkm05axvscd31wzx33vbmt1hb5g2f17s232h860htthpjwjfb9v7msbt2qpvrjkjtgcvrx4r412qkcdm2n247vbs83pxt0p11j7mgtrjvaxr38bkacjn4g8sc21ahqzae1g0bxbzmtng5k78g30bd721r7yzkvdvnh3sht53w1812ab08f3p8rtgx49tayr11m62y8m9qnqqkmbpm2rk0pbtnmc5sh19erqw8gxcsm9nb9j4187jj44mp3shj2p1wcebrgxpkj2j%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCIcIfVYASZLbjII2VgAfdx5iYA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2NjM3NTM0Njc5OTk1OTTIAQmpAgDnZx5_v7E-4AIAqAMBqgSFAk_QGQSz3xJT6XZ4DEnkwwisfGIhGSDp8Jl6OntfMt1X59Cerd7AVG0oaSmxr47qczQUoJn5e1AQiJIuRgvJYRyU-OaaUlm9Ae5C0vazt3UXYvVUvVyq74YmFOEigWHkDkSOyX-u85m94P4Otz_QOfqGujjmzZ8ynG9-W3ZlsXpXlYg2E7U7xGrRqAk6L2FKukezTrEUzS5bRt4OOiMByl2VWfsqT7Xe2LVZSHMArglChQHj_M2dDJBVA64T_9L_cF4Su6tFRK7kc-QTL1qhkVOd18PwIHLajW93m4DZCvNRDVBBNl0ze5aqPSaoUEB0mckcXlJVuwKFcJOvL-fEPOVmT57nteAEAYAG79rjt9a5xbd1oAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1-Or66cd7sSfL0C0ihoipdMfswLQ%2526client%253Dca-pub-4663753467999594%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a85b1179ca4ed7dc5ea897d1b565a69ccae8d2aad29dff7bb874da7d94538bff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:35:02 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2351183
cf-polished
qual=85, origFmt=jpeg, origSize=58124
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9782
cf-bgj
imgq:85,h2pri
last-modified
Fri, 08 Jul 2022 10:19:52 GMT
server
cloudflare
etag
"b4342e277c43aad9c5020a04564bfd1e"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bZWExBAaiOrmuW%2FnLvew3k%2FwauInp28s364LwHsW1vpoHYfROQ%2FsfFSpAGXzUEA0%2F0zrC0jghQ4eFHDp2fZIKiWhGbxDdUcnFXf%2B%2BOnbcaODSEzfLxtwCOf150CJQaVcmS5fOgfdvNoj3wws"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7a8999bc5bd79213-FRA
expires
Fri, 17 Mar 2023 02:35:02 GMT
7959CC8A5841863E2029D11337BD9743816B11539BB7B5FE82C05DA418BFFEA9B2B39CC1367019AB169ACFDD5A75E84454CFD285683B9548532D984CEBD8DAF8
assets.ad4m.at/product_image/ Frame A7D1 		51 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/7959CC8A5841863E2029D11337BD9743816B11539BB7B5FE82C05DA418BFFEA9B2B39CC1367019AB169ACFDD5A75E84454CFD285683B9548532D984CEBD8DAF8
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15573%2C196439%2C321735&b=G1rtBfpfVz7cKHeHGtPtdwJHZSYTJJkCQV5M%2CM7YHzfrfjePRUWHEHGtDt2jpCBS4TxxZhE2wV%2C3qjcpf4fVbD3f7HrHAtEtMAbQaPSWTKKMsg2Y3&f=Vb8twfmfRKbSVHbHAtXC4bmHBSzTggWuDJ7x%2C61wtef3fMW9mfeHmHYtEC5kmtYS1T33PTERYG%2CWPefrfdfVrKWfYH5HjtDCEP1qt3SETVVmU9Q8W&c=120&d=600&e=&g=869f10d2fd16e15a18b2b3676b17bd38%2F15749568168597614057&i=26474%2C25174%2C110819&j=41%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1678934102297&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jy1z1n2g71jdkm05axvscd31wzx33vbmt1hb5g2f17s232h860htthpjwjfb9v7msbt2qpvrjkjtgcvrx4r412qkcdm2n247vbs83pxt0p11j7mgtrjvaxr38bkacjn4g8sc21ahqzae1g0bxbzmtng5k78g30bd721r7yzkvdvnh3sht53w1812ab08f3p8rtgx49tayr11m62y8m9qnqqkmbpm2rk0pbtnmc5sh19erqw8gxcsm9nb9j4187jj44mp3shj2p1wcebrgxpkj2j%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCIcIfVYASZLbjII2VgAfdx5iYA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2NjM3NTM0Njc5OTk1OTTIAQmpAgDnZx5_v7E-4AIAqAMBqgSFAk_QGQSz3xJT6XZ4DEnkwwisfGIhGSDp8Jl6OntfMt1X59Cerd7AVG0oaSmxr47qczQUoJn5e1AQiJIuRgvJYRyU-OaaUlm9Ae5C0vazt3UXYvVUvVyq74YmFOEigWHkDkSOyX-u85m94P4Otz_QOfqGujjmzZ8ynG9-W3ZlsXpXlYg2E7U7xGrRqAk6L2FKukezTrEUzS5bRt4OOiMByl2VWfsqT7Xe2LVZSHMArglChQHj_M2dDJBVA64T_9L_cF4Su6tFRK7kc-QTL1qhkVOd18PwIHLajW93m4DZCvNRDVBBNl0ze5aqPSaoUEB0mckcXlJVuwKFcJOvL-fEPOVmT57nteAEAYAG79rjt9a5xbd1oAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1-Or66cd7sSfL0C0ihoipdMfswLQ%2526client%253Dca-pub-4663753467999594%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6a7f4c8a9af17cac4c92d0fad28e07cc781825be9dd19da205c028b2a49e634a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:35:02 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1332690
cf-polished
qual=85, origFmt=jpeg, origSize=128978
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
52014
cf-bgj
imgq:85,h2pri
last-modified
Tue, 31 May 2022 12:16:42 GMT
server
cloudflare
etag
"aa8c145ca1b6cb2be4e511f8f6f2685d"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jlezsddSsIh4fzy1qwuDvGXIh4vpehtOb56DkwbVPYyssmGDA0a%2FBWLeNxKxhytWRPPa1raMFV4c%2BrLzlrRshUoWqjj7Qkj2zPBehYShfcYpB62YT8l2HGYHlxsv%2FR6vttBPdJkD5upmFA5R"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7a8999bc7be29213-FRA
expires
Fri, 17 Mar 2023 02:35:02 GMT
view.aspx
pb.media01.eu/ Frame A7D1
Redirect Chain
  • https://pv.medialead.de/trck/epv/2aed39855b5f46b72660fe7fe4b2634f?t=htlp&subid=oneidG1rtBfpfVz7cKHeHGtPtdwJHZSYTJJkCQV5Moneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=57372&dt_subid2=oneidG1rtBfpfVz7cKHeHGtPtdwJHZSYTJJkCQV5Moneid__suite_Netmix_Reach121_BESTPERFORMER&actionid=98174...
0
629 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=57372&dt_subid2=oneidG1rtBfpfVz7cKHeHGtPtdwJHZSYTJJkCQV5Moneid__suite_Netmix_Reach121_BESTPERFORMER&actionid=981741&produktid=&dt_url=
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15573%2C196439%2C321735&b=G1rtBfpfVz7cKHeHGtPtdwJHZSYTJJkCQV5M%2CM7YHzfrfjePRUWHEHGtDt2jpCBS4TxxZhE2wV%2C3qjcpf4fVbD3f7HrHAtEtMAbQaPSWTKKMsg2Y3&f=Vb8twfmfRKbSVHbHAtXC4bmHBSzTggWuDJ7x%2C61wtef3fMW9mfeHmHYtEC5kmtYS1T33PTERYG%2CWPefrfdfVrKWfYH5HjtDCEP1qt3SETVVmU9Q8W&c=120&d=600&e=&g=869f10d2fd16e15a18b2b3676b17bd38%2F15749568168597614057&i=26474%2C25174%2C110819&j=41%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1678934102297&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jy1z1n2g71jdkm05axvscd31wzx33vbmt1hb5g2f17s232h860htthpjwjfb9v7msbt2qpvrjkjtgcvrx4r412qkcdm2n247vbs83pxt0p11j7mgtrjvaxr38bkacjn4g8sc21ahqzae1g0bxbzmtng5k78g30bd721r7yzkvdvnh3sht53w1812ab08f3p8rtgx49tayr11m62y8m9qnqqkmbpm2rk0pbtnmc5sh19erqw8gxcsm9nb9j4187jj44mp3shj2p1wcebrgxpkj2j%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCIcIfVYASZLbjII2VgAfdx5iYA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2NjM3NTM0Njc5OTk1OTTIAQmpAgDnZx5_v7E-4AIAqAMBqgSFAk_QGQSz3xJT6XZ4DEnkwwisfGIhGSDp8Jl6OntfMt1X59Cerd7AVG0oaSmxr47qczQUoJn5e1AQiJIuRgvJYRyU-OaaUlm9Ae5C0vazt3UXYvVUvVyq74YmFOEigWHkDkSOyX-u85m94P4Otz_QOfqGujjmzZ8ynG9-W3ZlsXpXlYg2E7U7xGrRqAk6L2FKukezTrEUzS5bRt4OOiMByl2VWfsqT7Xe2LVZSHMArglChQHj_M2dDJBVA64T_9L_cF4Su6tFRK7kc-QTL1qhkVOd18PwIHLajW93m4DZCvNRDVBBNl0ze5aqPSaoUEB0mckcXlJVuwKFcJOvL-fEPOVmT57nteAEAYAG79rjt9a5xbd1oAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1-Or66cd7sSfL0C0ihoipdMfswLQ%2526client%253Dca-pub-4663753467999594%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Server
88.198.250.30 -, , ASN (),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:35:01 GMT
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
p3p
policyref="https://pb.media01.eu/pb.media01.eu/p3p.xml", CP="NOI NID PSA OUR BUS NAV STA"
content-length
0
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Thu, 16 Mar 2023 03:35:02 GMT
server
Microsoft-IIS/10.0
access-control-allow-methods
GET,POST
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Range, Content-Disposition, Content-Description, X-XSRF-TOKEN, X-Location
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Thu, 16 Mar 2023 02:35:02 GMT
Strict-Transport-Security
max-age=15768000
Server
nginx/1.17.5
Host
pv.medialead.de
X-IPLB-Request-ID
B9D59B8D:CA32_91EFC182:01BB_64128056_F063E98:C02C
X-IPLB-Instance
40028
Content-Type
application/javascript
Location
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=57372&dt_subid2=oneidG1rtBfpfVz7cKHeHGtPtdwJHZSYTJJkCQV5Moneid__suite_Netmix_Reach121_BESTPERFORMER&actionid=981741&produktid=&dt_url=
Keep-Alive
timeout=20
Content-Length
0
Proxy-Host
pv.medialead.de
188CB8AAD064EA4A8191591B373E95EFBB15091EC45B736DE282B2519499BCCBCAB6FDEDC5113C2A7BE7DE03216809B9DDF8A0A0594CFE95168D455C315D4410
assets.ad4m.at/logo/ Frame A7D1 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/188CB8AAD064EA4A8191591B373E95EFBB15091EC45B736DE282B2519499BCCBCAB6FDEDC5113C2A7BE7DE03216809B9DDF8A0A0594CFE95168D455C315D4410
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15573%2C196439%2C321735&b=G1rtBfpfVz7cKHeHGtPtdwJHZSYTJJkCQV5M%2CM7YHzfrfjePRUWHEHGtDt2jpCBS4TxxZhE2wV%2C3qjcpf4fVbD3f7HrHAtEtMAbQaPSWTKKMsg2Y3&f=Vb8twfmfRKbSVHbHAtXC4bmHBSzTggWuDJ7x%2C61wtef3fMW9mfeHmHYtEC5kmtYS1T33PTERYG%2CWPefrfdfVrKWfYH5HjtDCEP1qt3SETVVmU9Q8W&c=120&d=600&e=&g=869f10d2fd16e15a18b2b3676b17bd38%2F15749568168597614057&i=26474%2C25174%2C110819&j=41%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1678934102297&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jy1z1n2g71jdkm05axvscd31wzx33vbmt1hb5g2f17s232h860htthpjwjfb9v7msbt2qpvrjkjtgcvrx4r412qkcdm2n247vbs83pxt0p11j7mgtrjvaxr38bkacjn4g8sc21ahqzae1g0bxbzmtng5k78g30bd721r7yzkvdvnh3sht53w1812ab08f3p8rtgx49tayr11m62y8m9qnqqkmbpm2rk0pbtnmc5sh19erqw8gxcsm9nb9j4187jj44mp3shj2p1wcebrgxpkj2j%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCIcIfVYASZLbjII2VgAfdx5iYA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2NjM3NTM0Njc5OTk1OTTIAQmpAgDnZx5_v7E-4AIAqAMBqgSFAk_QGQSz3xJT6XZ4DEnkwwisfGIhGSDp8Jl6OntfMt1X59Cerd7AVG0oaSmxr47qczQUoJn5e1AQiJIuRgvJYRyU-OaaUlm9Ae5C0vazt3UXYvVUvVyq74YmFOEigWHkDkSOyX-u85m94P4Otz_QOfqGujjmzZ8ynG9-W3ZlsXpXlYg2E7U7xGrRqAk6L2FKukezTrEUzS5bRt4OOiMByl2VWfsqT7Xe2LVZSHMArglChQHj_M2dDJBVA64T_9L_cF4Su6tFRK7kc-QTL1qhkVOd18PwIHLajW93m4DZCvNRDVBBNl0ze5aqPSaoUEB0mckcXlJVuwKFcJOvL-fEPOVmT57nteAEAYAG79rjt9a5xbd1oAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1-Or66cd7sSfL0C0ihoipdMfswLQ%2526client%253Dca-pub-4663753467999594%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e49b984d20b3e7cb3f2c4a08805dc3f66bb8a58ec08c365d0cf955dd57c77c7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:35:02 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1724250
cf-polished
qual=85, origFmt=jpeg, origSize=16723
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
8354
cf-bgj
imgq:85,h2pri
last-modified
Wed, 22 Jan 2020 13:13:07 GMT
server
cloudflare
etag
"04cb7ec205cea351157aeffb998f3a85"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RStPi3fn6J%2FoXWwAWbi7INVNT69N%2B%2F93eRJP5PssLyV09F0h26bue3k67QtinspAEJXWalRCH%2BbsdfJc3A7Zqg4SPd3B8rDdlERburwYedDJySZob5xoFywhEAsX%2F5SZtt92sWfjrhS82f%2Bb"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7a8999bc7be39213-FRA
expires
Fri, 17 Mar 2023 02:35:02 GMT
96AA637161FCFF7D0AE42DD0E3CF6E6A33D7A2D96B5FF2BDA5B1A8E0996EEB464D78D8CE114DFCCD8F5FCF559382B5A858EE2F2DD03A6307DB4B399DF7A75EC6
assets.ad4m.at/product_image/ Frame A7D1 		43 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/96AA637161FCFF7D0AE42DD0E3CF6E6A33D7A2D96B5FF2BDA5B1A8E0996EEB464D78D8CE114DFCCD8F5FCF559382B5A858EE2F2DD03A6307DB4B399DF7A75EC6
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15573%2C196439%2C321735&b=G1rtBfpfVz7cKHeHGtPtdwJHZSYTJJkCQV5M%2CM7YHzfrfjePRUWHEHGtDt2jpCBS4TxxZhE2wV%2C3qjcpf4fVbD3f7HrHAtEtMAbQaPSWTKKMsg2Y3&f=Vb8twfmfRKbSVHbHAtXC4bmHBSzTggWuDJ7x%2C61wtef3fMW9mfeHmHYtEC5kmtYS1T33PTERYG%2CWPefrfdfVrKWfYH5HjtDCEP1qt3SETVVmU9Q8W&c=120&d=600&e=&g=869f10d2fd16e15a18b2b3676b17bd38%2F15749568168597614057&i=26474%2C25174%2C110819&j=41%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1678934102297&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jy1z1n2g71jdkm05axvscd31wzx33vbmt1hb5g2f17s232h860htthpjwjfb9v7msbt2qpvrjkjtgcvrx4r412qkcdm2n247vbs83pxt0p11j7mgtrjvaxr38bkacjn4g8sc21ahqzae1g0bxbzmtng5k78g30bd721r7yzkvdvnh3sht53w1812ab08f3p8rtgx49tayr11m62y8m9qnqqkmbpm2rk0pbtnmc5sh19erqw8gxcsm9nb9j4187jj44mp3shj2p1wcebrgxpkj2j%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCIcIfVYASZLbjII2VgAfdx5iYA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2NjM3NTM0Njc5OTk1OTTIAQmpAgDnZx5_v7E-4AIAqAMBqgSFAk_QGQSz3xJT6XZ4DEnkwwisfGIhGSDp8Jl6OntfMt1X59Cerd7AVG0oaSmxr47qczQUoJn5e1AQiJIuRgvJYRyU-OaaUlm9Ae5C0vazt3UXYvVUvVyq74YmFOEigWHkDkSOyX-u85m94P4Otz_QOfqGujjmzZ8ynG9-W3ZlsXpXlYg2E7U7xGrRqAk6L2FKukezTrEUzS5bRt4OOiMByl2VWfsqT7Xe2LVZSHMArglChQHj_M2dDJBVA64T_9L_cF4Su6tFRK7kc-QTL1qhkVOd18PwIHLajW93m4DZCvNRDVBBNl0ze5aqPSaoUEB0mckcXlJVuwKFcJOvL-fEPOVmT57nteAEAYAG79rjt9a5xbd1oAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1-Or66cd7sSfL0C0ihoipdMfswLQ%2526client%253Dca-pub-4663753467999594%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
426d76224de25de48c22820280fb851e7d9ebc04bfc915b4aec6dfc21821ea37

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:35:02 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2021611
cf-polished
qual=85, origFmt=jpeg, origSize=72345
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44118
cf-bgj
imgq:85,h2pri
last-modified
Tue, 14 Jun 2022 09:41:24 GMT
server
cloudflare
etag
"ed6f7b3b1b04cd5f78cf354be09c981b"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VQZ3wj8%2FiDOcJiwWBprkop6qucRoFJYg3K8XQ8elj7iwhVD4rID98dapuUTlG1bppwRD0Kezw5FHxM7VgwRqL%2FwJky7grScLgsA1PEWORQ2wRWIvgWI9CRK6rqqD%2FSBZoQHNPdMa9rQeueWP"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7a8999bc7be49213-FRA
expires
Fri, 17 Mar 2023 02:35:02 GMT
/
banner.congstar.de/cookie/ Frame A7D1
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=%3Fhttps%3...
  • https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_pre=CMvpnva03_0CFd-JgwcdKXMA8w;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_d...
  • https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=pv_oneidM7YHzfrfjePRUWHEHGtDt2jpCBS4TxxZhE2wVoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1678934102_278470b0-c3a3-11ed-b339-2265b7c46fb7
0
549 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1678934102_278470b0-c3a3-11ed-b339-2265b7c46fb7
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15573%2C196439%2C321735&b=G1rtBfpfVz7cKHeHGtPtdwJHZSYTJJkCQV5M%2CM7YHzfrfjePRUWHEHGtDt2jpCBS4TxxZhE2wV%2C3qjcpf4fVbD3f7HrHAtEtMAbQaPSWTKKMsg2Y3&f=Vb8twfmfRKbSVHbHAtXC4bmHBSzTggWuDJ7x%2C61wtef3fMW9mfeHmHYtEC5kmtYS1T33PTERYG%2CWPefrfdfVrKWfYH5HjtDCEP1qt3SETVVmU9Q8W&c=120&d=600&e=&g=869f10d2fd16e15a18b2b3676b17bd38%2F15749568168597614057&i=26474%2C25174%2C110819&j=41%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1678934102297&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jy1z1n2g71jdkm05axvscd31wzx33vbmt1hb5g2f17s232h860htthpjwjfb9v7msbt2qpvrjkjtgcvrx4r412qkcdm2n247vbs83pxt0p11j7mgtrjvaxr38bkacjn4g8sc21ahqzae1g0bxbzmtng5k78g30bd721r7yzkvdvnh3sht53w1812ab08f3p8rtgx49tayr11m62y8m9qnqqkmbpm2rk0pbtnmc5sh19erqw8gxcsm9nb9j4187jj44mp3shj2p1wcebrgxpkj2j%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCIcIfVYASZLbjII2VgAfdx5iYA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2NjM3NTM0Njc5OTk1OTTIAQmpAgDnZx5_v7E-4AIAqAMBqgSFAk_QGQSz3xJT6XZ4DEnkwwisfGIhGSDp8Jl6OntfMt1X59Cerd7AVG0oaSmxr47qczQUoJn5e1AQiJIuRgvJYRyU-OaaUlm9Ae5C0vazt3UXYvVUvVyq74YmFOEigWHkDkSOyX-u85m94P4Otz_QOfqGujjmzZ8ynG9-W3ZlsXpXlYg2E7U7xGrRqAk6L2FKukezTrEUzS5bRt4OOiMByl2VWfsqT7Xe2LVZSHMArglChQHj_M2dDJBVA64T_9L_cF4Su6tFRK7kc-QTL1qhkVOd18PwIHLajW93m4DZCvNRDVBBNl0ze5aqPSaoUEB0mckcXlJVuwKFcJOvL-fEPOVmT57nteAEAYAG79rjt9a5xbd1oAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1-Or66cd7sSfL0C0ihoipdMfswLQ%2526client%253Dca-pub-4663753467999594%2526adurl%253D&y=1&s=&z=0
Protocol
HTTP/1.1
Server
87.118.116.9 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 16 Mar 2023 02:35:02 GMT
Server
Apache
P3P
CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
Content-Length
0

Redirect headers

Date
Thu, 16 Mar 2023 02:35:02 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location
https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1678934102_278470b0-c3a3-11ed-b339-2265b7c46fb7
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
0
32F23C7559EE7EB10B0612EC54855DCC534784F93890DD11CBD844681DEF4739C06EF675715F3D3A7EA93E8627400F67EC439A270FF5E659B22B480C0A0343DC
assets.ad4m.at/logo/ Frame A7D1 		53 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/32F23C7559EE7EB10B0612EC54855DCC534784F93890DD11CBD844681DEF4739C06EF675715F3D3A7EA93E8627400F67EC439A270FF5E659B22B480C0A0343DC
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15573%2C196439%2C321735&b=G1rtBfpfVz7cKHeHGtPtdwJHZSYTJJkCQV5M%2CM7YHzfrfjePRUWHEHGtDt2jpCBS4TxxZhE2wV%2C3qjcpf4fVbD3f7HrHAtEtMAbQaPSWTKKMsg2Y3&f=Vb8twfmfRKbSVHbHAtXC4bmHBSzTggWuDJ7x%2C61wtef3fMW9mfeHmHYtEC5kmtYS1T33PTERYG%2CWPefrfdfVrKWfYH5HjtDCEP1qt3SETVVmU9Q8W&c=120&d=600&e=&g=869f10d2fd16e15a18b2b3676b17bd38%2F15749568168597614057&i=26474%2C25174%2C110819&j=41%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1678934102297&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jy1z1n2g71jdkm05axvscd31wzx33vbmt1hb5g2f17s232h860htthpjwjfb9v7msbt2qpvrjkjtgcvrx4r412qkcdm2n247vbs83pxt0p11j7mgtrjvaxr38bkacjn4g8sc21ahqzae1g0bxbzmtng5k78g30bd721r7yzkvdvnh3sht53w1812ab08f3p8rtgx49tayr11m62y8m9qnqqkmbpm2rk0pbtnmc5sh19erqw8gxcsm9nb9j4187jj44mp3shj2p1wcebrgxpkj2j%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCIcIfVYASZLbjII2VgAfdx5iYA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2NjM3NTM0Njc5OTk1OTTIAQmpAgDnZx5_v7E-4AIAqAMBqgSFAk_QGQSz3xJT6XZ4DEnkwwisfGIhGSDp8Jl6OntfMt1X59Cerd7AVG0oaSmxr47qczQUoJn5e1AQiJIuRgvJYRyU-OaaUlm9Ae5C0vazt3UXYvVUvVyq74YmFOEigWHkDkSOyX-u85m94P4Otz_QOfqGujjmzZ8ynG9-W3ZlsXpXlYg2E7U7xGrRqAk6L2FKukezTrEUzS5bRt4OOiMByl2VWfsqT7Xe2LVZSHMArglChQHj_M2dDJBVA64T_9L_cF4Su6tFRK7kc-QTL1qhkVOd18PwIHLajW93m4DZCvNRDVBBNl0ze5aqPSaoUEB0mckcXlJVuwKFcJOvL-fEPOVmT57nteAEAYAG79rjt9a5xbd1oAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1-Or66cd7sSfL0C0ihoipdMfswLQ%2526client%253Dca-pub-4663753467999594%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b003afa15165c632feeec754e2df29e83ed92ccae2fc38187f170ed1bc388ec0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:35:02 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2276799
cf-polished
origFmt=png, origSize=85233
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
54280
cf-bgj
imgq:85,h2pri
last-modified
Wed, 16 Nov 2022 17:18:26 GMT
server
cloudflare
etag
"0bc184d99872986e7c36d6945f607e59"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eJfrEw1ODK8Z28lgmekf2isgh%2BW4CN1hlt8yMMKy%2FohRb28kjZaANqkE07PUDPR3ebzPV%2FxFHGJnP7doAqEgeHpjTZt2vkNFqUgw5UT5AIngde3c0Wl9O%2FLsBuyWlXd2nMf9leA%2BlZNSR8uQ"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7a8999bc7be59213-FRA
expires
Fri, 17 Mar 2023 02:35:02 GMT
831D0FE32B145B761077CFC592BD206C2CE087B565208A08CBD98E3B38F09AC68B46D6E1256C993416DA9EF02099D633246555FC17762F3E215B6156D6F4C095
assets.ad4m.at/product_image/ Frame A7D1 		193 KB
193 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/831D0FE32B145B761077CFC592BD206C2CE087B565208A08CBD98E3B38F09AC68B46D6E1256C993416DA9EF02099D633246555FC17762F3E215B6156D6F4C095
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15573%2C196439%2C321735&b=G1rtBfpfVz7cKHeHGtPtdwJHZSYTJJkCQV5M%2CM7YHzfrfjePRUWHEHGtDt2jpCBS4TxxZhE2wV%2C3qjcpf4fVbD3f7HrHAtEtMAbQaPSWTKKMsg2Y3&f=Vb8twfmfRKbSVHbHAtXC4bmHBSzTggWuDJ7x%2C61wtef3fMW9mfeHmHYtEC5kmtYS1T33PTERYG%2CWPefrfdfVrKWfYH5HjtDCEP1qt3SETVVmU9Q8W&c=120&d=600&e=&g=869f10d2fd16e15a18b2b3676b17bd38%2F15749568168597614057&i=26474%2C25174%2C110819&j=41%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1678934102297&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jy1z1n2g71jdkm05axvscd31wzx33vbmt1hb5g2f17s232h860htthpjwjfb9v7msbt2qpvrjkjtgcvrx4r412qkcdm2n247vbs83pxt0p11j7mgtrjvaxr38bkacjn4g8sc21ahqzae1g0bxbzmtng5k78g30bd721r7yzkvdvnh3sht53w1812ab08f3p8rtgx49tayr11m62y8m9qnqqkmbpm2rk0pbtnmc5sh19erqw8gxcsm9nb9j4187jj44mp3shj2p1wcebrgxpkj2j%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCIcIfVYASZLbjII2VgAfdx5iYA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2NjM3NTM0Njc5OTk1OTTIAQmpAgDnZx5_v7E-4AIAqAMBqgSFAk_QGQSz3xJT6XZ4DEnkwwisfGIhGSDp8Jl6OntfMt1X59Cerd7AVG0oaSmxr47qczQUoJn5e1AQiJIuRgvJYRyU-OaaUlm9Ae5C0vazt3UXYvVUvVyq74YmFOEigWHkDkSOyX-u85m94P4Otz_QOfqGujjmzZ8ynG9-W3ZlsXpXlYg2E7U7xGrRqAk6L2FKukezTrEUzS5bRt4OOiMByl2VWfsqT7Xe2LVZSHMArglChQHj_M2dDJBVA64T_9L_cF4Su6tFRK7kc-QTL1qhkVOd18PwIHLajW93m4DZCvNRDVBBNl0ze5aqPSaoUEB0mckcXlJVuwKFcJOvL-fEPOVmT57nteAEAYAG79rjt9a5xbd1oAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1-Or66cd7sSfL0C0ihoipdMfswLQ%2526client%253Dca-pub-4663753467999594%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9793fc03a50f4e6cdd1d91743c7c18f33bf8ac521cb84f7e3d0fe24672ad72e3

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:35:02 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1478048
cf-polished
origFmt=png, origSize=311499
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
197460
cf-bgj
imgq:85,h2pri
last-modified
Wed, 16 Nov 2022 17:45:43 GMT
server
cloudflare
etag
"3e47fe2e828ecba46fd7e6ae452966ae"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v2eTY%2FmNanC2NjLkJ00EX1w4lORWpGWHQF0ZCNjztrPcEY%2BnKo8UMst9i7PTqhzaCJ1mXBoUOuK5MIw61%2FLgoQUCw09Lja2tL97Wcu3yeBhA4Qm9RArjBvmNF9u1WhnapcS72m68uiYewzwF"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7a8999bc7be69213-FRA
expires
Fri, 17 Mar 2023 02:35:02 GMT
ws-ad.js
wfpscripts.webspectator.com/ Frame 85ED 		21 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wfpscripts.webspectator.com/ws-ad.js
Requested by
Host: webservices.webspectator.com
URL: https://webservices.webspectator.com/adunitMapping?appId=2739&eaup=/22452847/Istoe_Home&eolid=null&eci=null&ct=%7B%7D&w=300&h=600&wsRotSlot=&isda=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.1.252.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-252-251.compute-1.amazonaws.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
9d02c3facc410ee6a9dceade80ce0bc710f6037df881453124d3f5c83a6241b5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://istoe.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:35:02 GMT
content-encoding
gzip
last-modified
Tue, 12 Feb 2019 15:34:42 GMT
server
nginx/1.10.3 (Ubuntu)
etag
"5134affc2f01c20ef17e399c5c7cbfbd"
x-cache-status
HIT
content-type
application/javascript
cache-control
max-age=300
content-length
8492
container.html
3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 72B7 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031301.js?cb=31073052
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://istoe.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
3
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 16 Mar 2023 02:34:59 GMT
expires
Fri, 15 Mar 2024 02:34:59 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
link.html
track.webgains.com/ Frame A7D1 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=4371640&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1hnncrvfjr7jjtn3yt47s9srzfa1m02dv73d8gs6n38epv8sh4y6a4asnjn4c87h363b55bbkvnxk7s6p68e7p0gyybj3xwk9ps6aheqk7xm3bn5hr8g77bj093j15mj9nxn3pjfds5fx3p351vy00rcrw5zv6neq3d77qrk26knhxqcvm3d6g4fpe664kfnnh4eqh5ctpqkpa7swazf2671jqv1xb8mncrwvg3p082vqn6yrwvezjevbb6f30v2cqybtpr%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jy1z1n2g71jdkm05axvscd31wzx33vbmt1hb5g2f17s232h860htthpjwjfb9v7msbt2qpvrjkjtgcvrx4r412qkcdm2n247vbs83pxt0p11j7mgtrjvaxr38bkacjn4g8sc21ahqzae1g0bxbzmtng5k78g30bd721r7yzkvdvnh3sht53w1812ab08f3p8rtgx49tayr11m62y8m9qnqqkmbpm2rk0pbtnmc5sh19erqw8gxcsm9nb9j4187jj44mp3shj2p1wcebrgxpkj2j%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCIcIfVYASZLbjII2VgAfdx5iYA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2NjM3NTM0Njc5OTk1OTTIAQmpAgDnZx5_v7E-4AIAqAMBqgSFAk_QGQSz3xJT6XZ4DEnkwwisfGIhGSDp8Jl6OntfMt1X59Cerd7AVG0oaSmxr47qczQUoJn5e1AQiJIuRgvJYRyU-OaaUlm9Ae5C0vazt3UXYvVUvVyq74YmFOEigWHkDkSOyX-u85m94P4Otz_QOfqGujjmzZ8ynG9-W3ZlsXpXlYg2E7U7xGrRqAk6L2FKukezTrEUzS5bRt4OOiMByl2VWfsqT7Xe2LVZSHMArglChQHj_M2dDJBVA64T_9L_cF4Su6tFRK7kc-QTL1qhkVOd18PwIHLajW93m4DZCvNRDVBBNl0ze5aqPSaoUEB0mckcXlJVuwKFcJOvL-fEPOVmT57nteAEAYAG79rjt9a5xbd1oAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_1-Or66cd7sSfL0C0ihoipdMfswLQ%252526client%25253Dca-pub-4663753467999594%252526adurl%25253D&clickref=oneidWPefrfdfVrKWfYH5HjtDCEP1qt3SETVVmU9Q8Woneid__suite_Netmix_Reach121_BESTPERFORMER&viewref=oneid3qjcpf4fVbD3f7HrHAtEtMAbQaPSWTKKMsg2Y3oneid__suite_Netmix_Reach121_BESTPERFORMER
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15573%2C196439%2C321735&b=G1rtBfpfVz7cKHeHGtPtdwJHZSYTJJkCQV5M%2CM7YHzfrfjePRUWHEHGtDt2jpCBS4TxxZhE2wV%2C3qjcpf4fVbD3f7HrHAtEtMAbQaPSWTKKMsg2Y3&f=Vb8twfmfRKbSVHbHAtXC4bmHBSzTggWuDJ7x%2C61wtef3fMW9mfeHmHYtEC5kmtYS1T33PTERYG%2CWPefrfdfVrKWfYH5HjtDCEP1qt3SETVVmU9Q8W&c=120&d=600&e=&g=869f10d2fd16e15a18b2b3676b17bd38%2F15749568168597614057&i=26474%2C25174%2C110819&j=41%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1678934102297&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jy1z1n2g71jdkm05axvscd31wzx33vbmt1hb5g2f17s232h860htthpjwjfb9v7msbt2qpvrjkjtgcvrx4r412qkcdm2n247vbs83pxt0p11j7mgtrjvaxr38bkacjn4g8sc21ahqzae1g0bxbzmtng5k78g30bd721r7yzkvdvnh3sht53w1812ab08f3p8rtgx49tayr11m62y8m9qnqqkmbpm2rk0pbtnmc5sh19erqw8gxcsm9nb9j4187jj44mp3shj2p1wcebrgxpkj2j%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCIcIfVYASZLbjII2VgAfdx5iYA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2NjM3NTM0Njc5OTk1OTTIAQmpAgDnZx5_v7E-4AIAqAMBqgSFAk_QGQSz3xJT6XZ4DEnkwwisfGIhGSDp8Jl6OntfMt1X59Cerd7AVG0oaSmxr47qczQUoJn5e1AQiJIuRgvJYRyU-OaaUlm9Ae5C0vazt3UXYvVUvVyq74YmFOEigWHkDkSOyX-u85m94P4Otz_QOfqGujjmzZ8ynG9-W3ZlsXpXlYg2E7U7xGrRqAk6L2FKukezTrEUzS5bRt4OOiMByl2VWfsqT7Xe2LVZSHMArglChQHj_M2dDJBVA64T_9L_cF4Su6tFRK7kc-QTL1qhkVOd18PwIHLajW93m4DZCvNRDVBBNl0ze5aqPSaoUEB0mckcXlJVuwKFcJOvL-fEPOVmT57nteAEAYAG79rjt9a5xbd1oAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1-Or66cd7sSfL0C0ihoipdMfswLQ%2526client%253Dca-pub-4663753467999594%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.132.110.241 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-132-110-241.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
5b81c0c3df92018c2a4d26515401d970c93aa91904e690bacb0d924a055b1534

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:35:02 GMT
last-modified
Thu, 16 Mar 2023 02:35:02 GMT
server
nginx
x-powered-by
PHP/7.4.26
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=60
access-control-allow-headers
Authorization
expires
Thu, 16 Mar 2023 02:36:02 GMT
ws-ad.js
wfpscripts.webspectator.com/ Frame 106F 		21 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wfpscripts.webspectator.com/ws-ad.js
Requested by
Host: webservices.webspectator.com
URL: https://webservices.webspectator.com/adunitMapping?appId=2739&eaup=/22452847/Istoe_Home&eolid=null&eci=null&ct=%7B%7D&w=970&h=250&wsRotSlot=&isda=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.1.252.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-252-251.compute-1.amazonaws.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
9d02c3facc410ee6a9dceade80ce0bc710f6037df881453124d3f5c83a6241b5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://istoe.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:35:02 GMT
content-encoding
gzip
last-modified
Tue, 12 Feb 2019 15:34:42 GMT
server
nginx/1.10.3 (Ubuntu)
etag
"5134affc2f01c20ef17e399c5c7cbfbd"
x-cache-status
HIT
content-type
application/javascript
cache-control
max-age=300
content-length
8492
container.html
3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 7207 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031301.js?cb=31073052
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://istoe.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
3
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 16 Mar 2023 02:34:59 GMT
expires
Fri, 15 Mar 2024 02:34:59 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
adunitMapping
webservices.webspectator.com/ Frame B74A 		733 B
776 B 		Script
General
Check archive.org
Download Go to
Full URL
https://webservices.webspectator.com/adunitMapping?appId=2739&eaup=/22452847/Istoe_Home&eolid=null&eci=null&ct=%7B%22pos%22%3A%5B%223%22%5D%7D&w=728&h=90&wsRotSlot=&isda=1
Requested by
Host: wfpscripts.webspectator.com
URL: https://wfpscripts.webspectator.com/ws-4.4.62.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.192.67.210 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-192-67-210.compute-1.amazonaws.com
Software
WildFly/10 / Undertow/1
Resource Hash
fce31aed37d06eadb51d5f1836f7ceef2d2a0a5dc6dd5147b46cd29d625bcf32

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://istoe.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 16 Mar 2023 02:35:02 GMT
Content-Encoding
gzip
Server
WildFly/10
X-Powered-By
Undertow/1
Transfer-Encoding
chunked
Content-Type
text/javascript;charset=UTF-8
X-NoCache
true
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Jan 1970 00:00:00 GMT
denakop.js
tags.denakop.com/10076/ 		46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.denakop.com/10076/denakop.js
Requested by
Host: istoe.com.br
URL: https://istoe.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:160e -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
33e641b70f94e67b49344aab4b9cf588c390e616c40f002eb3cc485e3c4dfc26

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://istoe.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:35:03 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Wed, 15 Mar 2023 15:07:19 GMT
server
cloudflare
age
3167
etag
W/"6411df27-b704"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, must-revalidate, max-age=3600
timing-allow-origin
*
cf-ray
7a8999c0fa2a9052-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
adview
securepubads.g.doubleclick.net/pagead/ Frame 72B7 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CGVBoVoASZPHNA6zHx_APrJee-AGQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi00NjYzNzUzNDY3OTk5NTk0yAEJqQIA52cef7-xPuACAKgDAaoE_QFP0K-bFVbdti8XsUr0ZV5Yr66sXCp57Dtpc6TqSzxMVHTg1VLEHk0ETeXxmK4mnTOycMA1pLE3fnnPd-TroSxasfGhGrDgs8RXwt3xpd_vjD6qH4QhYyMKB6me7mxmpFLn9ToUmv2zwU70xn6Zx_4IL_m7BlRr5zOcngVhO3sMU5Gnui52Gg6t2_AQbZr0GNdul7WHuyE2_K52bmzaF1a9BsPEf0U2Ff2touLkkrA8x_WEsBZqJr_w2kGuaVyOwofbowzsKMPqkOYOUPo1dIs2AU0p5OPx3NRhg_xDPLEl-9ik1GaNG79QkUHe4OEyzh-S_yVk8lHmYnq7PajQ4AQBgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQIAKAfoLAggBgAwB0BUBgBcBshccChoSFHB1Yi00NjYzNzUzNDY3OTk5NTk0GIewDg&sigh=_1KuKfLQLyo&uach_m=[UACH]&cid=CAQSPADUE5ymLIxcQUqqyp38Ozbno3rOS1q0leW-hc1ZPC6vIrS4A5GCognAUnDXazY_lK77mfZY4La1qOLyvBgB
Requested by
Host: istoe.com.br
URL: https://istoe.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers
winResponse
prod-rtb.ad4mat.net/ Frame 72B7 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prod-rtb.ad4mat.net/winResponse?a=1g0gv92q70t15avfjj13b93r1erhymwy6fh5jth9hsa2p8zt0mknjprkcbp6fyvbkt5wtg7dzhhec6vnca3kvhd4n4wx2mkjm7hgvgv116se07n43b4jvrepdhyq737x4pcvwrt95e1sma2hk8h07e9345kbvt8gehvjrtata3k1h9tayv7m8m7jw5nrs7a2s6nn04pkxt2cmt09m9pbvwg28d9k3x7ma475f3t3kv63kgd29fnz51nzsxh8aqnx0z3yppz1dfdqm5pwj1891eyn8yy26bdc04ttkcr4maaf2h7bmq6ejg8rnmxggnvhz0ctf5tnepnqn1fmcvf53atp9nemnyy40s9remvjabxwek37d1c9zqymgxwcrmpn2xwa4qy7dp49nb8&b=ZBKAVgAA5vEIEeOsAAeLrG4PE1PznUjVix7UtA
Requested by
Host: istoe.com.br
URL: https://istoe.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 16 Mar 2023 02:35:03 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
image/gif
dr
as.ad4m.at/ad/ Frame B5BF 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/dr?ed=1gtm31qmgeard06krq87cknyrwzmm4hjtst03z0sk7nb1hf3ebnnhz77v291mcbsk3r5z7dpyr8jwnd8f7w86bypffrqgecawbvvemrnwhtedcdsk8t1we9m69xcvf041vv85qw1jqcf88cs8f32kfmjpd55s0fy6mtsrzfan6p7kd6fjp3c1ar602smerww8q1cf5mqe7vp8441v1q232yx3zdht4733dyj2csr10vph09ahdjw2xbdw3q4cvrw27cmd4sbw8z854mk86tty3by68vkadm6d97hss96rfggbn6g08348q7e5rw8v7mjy4szafhj9yn8txt077k3ebhzwfs0zgkgnmcdfjttvp2gf8w6epxvrpatgweqjaept7rr6zvp44sm7zsr6nsy2tetvrf72rmp4g3ew2saqawem10tn1bv7asz6w936c0d76gws5nn&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC8NDHVoASZPHNA6zHx_APrJee-AGQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi00NjYzNzUzNDY3OTk5NTk0yAEJqQIA52cef7-xPuACAKgDAaoEgAJP0K-bFVbdti8XsUr0ZV5Yr66sXCp57Dtpc6TqSzxMVHTg1VLEHk0ETeXxmK4mnTOycMA1pLE3fnnPd-TroSxasfGhGrDgs8RXwt3xpd_vjD6qH4QhYyMKB6me7mxmpFLn9ToUmv2zwU70xn6Zx_4IL_m7BlRr5zOcngVhO3sMU5Gnui52Gg6t2_AQbZr0GNdul7WHuyE2_K52bmzaF1a9BsPEf0U2Ff2touLkkrA8x_WEsBZqJr_w2kGuaVyOwofbowzsKMPqkOYOUPo1dIs2AU0p5OPx3JZjom6UxTZlM1_sQrzEiU1phUtz6s8qE59QtrecZk_Keq9nougYFgON4AQBgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2xgkY2wtJNXXK1WyWe-SzTrqvKdQ%26client%3Dca-pub-4663753467999594%26adurl%3D
Requested by
Host: 3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com
URL: https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1fbcc160f737bcd31d3edd8068ccc84a19ebcc11217571d31a78e3936e921898
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
7a8999bfbd6a9213-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Thu, 16 Mar 2023 02:35:03 GMT
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230314/r20110914/client/ Frame 72B7 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230314/r20110914/client/window_focus_fy2021.js
Requested by
Host: 3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com
URL: https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 15 Mar 2023 22:31:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
14633
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 29 Mar 2023 22:31:10 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame DCBB 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com
URL: https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
51102
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 15 Mar 2023 12:23:21 GMT
etag
48472445140208031
expires
Thu, 16 Mar 2023 12:23:21 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230314/r20110914/client/ Frame 72B7 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230314/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com
URL: https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a9161954861bb1fd7d5044d99f9ce04137b3836979ce8c5c75d224642f57c3f9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 15 Mar 2023 18:10:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
30271
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8559
x-xss-protection
0
server
cafe
etag
11326455550778179109
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 29 Mar 2023 18:10:32 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 72B7 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com
URL: https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 09 Mar 2023 10:51:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
575014
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 08 Mar 2024 10:51:29 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 72B7 		158 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com
URL: https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3456dcd3eb25196e68e2822cca66a20c2f123bedf5986f159be674e4c40a05cb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:35:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49519
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1678880156327103"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 16 Mar 2023 02:35:03 GMT
container.html
3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 7387 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031301.js?cb=31073052
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://istoe.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
4
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 16 Mar 2023 02:34:59 GMT
expires
Fri, 15 Mar 2024 02:34:59 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sync
app.retargetly.com/ Frame 0452 		68 B
749 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app.retargetly.com/sync?sid=3c146412-8055-4a00-966b-ee3f29a568d0&pid=10
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:118d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4443eccbe460b086b56483fdbfdaafca2c11c369a796a56c097997b15c160660

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pixel.mathtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Mar 2023 02:35:03 GMT
cf-cache-status
DYNAMIC
server
cloudflare
content-type
image/png
access-control-allow-origin
*
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
cache-control
no-cache
cf-ray
7a8999bfe9b49a0f-FRA
expires
0
img
pixel.mathtag.com/misc/ Frame 0452 		43 B
528 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.mathtag.com/misc/img?mop_seq=1:1&mt_cb=512154&check=3c146412-8055-4a00-966b-ee3f29a568d0&mop_top=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-201.deploy.static.akamaitechnologies.com
Software
MT3 569 46451a0 master cdg-pixel-x33 config:1.0.0 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pixel.mathtag.com/sync/iframe?mt_uuid=3c146412-8055-4a00-966b-ee3f29a568d0&no_iframe=1&exsync=https%3A%2F%2Fapp.retargetly.com%2Fsync%3Fsid%3D%5BMM_UUID%5D%26pid%3D10&mt_lim=12&source=mathtag
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Thu, 16 Mar 2023 02:35:03 GMT
Server
MT3 569 46451a0 master cdg-pixel-x33 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
*
Content-Type
image/gif
Cache-Control
no-cache
Connection
keep-alive
Content-Length
43
Expires
Thu, 16 Mar 2023 02:35:02 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 7207 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C3b7mVoASZJzNGcT5-gbZi6nIAZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2NjM3NTM0Njc5OTk1OTTIAQmpAgDnZx5_v7E-4AIAqAMBqgSBAk_QFkOhtqSvsB_DXfvZWX3sQhDVRnodOaVg3Qfg3fPkBqFrUUnJvUvgC3FN9-uWr9ZA3TOpGczRZYAsPBz5lGMphZ7GiHBqJ_1q3RiUCGSqJp-hcglevgemtrDuqBfFcWEzHg-CSwyApLBgLSPm__EU2qGF8NtI8txJHYZ2PTGPsdKM-nOqDDnwoy4dQbpHJuWyfvHMpfrI44slqDTajyxY_qm3eWDAvKajiXJBy_gpM51EW5e7OGGag29ZXDBGeU-sr4q8NIR-uXXDCgZlqR5OgfVxpUO_YfyPNwGYtEsla4vf-f5hmwhfYmiv7r6DMKozq1eAlKmvQeMIFd-h_rDZ4AQBgAaS9aHpmoa-1xagBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBAgAoB-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTQ2NjM3NTM0Njc5OTk1OTQYh7AO&sigh=_6_GnjNnhmM&uach_m=[UACH]&cid=CAQSPADUE5ymxWUnK5McokHG9w3Klqgx5bLyfrGZXyQfGJj9JcDrMqu-zMbF5xHNh4O0CU4bhwvA-a9W3B6L4xgB
Requested by
Host: istoe.com.br
URL: https://istoe.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers
winResponse
prod-rtb.ad4mat.net/ Frame 7207 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prod-rtb.ad4mat.net/winResponse?a=1kzhg6bp1x4b17rfgkj4mmr34h2tqx9hs3a9e65bh9akm8z3f4f6dctkss14t8pth8r8dwb0ngb5z9sged85bnpc95dy1q5q02vcjxfqxeczze558ebwbmf12ybxt22c716fckean3by6efq6eqk4p6j38z5zspg2bwaf26s2gxtvr7m8awezmnsfseqc10npc2k6q6rpxb5p1zqzx1q8pm119gts85vsw51av0nt88nzp04ger0gfa8qq9d5v2k85sw6xcj4rt4v5t83zgs8h7xj5340jfvrz1v8ek2vxq1hsarex3x0j3zv7fgh6jdksdg4gbk7x656zfgy99hxgcaqaaszqdy5x6k13djftvyzyjcgt4nafdyzxfggm5dpev6bjg1vymmc7g&b=ZBKAVgAGZpwK3rzEAApF2TKrfeKFhXU8Ex4owg
Requested by
Host: istoe.com.br
URL: https://istoe.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 16 Mar 2023 02:35:03 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
image/gif
dr
as.ad4m.at/ad/ Frame 098C 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/dr?ed=1h3wecdh5ma6q0qemv8cxymps4abb86ayd0pp8nqwyphdy4tcn64km4xt5a18mfgjwkvhqp7f68eqs6swrm8r2phzncc12x8trtv3fvk02rb5sx1asmmx09rg4e07t292mf5rwzst3da6eezg9qh8z948sk814zdz620p167fj440p8svaexk8zyh3nbsmaf4sqaxeq04hmqtbacsfhz3xtfctrc2yah3wwfrmt0qa0yqej803rtewvj1t8xwnh26ycrg8nbyj0t1vwe0m3855e2m5f7m6qzpfge0xcskwqn3dpp8vggtygh725x75rww94mtvgy81vp4d0wa34vdnk47rtzgzwwm6f9b2yem78ckccqnssc3gz34gm9a5my9fd4mbzwd7b0s7sbtzww7yywk9p3dshp69k6dvrzzb50x1wnmm6stwhghfszdzb9ne2qdawckc&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_gMoVoASZJzNGcT5-gbZi6nIAZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2NjM3NTM0Njc5OTk1OTTIAQmpAgDnZx5_v7E-4AIAqAMBqgSEAk_QFkOhtqSvsB_DXfvZWX3sQhDVRnodOaVg3Qfg3fPkBqFrUUnJvUvgC3FN9-uWr9ZA3TOpGczRZYAsPBz5lGMphZ7GiHBqJ_1q3RiUCGSqJp-hcglevgemtrDuqBfFcWEzHg-CSwyApLBgLSPm__EU2qGF8NtI8txJHYZ2PTGPsdKM-nOqDDnwoy4dQbpHJuWyfvHMpfrI44slqDTajyxY_qm3eWDAvKajiXJBy_gpM51EW5e7OGGag29ZXDBGeU-sr4q8NIR-uXXDCgZlqR5OgfVxpUO_YfyPN0OaldnykgyfMXkpDdIW8JqW-rQuOoQrdtdC3TtX1f0kDQp9YfARI9sS4AQBgAaS9aHpmoa-1xagBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0t_Xs6HrGda2NuAB76qiUuoHAZhQ%26client%3Dca-pub-4663753467999594%26adurl%3D
Requested by
Host: 3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com
URL: https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b67a79863d8bc6569738b0c35ae9343be7115445225ed500a8ab238787037607
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
7a8999c0cdd99213-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Thu, 16 Mar 2023 02:35:03 GMT
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230314/r20110914/client/ Frame 7207 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230314/r20110914/client/window_focus_fy2021.js
Requested by
Host: 3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com
URL: https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 15 Mar 2023 22:31:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
14633
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 29 Mar 2023 22:31:10 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 24B3 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com
URL: https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
51102
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 15 Mar 2023 12:23:21 GMT
etag
48472445140208031
expires
Thu, 16 Mar 2023 12:23:21 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230314/r20110914/client/ Frame 7207 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230314/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com
URL: https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a9161954861bb1fd7d5044d99f9ce04137b3836979ce8c5c75d224642f57c3f9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 15 Mar 2023 18:10:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
30271
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8559
x-xss-protection
0
server
cafe
etag
11326455550778179109
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 29 Mar 2023 18:10:32 GMT
l
www.google.com/ads/measurement/ Frame 7207 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaR1WivhqUHxDGI0tslufs-pC-y_bhohFXi-Yi_1FU64JVhOBowpUeuXy6xsmEg4seib67H-NKDBqm1_19SFo_zXWA0Piw
Requested by
Host: 3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com
URL: https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 7207 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com
URL: https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 09 Mar 2023 10:51:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
575014
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 08 Mar 2024 10:51:29 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 7207 		158 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com
URL: https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3456dcd3eb25196e68e2822cca66a20c2f123bedf5986f159be674e4c40a05cb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:35:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49519
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1678880156327103"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 16 Mar 2023 02:35:03 GMT
ws-ad.js
wfpscripts.webspectator.com/ Frame B74A 		21 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wfpscripts.webspectator.com/ws-ad.js
Requested by
Host: webservices.webspectator.com
URL: https://webservices.webspectator.com/adunitMapping?appId=2739&eaup=/22452847/Istoe_Home&eolid=null&eci=null&ct=%7B%22pos%22%3A%5B%223%22%5D%7D&w=728&h=90&wsRotSlot=&isda=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.1.252.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-252-251.compute-1.amazonaws.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
9d02c3facc410ee6a9dceade80ce0bc710f6037df881453124d3f5c83a6241b5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://istoe.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:35:03 GMT
content-encoding
gzip
last-modified
Tue, 12 Feb 2019 15:34:42 GMT
server
nginx/1.10.3 (Ubuntu)
etag
"5134affc2f01c20ef17e399c5c7cbfbd"
x-cache-status
HIT
content-type
application/javascript
cache-control
max-age=300
content-length
8492
default.css
as.ad4m.at/ad/style/0.1.35/one-ad/ Frame B5BF 		94 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.35/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1gtm31qmgeard06krq87cknyrwzmm4hjtst03z0sk7nb1hf3ebnnhz77v291mcbsk3r5z7dpyr8jwnd8f7w86bypffrqgecawbvvemrnwhtedcdsk8t1we9m69xcvf041vv85qw1jqcf88cs8f32kfmjpd55s0fy6mtsrzfan6p7kd6fjp3c1ar602smerww8q1cf5mqe7vp8441v1q232yx3zdht4733dyj2csr10vph09ahdjw2xbdw3q4cvrw27cmd4sbw8z854mk86tty3by68vkadm6d97hss96rfggbn6g08348q7e5rw8v7mjy4szafhj9yn8txt077k3ebhzwfs0zgkgnmcdfjttvp2gf8w6epxvrpatgweqjaept7rr6zvp44sm7zsr6nsy2tetvrf72rmp4g3ew2saqawem10tn1bv7asz6w936c0d76gws5nn&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC8NDHVoASZPHNA6zHx_APrJee-AGQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi00NjYzNzUzNDY3OTk5NTk0yAEJqQIA52cef7-xPuACAKgDAaoEgAJP0K-bFVbdti8XsUr0ZV5Yr66sXCp57Dtpc6TqSzxMVHTg1VLEHk0ETeXxmK4mnTOycMA1pLE3fnnPd-TroSxasfGhGrDgs8RXwt3xpd_vjD6qH4QhYyMKB6me7mxmpFLn9ToUmv2zwU70xn6Zx_4IL_m7BlRr5zOcngVhO3sMU5Gnui52Gg6t2_AQbZr0GNdul7WHuyE2_K52bmzaF1a9BsPEf0U2Ff2touLkkrA8x_WEsBZqJr_w2kGuaVyOwofbowzsKMPqkOYOUPo1dIs2AU0p5OPx3JZjom6UxTZlM1_sQrzEiU1phUtz6s8qE59QtrecZk_Keq9nougYFgON4AQBgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2xgkY2wtJNXXK1WyWe-SzTrqvKdQ%26client%3Dca-pub-4663753467999594%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
926a4ca073c39c40cabffbf1b0371803f245f084cdb9177fc7b3f9d81c0e394d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1gtm31qmgeard06krq87cknyrwzmm4hjtst03z0sk7nb1hf3ebnnhz77v291mcbsk3r5z7dpyr8jwnd8f7w86bypffrqgecawbvvemrnwhtedcdsk8t1we9m69xcvf041vv85qw1jqcf88cs8f32kfmjpd55s0fy6mtsrzfan6p7kd6fjp3c1ar602smerww8q1cf5mqe7vp8441v1q232yx3zdht4733dyj2csr10vph09ahdjw2xbdw3q4cvrw27cmd4sbw8z854mk86tty3by68vkadm6d97hss96rfggbn6g08348q7e5rw8v7mjy4szafhj9yn8txt077k3ebhzwfs0zgkgnmcdfjttvp2gf8w6epxvrpatgweqjaept7rr6zvp44sm7zsr6nsy2tetvrf72rmp4g3ew2saqawem10tn1bv7asz6w936c0d76gws5nn&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC8NDHVoASZPHNA6zHx_APrJee-AGQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi00NjYzNzUzNDY3OTk5NTk0yAEJqQIA52cef7-xPuACAKgDAaoEgAJP0K-bFVbdti8XsUr0ZV5Yr66sXCp57Dtpc6TqSzxMVHTg1VLEHk0ETeXxmK4mnTOycMA1pLE3fnnPd-TroSxasfGhGrDgs8RXwt3xpd_vjD6qH4QhYyMKB6me7mxmpFLn9ToUmv2zwU70xn6Zx_4IL_m7BlRr5zOcngVhO3sMU5Gnui52Gg6t2_AQbZr0GNdul7WHuyE2_K52bmzaF1a9BsPEf0U2Ff2touLkkrA8x_WEsBZqJr_w2kGuaVyOwofbowzsKMPqkOYOUPo1dIs2AU0p5OPx3JZjom6UxTZlM1_sQrzEiU1phUtz6s8qE59QtrecZk_Keq9nougYFgON4AQBgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2xgkY2wtJNXXK1WyWe-SzTrqvKdQ%26client%3Dca-pub-4663753467999594%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:35:03 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime
1677666448
age
57691
cf-polished
origSize=96968
x-guploader-uploadid
ADPycduxnnyMRJTFaD4Dg7Hd8aRn6xTYu1PRy7TXWWh0GjCBxwAMZMkehaNAf-UCycuwqnGLPQWuj1EZCp5aL6ZRZOMYGSoR-sy7
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 01 Mar 2023 10:28:06 GMT
server
cloudflare
etag
W/"6110dc3a24c902508647a582294bcc25"
vary
Accept-Encoding
x-goog-generation
1677666486645030
content-type
text/css
x-goog-hash
crc32c=6qzuyQ==, md5=YRDcOiTJAlCGR6WCKUvMJQ==
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Nr%2BfIpwptfZ%2BjcmmlHJJRLQDoMBgVtz1juOA3UxZz2fn6Sd2LARxyLbhsUMG3bcE%2BvjbqEsVc1j%2FFj%2FvYEL9THU%2FrVyhWbhYmVlohoWagX2awN61MFcnWNUXGQUBLcEtilbeexvA0uk%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
96968
cf-ray
7a8999c0ddde9213-FRA
expires
Thu, 16 Mar 2023 03:35:03 GMT
r62eglto.js
ad4m.at/ Frame B5BF 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/r62eglto.js
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1gtm31qmgeard06krq87cknyrwzmm4hjtst03z0sk7nb1hf3ebnnhz77v291mcbsk3r5z7dpyr8jwnd8f7w86bypffrqgecawbvvemrnwhtedcdsk8t1we9m69xcvf041vv85qw1jqcf88cs8f32kfmjpd55s0fy6mtsrzfan6p7kd6fjp3c1ar602smerww8q1cf5mqe7vp8441v1q232yx3zdht4733dyj2csr10vph09ahdjw2xbdw3q4cvrw27cmd4sbw8z854mk86tty3by68vkadm6d97hss96rfggbn6g08348q7e5rw8v7mjy4szafhj9yn8txt077k3ebhzwfs0zgkgnmcdfjttvp2gf8w6epxvrpatgweqjaept7rr6zvp44sm7zsr6nsy2tetvrf72rmp4g3ew2saqawem10tn1bv7asz6w936c0d76gws5nn&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC8NDHVoASZPHNA6zHx_APrJee-AGQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi00NjYzNzUzNDY3OTk5NTk0yAEJqQIA52cef7-xPuACAKgDAaoEgAJP0K-bFVbdti8XsUr0ZV5Yr66sXCp57Dtpc6TqSzxMVHTg1VLEHk0ETeXxmK4mnTOycMA1pLE3fnnPd-TroSxasfGhGrDgs8RXwt3xpd_vjD6qH4QhYyMKB6me7mxmpFLn9ToUmv2zwU70xn6Zx_4IL_m7BlRr5zOcngVhO3sMU5Gnui52Gg6t2_AQbZr0GNdul7WHuyE2_K52bmzaF1a9BsPEf0U2Ff2touLkkrA8x_WEsBZqJr_w2kGuaVyOwofbowzsKMPqkOYOUPo1dIs2AU0p5OPx3JZjom6UxTZlM1_sQrzEiU1phUtz6s8qE59QtrecZk_Keq9nougYFgON4AQBgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2xgkY2wtJNXXK1WyWe-SzTrqvKdQ%26client%3Dca-pub-4663753467999594%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2d5e67a38c9a11424cac19ce192c9fd124a6d74e64d3791a01561dbd3e39c0b4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:35:03 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 14 Mar 2023 13:45:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
132566
etag
W/"fcb2a26b07bd76d9a925cae661d6d94d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mFvRTq7nCEPFgO4%2FuHsSauoKByKQHu7spFHyceLDSt3p%2BXLp6xD7wAOhQq1Qh2sBuBm4OF4NpKhZYdLZBxPlDrH0xerhEZdAMeGXKg7nC0eeSamh9we9pAcchieZhEBUWu8qDeQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray
7a8999c0dddf9213-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 14 Mar 2023 13:45:37 GMT
adunitMapping
webservices.webspectator.com/ Frame 470F 		734 B
774 B 		Script
General
Check archive.org
Download Go to
Full URL
https://webservices.webspectator.com/adunitMapping?appId=2739&eaup=/22452847/Istoe_Home&eolid=null&eci=null&ct=%7B%22pos%22%3A%5B%224%22%5D%7D&w=970&h=250&wsRotSlot=&isda=1
Requested by
Host: wfpscripts.webspectator.com
URL: https://wfpscripts.webspectator.com/ws-4.4.62.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.192.67.210 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-192-67-210.compute-1.amazonaws.com
Software
WildFly/10 / Undertow/1
Resource Hash
b8a33e6d9efb16579b8911406f121339d265625aa2aa3d614edf090cf9be4548

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://istoe.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 16 Mar 2023 02:35:03 GMT
Content-Encoding
gzip
Server
WildFly/10
X-Powered-By
Undertow/1
Transfer-Encoding
chunked
Content-Type
text/javascript;charset=UTF-8
X-NoCache
true
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Jan 1970 00:00:00 GMT
pvClk.min.js
analytics.webgains.io/ Frame A7D1 		85 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.webgains.io/pvClk.min.js
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=4371640&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1hnncrvfjr7jjtn3yt47s9srzfa1m02dv73d8gs6n38epv8sh4y6a4asnjn4c87h363b55bbkvnxk7s6p68e7p0gyybj3xwk9ps6aheqk7xm3bn5hr8g77bj093j15mj9nxn3pjfds5fx3p351vy00rcrw5zv6neq3d77qrk26knhxqcvm3d6g4fpe664kfnnh4eqh5ctpqkpa7swazf2671jqv1xb8mncrwvg3p082vqn6yrwvezjevbb6f30v2cqybtpr%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jy1z1n2g71jdkm05axvscd31wzx33vbmt1hb5g2f17s232h860htthpjwjfb9v7msbt2qpvrjkjtgcvrx4r412qkcdm2n247vbs83pxt0p11j7mgtrjvaxr38bkacjn4g8sc21ahqzae1g0bxbzmtng5k78g30bd721r7yzkvdvnh3sht53w1812ab08f3p8rtgx49tayr11m62y8m9qnqqkmbpm2rk0pbtnmc5sh19erqw8gxcsm9nb9j4187jj44mp3shj2p1wcebrgxpkj2j%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCIcIfVYASZLbjII2VgAfdx5iYA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2NjM3NTM0Njc5OTk1OTTIAQmpAgDnZx5_v7E-4AIAqAMBqgSFAk_QGQSz3xJT6XZ4DEnkwwisfGIhGSDp8Jl6OntfMt1X59Cerd7AVG0oaSmxr47qczQUoJn5e1AQiJIuRgvJYRyU-OaaUlm9Ae5C0vazt3UXYvVUvVyq74YmFOEigWHkDkSOyX-u85m94P4Otz_QOfqGujjmzZ8ynG9-W3ZlsXpXlYg2E7U7xGrRqAk6L2FKukezTrEUzS5bRt4OOiMByl2VWfsqT7Xe2LVZSHMArglChQHj_M2dDJBVA64T_9L_cF4Su6tFRK7kc-QTL1qhkVOd18PwIHLajW93m4DZCvNRDVBBNl0ze5aqPSaoUEB0mckcXlJVuwKFcJOvL-fEPOVmT57nteAEAYAG79rjt9a5xbd1oAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_1-Or66cd7sSfL0C0ihoipdMfswLQ%252526client%25253Dca-pub-4663753467999594%252526adurl%25253D&clickref=oneidWPefrfdfVrKWfYH5HjtDCEP1qt3SETVVmU9Q8Woneid__suite_Netmix_Reach121_BESTPERFORMER&viewref=oneid3qjcpf4fVbD3f7HrHAtEtMAbQaPSWTKKMsg2Y3oneid__suite_Netmix_Reach121_BESTPERFORMER
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-120.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
00c5621a3f56c052959f8f0591b65e893f132b49b1447fde20767966cacbfbfe

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 15 Mar 2023 17:26:36 GMT
content-encoding
gzip
via
1.1 da392114e7046bd9720a70f40c796f62.cloudfront.net (CloudFront)
last-modified
Wed, 08 Mar 2023 12:12:35 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P4
age
32908
etag
W/"876c293e6c37046ecb0c11ce2e276942"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
x-amz-cf-id
n0Eu3GIrCa_TKgTdEN4XtLGS3YOsgJZNmadfDYlUVxut0YuwLQCKbw==
Logo120x90.jpg
cdn.track.production.webgains.team/294690/ Frame A7D1 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.track.production.webgains.team/294690/Logo120x90.jpg?Expires=1678934402&Signature=RNVbejZR-wLpV9kBFwoT28VaojcUEXSXPn10Eu0MrfeZcplMKWAPBB~EfLpv16eDWdIs5KNlYAAEIDKAmuZZGpOVOL3ZN8-RVgSVMu~~B-DRgOzfaN6nZ8caeDQApLM1QQWNC-V4tADP8WVTwslUYx7trxx8smJCfZ2T5aEKPhkk2CNrpuLJg9qlJjkxZeYf7qXZwfcMytpgMuzHNXmxncrPQEfOdNOEUb7afwzXtKtRCqBuuH1IbAfIh3Ub65Ct5SXwCEnIFC~yhksMEgQWmjJCW~ux3oswT0JNOdTHT~OYVEIZ7Gas1AoiCid7FcEYIupcYLZh0bF4R5uJx6DUGw__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15573%2C196439%2C321735&b=G1rtBfpfVz7cKHeHGtPtdwJHZSYTJJkCQV5M%2CM7YHzfrfjePRUWHEHGtDt2jpCBS4TxxZhE2wV%2C3qjcpf4fVbD3f7HrHAtEtMAbQaPSWTKKMsg2Y3&f=Vb8twfmfRKbSVHbHAtXC4bmHBSzTggWuDJ7x%2C61wtef3fMW9mfeHmHYtEC5kmtYS1T33PTERYG%2CWPefrfdfVrKWfYH5HjtDCEP1qt3SETVVmU9Q8W&c=120&d=600&e=&g=869f10d2fd16e15a18b2b3676b17bd38%2F15749568168597614057&i=26474%2C25174%2C110819&j=41%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1678934102297&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jy1z1n2g71jdkm05axvscd31wzx33vbmt1hb5g2f17s232h860htthpjwjfb9v7msbt2qpvrjkjtgcvrx4r412qkcdm2n247vbs83pxt0p11j7mgtrjvaxr38bkacjn4g8sc21ahqzae1g0bxbzmtng5k78g30bd721r7yzkvdvnh3sht53w1812ab08f3p8rtgx49tayr11m62y8m9qnqqkmbpm2rk0pbtnmc5sh19erqw8gxcsm9nb9j4187jj44mp3shj2p1wcebrgxpkj2j%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCIcIfVYASZLbjII2VgAfdx5iYA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2NjM3NTM0Njc5OTk1OTTIAQmpAgDnZx5_v7E-4AIAqAMBqgSFAk_QGQSz3xJT6XZ4DEnkwwisfGIhGSDp8Jl6OntfMt1X59Cerd7AVG0oaSmxr47qczQUoJn5e1AQiJIuRgvJYRyU-OaaUlm9Ae5C0vazt3UXYvVUvVyq74YmFOEigWHkDkSOyX-u85m94P4Otz_QOfqGujjmzZ8ynG9-W3ZlsXpXlYg2E7U7xGrRqAk6L2FKukezTrEUzS5bRt4OOiMByl2VWfsqT7Xe2LVZSHMArglChQHj_M2dDJBVA64T_9L_cF4Su6tFRK7kc-QTL1qhkVOd18PwIHLajW93m4DZCvNRDVBBNl0ze5aqPSaoUEB0mckcXlJVuwKFcJOvL-fEPOVmT57nteAEAYAG79rjt9a5xbd1oAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1-Or66cd7sSfL0C0ihoipdMfswLQ%2526client%253Dca-pub-4663753467999594%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-94.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
afc207386e69748f65e917a95513ca8ef20068a3dc11c87b393733030d80f3d3

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id
null
date
Wed, 15 Mar 2023 08:20:39 GMT
via
1.1 c6b364b1181abfafd7a69f210841edca.cloudfront.net (CloudFront)
last-modified
Thu, 04 Aug 2022 13:56:07 GMT
server
AmazonS3
x-amz-cf-pop
FRA6-C1
age
65665
etag
"66da632e2658ba90a2b4863be372b9cf"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/jpeg
x-amz-storage-class
REDUCED_REDUNDANCY
accept-ranges
bytes
content-length
2298
x-amz-cf-id
FMulky0W1mlXtbH_LDs7CC2T_atdyu4FeufiixHHIlbU1l1mLDH7SA==
adview
securepubads.g.doubleclick.net/pagead/ Frame 7387 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=Co2NPVoASZOnUK8Lj7gPklKugB5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2NjM3NTM0Njc5OTk1OTTIAQmpAmUyKe-Vw7E-4AIAqAMBqgT9AU_QXHnjBdlqGlDUc9kBs-Y4gHWeWKh7fFdn5sqqbJ3bcFYlNXUNokN4EEeM3fwfErcBVzFXq7ujR7O7vOyvP7OGGg0-nLRi6_1UTL6wCJuYYUikIPL5a3dUhPTrACFTWWW78m4VXYyOoXJ7Z9dYzfrXkxwDzYIfInFVaJKwY3sRS2GWoWVk3hrq9azKf6V8Lj66Fty8LvoReiAneCS3r5GEWT3yP5kOS_-tqySh3X3wMHiMXJn2CoDzfvM8jBFex20M0qtbGBW7AKDevBAD9KWm15-G_2BE1evTlqb1NLzmgSB1QC3ABNFGb71eUMvOZTmjLQ0yaa40o_dLsM_gBAGABrnqssHX0466vgGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBAgAoB-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTQ2NjM3NTM0Njc5OTk1OTQYh7AO&sigh=K1_bXjEili0&uach_m=[UACH]&cid=CAQSPADUE5ymPd4Se6Lv-z5_vGxow-dQKI16YzfBK78TP9wrJcIlgw6m4uh7wnIygDjCubbxMqDSIwe2SMf53hgB
Requested by
Host: istoe.com.br
URL: https://istoe.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers
winResponse
prod-rtb.ad4mat.net/ Frame 7387 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prod-rtb.ad4mat.net/winResponse?a=1jgb7sy0enhc32berxbw3ezq8ccb7hzzwmg18cdfjvkvv0s1gpvt2ekdve8cynf66chpqvq6sz1s6yxvvvp34yj12bh5wjqye1h5aam6696vcm63mt0jxwa1mpv8gmkp0a9axjbrrak7rvk6vfb3z3y8afkcky5669bj9k3wy5rdw90wcsxakv6d3cgfn2b3b4hhkwe4jem7fdvvpqbqf9b0be96jmdyjc0qa6vyg9d9xfrxyf793c1abqwt9zv2qnk5mx103yda79ar1pmympqfrar437yxbvmc3atvmfnp1h3dkgde0cftsa4aayg1c60rdnfmk6ab1bj080ss1y57hfm28ztg233366hevd223jekgn3tvvcbce3ypbn3pbf117r6a6gnqt8&b=ZBKAVgAK6mkKe7HCAArKZACp9Hwj_eL4KiDpTg
Requested by
Host: istoe.com.br
URL: https://istoe.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 16 Mar 2023 02:35:03 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
image/gif
dr
as.ad4m.at/ad/ Frame 1A69 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/dr?ed=1hrz5pks30fkse0nmnstnpy7nf72zy9v4mqya02cfgz5fqq9s1tcctkb5ef46f86g1e0sb7a3ay0tb741jnccf7ns9wgxr5dx7cbx6x2s0jrk5jymrvshbx6h6h2e4g190sa29rh3p237jmcfbf30mmfwsms8fq9e8g09ymh06173pq0c4cnvcx89ey752b9cn1ebe0bnahv65asaph5qvy7kdfqegepj05cxqpn83pwvwptgxjvpb126kfqrdgztjb4ezkcwsdwv869erfxkg954y66j2b2yzj7kpgczprayak85vpwnww3w2vxztaqshmcsb8rstsxpw7cfmcqydx4ka2zfzb9vj3bkybzyp8fstzb3ekt5ccysh039kr0bj00y7hsfr9apjw3bcspj8ecbmetszeaawvmvjjbb2qhfmc5fc3b6n3xbf6j8h9z6z9jxf4v&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC2rg2VoASZOnUK8Lj7gPklKugB5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2NjM3NTM0Njc5OTk1OTTIAQmpAmUyKe-Vw7E-4AIAqAMBqgSAAk_QXHnjBdlqGlDUc9kBs-Y4gHWeWKh7fFdn5sqqbJ3bcFYlNXUNokN4EEeM3fwfErcBVzFXq7ujR7O7vOyvP7OGGg0-nLRi6_1UTL6wCJuYYUikIPL5a3dUhPTrACFTWWW78m4VXYyOoXJ7Z9dYzfrXkxwDzYIfInFVaJKwY3sRS2GWoWVk3hrq9azKf6V8Lj66Fty8LvoReiAneCS3r5GEWT3yP5kOS_-tqySh3X3wMHiMXJn2CoDzfvM8jBFex20M0qtbGBW7AKDevBAD9KWm15-G_2BEl-nyBHEMs_wuBmjjmmRS9uhSZRBUftMT5fvqv_Wmd4IsdivU8AeMVAbgBAGABrnqssHX0466vgGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_29pSuQS7WbIJCBaoJJQ9HIiAJecw%26client%3Dca-pub-4663753467999594%26adurl%3D
Requested by
Host: 3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com
URL: https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7e781a3deda03367b8136f6ac04fb0d189629c209c0a22473ce5951e3effa31b
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
7a8999c18e389213-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Thu, 16 Mar 2023 02:35:03 GMT
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230314/r20110914/client/ Frame 7387 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230314/r20110914/client/window_focus_fy2021.js
Requested by
Host: 3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com
URL: https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 15 Mar 2023 22:31:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
14633
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 29 Mar 2023 22:31:10 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 2A61 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com
URL: https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
51102
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 15 Mar 2023 12:23:21 GMT
etag
48472445140208031
expires
Thu, 16 Mar 2023 12:23:21 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230314/r20110914/client/ Frame 7387 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230314/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com
URL: https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a9161954861bb1fd7d5044d99f9ce04137b3836979ce8c5c75d224642f57c3f9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 15 Mar 2023 18:10:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
30271
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8559
x-xss-protection
0
server
cafe
etag
11326455550778179109
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 29 Mar 2023 18:10:32 GMT
l
www.google.com/ads/measurement/ Frame 7387 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTK3tAak4h5IMjee4aXd86cEoGOpoWy1HI43rIHpyj2Uo6RymDMHLGgFzpr134R-9MzsIz_dLVfWdb7_Nscq2BWEBDWvQ
Requested by
Host: 3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com
URL: https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 7387 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com
URL: https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 09 Mar 2023 10:51:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
575014
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 08 Mar 2024 10:51:29 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 7387 		158 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com
URL: https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3456dcd3eb25196e68e2822cca66a20c2f123bedf5986f159be674e4c40a05cb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:35:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49519
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1678880156327103"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 16 Mar 2023 02:35:03 GMT
default.css
as.ad4m.at/ad/style/0.1.35/one-ad/ Frame 098C 		94 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.35/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1h3wecdh5ma6q0qemv8cxymps4abb86ayd0pp8nqwyphdy4tcn64km4xt5a18mfgjwkvhqp7f68eqs6swrm8r2phzncc12x8trtv3fvk02rb5sx1asmmx09rg4e07t292mf5rwzst3da6eezg9qh8z948sk814zdz620p167fj440p8svaexk8zyh3nbsmaf4sqaxeq04hmqtbacsfhz3xtfctrc2yah3wwfrmt0qa0yqej803rtewvj1t8xwnh26ycrg8nbyj0t1vwe0m3855e2m5f7m6qzpfge0xcskwqn3dpp8vggtygh725x75rww94mtvgy81vp4d0wa34vdnk47rtzgzwwm6f9b2yem78ckccqnssc3gz34gm9a5my9fd4mbzwd7b0s7sbtzww7yywk9p3dshp69k6dvrzzb50x1wnmm6stwhghfszdzb9ne2qdawckc&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_gMoVoASZJzNGcT5-gbZi6nIAZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2NjM3NTM0Njc5OTk1OTTIAQmpAgDnZx5_v7E-4AIAqAMBqgSEAk_QFkOhtqSvsB_DXfvZWX3sQhDVRnodOaVg3Qfg3fPkBqFrUUnJvUvgC3FN9-uWr9ZA3TOpGczRZYAsPBz5lGMphZ7GiHBqJ_1q3RiUCGSqJp-hcglevgemtrDuqBfFcWEzHg-CSwyApLBgLSPm__EU2qGF8NtI8txJHYZ2PTGPsdKM-nOqDDnwoy4dQbpHJuWyfvHMpfrI44slqDTajyxY_qm3eWDAvKajiXJBy_gpM51EW5e7OGGag29ZXDBGeU-sr4q8NIR-uXXDCgZlqR5OgfVxpUO_YfyPN0OaldnykgyfMXkpDdIW8JqW-rQuOoQrdtdC3TtX1f0kDQp9YfARI9sS4AQBgAaS9aHpmoa-1xagBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0t_Xs6HrGda2NuAB76qiUuoHAZhQ%26client%3Dca-pub-4663753467999594%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
926a4ca073c39c40cabffbf1b0371803f245f084cdb9177fc7b3f9d81c0e394d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1h3wecdh5ma6q0qemv8cxymps4abb86ayd0pp8nqwyphdy4tcn64km4xt5a18mfgjwkvhqp7f68eqs6swrm8r2phzncc12x8trtv3fvk02rb5sx1asmmx09rg4e07t292mf5rwzst3da6eezg9qh8z948sk814zdz620p167fj440p8svaexk8zyh3nbsmaf4sqaxeq04hmqtbacsfhz3xtfctrc2yah3wwfrmt0qa0yqej803rtewvj1t8xwnh26ycrg8nbyj0t1vwe0m3855e2m5f7m6qzpfge0xcskwqn3dpp8vggtygh725x75rww94mtvgy81vp4d0wa34vdnk47rtzgzwwm6f9b2yem78ckccqnssc3gz34gm9a5my9fd4mbzwd7b0s7sbtzww7yywk9p3dshp69k6dvrzzb50x1wnmm6stwhghfszdzb9ne2qdawckc&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_gMoVoASZJzNGcT5-gbZi6nIAZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2NjM3NTM0Njc5OTk1OTTIAQmpAgDnZx5_v7E-4AIAqAMBqgSEAk_QFkOhtqSvsB_DXfvZWX3sQhDVRnodOaVg3Qfg3fPkBqFrUUnJvUvgC3FN9-uWr9ZA3TOpGczRZYAsPBz5lGMphZ7GiHBqJ_1q3RiUCGSqJp-hcglevgemtrDuqBfFcWEzHg-CSwyApLBgLSPm__EU2qGF8NtI8txJHYZ2PTGPsdKM-nOqDDnwoy4dQbpHJuWyfvHMpfrI44slqDTajyxY_qm3eWDAvKajiXJBy_gpM51EW5e7OGGag29ZXDBGeU-sr4q8NIR-uXXDCgZlqR5OgfVxpUO_YfyPN0OaldnykgyfMXkpDdIW8JqW-rQuOoQrdtdC3TtX1f0kDQp9YfARI9sS4AQBgAaS9aHpmoa-1xagBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0t_Xs6HrGda2NuAB76qiUuoHAZhQ%26client%3Dca-pub-4663753467999594%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:35:03 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime
1677666448
age
57691
cf-polished
origSize=96968
x-guploader-uploadid
ADPycduxnnyMRJTFaD4Dg7Hd8aRn6xTYu1PRy7TXWWh0GjCBxwAMZMkehaNAf-UCycuwqnGLPQWuj1EZCp5aL6ZRZOMYGSoR-sy7
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 01 Mar 2023 10:28:06 GMT
server
cloudflare
etag
W/"6110dc3a24c902508647a582294bcc25"
vary
Accept-Encoding
x-goog-generation
1677666486645030
content-type
text/css
x-goog-hash
crc32c=6qzuyQ==, md5=YRDcOiTJAlCGR6WCKUvMJQ==
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7oKRBlDM5rIOiON5z16kNzS5MnuO6d3j7UeTtoYrcAAK7zIVoGcwh42dd9LJkHqulLWTZYZ%2FqbMPZDIVcwohf2922kCl0wqAUidiwAV2FoM0%2Fv9hNdVskLsWgHgo6ymgd4vAj%2BLC2%2Bg%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
96968
cf-ray
7a8999c19e3d9213-FRA
expires
Thu, 16 Mar 2023 03:35:03 GMT
r62eglto.js
ad4m.at/ Frame 098C 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/r62eglto.js
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1h3wecdh5ma6q0qemv8cxymps4abb86ayd0pp8nqwyphdy4tcn64km4xt5a18mfgjwkvhqp7f68eqs6swrm8r2phzncc12x8trtv3fvk02rb5sx1asmmx09rg4e07t292mf5rwzst3da6eezg9qh8z948sk814zdz620p167fj440p8svaexk8zyh3nbsmaf4sqaxeq04hmqtbacsfhz3xtfctrc2yah3wwfrmt0qa0yqej803rtewvj1t8xwnh26ycrg8nbyj0t1vwe0m3855e2m5f7m6qzpfge0xcskwqn3dpp8vggtygh725x75rww94mtvgy81vp4d0wa34vdnk47rtzgzwwm6f9b2yem78ckccqnssc3gz34gm9a5my9fd4mbzwd7b0s7sbtzww7yywk9p3dshp69k6dvrzzb50x1wnmm6stwhghfszdzb9ne2qdawckc&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_gMoVoASZJzNGcT5-gbZi6nIAZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2NjM3NTM0Njc5OTk1OTTIAQmpAgDnZx5_v7E-4AIAqAMBqgSEAk_QFkOhtqSvsB_DXfvZWX3sQhDVRnodOaVg3Qfg3fPkBqFrUUnJvUvgC3FN9-uWr9ZA3TOpGczRZYAsPBz5lGMphZ7GiHBqJ_1q3RiUCGSqJp-hcglevgemtrDuqBfFcWEzHg-CSwyApLBgLSPm__EU2qGF8NtI8txJHYZ2PTGPsdKM-nOqDDnwoy4dQbpHJuWyfvHMpfrI44slqDTajyxY_qm3eWDAvKajiXJBy_gpM51EW5e7OGGag29ZXDBGeU-sr4q8NIR-uXXDCgZlqR5OgfVxpUO_YfyPN0OaldnykgyfMXkpDdIW8JqW-rQuOoQrdtdC3TtX1f0kDQp9YfARI9sS4AQBgAaS9aHpmoa-1xagBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0t_Xs6HrGda2NuAB76qiUuoHAZhQ%26client%3Dca-pub-4663753467999594%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2d5e67a38c9a11424cac19ce192c9fd124a6d74e64d3791a01561dbd3e39c0b4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:35:03 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 14 Mar 2023 13:45:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
132566
etag
W/"fcb2a26b07bd76d9a925cae661d6d94d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PJ43z8NgSQvK3Uea3eQoJ3bwiD5soew0O0QY%2Fgz2pi26NBujKmXWMnJqr3RDnWJ2vvfRsX0MJhTduCGn5JZM3RXvtjwyKWSG0DgXAtgndTeeZPdfryzHGvW82RHiBVZ3VbgPChM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray
7a8999c19e3e9213-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 14 Mar 2023 13:45:37 GMT
pixel
cm.g.doubleclick.net/ Frame DCBB
Redirect Chain
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEEUxbFy4soK4lqZ-LRl_66I&google_cver=1&google_push=Aa02lx8YB5icXhGYzgihRiLkQJaBvZ8kzQbHYoFNUImArIOEWiUzGSQs2E...
  • https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=Aa02lx8YB5icXhGYzgihRiLkQJaBvZ8kzQbHYoFNUImArIOEWiUzGSQs2EMvT5uIp7-uNtxlnXMSCMrBKaEJHHrSexS_Ev0qYiXL_Rg&google_hm=RRHcez6TA...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=Aa02lx8YB5icXhGYzgihRiLkQJaBvZ8kzQbHYoFNUImArIOEWiUzGSQs2EMvT5uIp7-uNtxlnXMSCMrBKaEJHHrSexS_Ev0qYiXL_Rg&google_hm=RRHcez6TAyIA49RpZJ4gmQ
Requested by
Host: 3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com
URL: https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Mar 2023 02:35:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=Aa02lx8YB5icXhGYzgihRiLkQJaBvZ8kzQbHYoFNUImArIOEWiUzGSQs2EMvT5uIp7-uNtxlnXMSCMrBKaEJHHrSexS_Ev0qYiXL_Rg&google_hm=RRHcez6TAyIA49RpZJ4gmQ
pragma
no-cache
date
Thu, 16 Mar 2023 02:35:03 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
strict-transport-security
max-age=86400
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
google
match.adsrvr.org/track/cmf/ Frame DCBB 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEFZHdOds9G4hVrVNMNbju70&google_cver=1&google_push=Aa02lx_UZkg61_FcegTP4OdSOmQMiqIzGcKLCfY8YOpr4Ho4rj21sZQ6i3THK3cZWxCQrjhhZ56IRqXg1HiSCl5xNniuRvuUWNzIC1U
Requested by
Host: 3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com
URL: https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 16 Mar 2023 02:35:03 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame DCBB
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEJzgAIR_hINzXxip4X4uho4&google_cver=1&google_push=Aa02lx__CcWlNVJJwMEdL_5ieiAZTMUDUtDByYis7qy3LMPAefHiWwPd6G4aOjrs6gcssgIALvl0VD-XUXiLc8NW7RgYoZT...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx__CcWlNVJJwMEdL_5ieiAZTMUDUtDByYis7qy3LMPAefHiWwPd6G4aOjrs6gcssgIALvl0VD-XUXiLc8NW7RgYoZTTZOCt5x0&google_hm=eS0wQ2k4WUhCRTJwR19...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx__CcWlNVJJwMEdL_5ieiAZTMUDUtDByYis7qy3LMPAefHiWwPd6G4aOjrs6gcssgIALvl0VD-XUXiLc8NW7RgYoZTTZOCt5x0&google_hm=eS0wQ2k4WUhCRTJwR19Xc29WbnBHT2NyQVBMbmpsV3ZYNn5B
Requested by
Host: 3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com
URL: https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Mar 2023 02:35:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 16 Mar 2023 02:35:03 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx__CcWlNVJJwMEdL_5ieiAZTMUDUtDByYis7qy3LMPAefHiWwPd6G4aOjrs6gcssgIALvl0VD-XUXiLc8NW7RgYoZTTZOCt5x0&google_hm=eS0wQ2k4WUhCRTJwR19Xc29WbnBHT2NyQVBMbmpsV3ZYNn5B
content-length
0
attr
cm.g.doubleclick.net/pixel/ Frame DCBB 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13K1p6e3K07HssdcssM45BnMQ69qITRMRb2FXKiA6n1QTQ
Requested by
Host: 3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com
URL: https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:35:03 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
default.css
as.ad4m.at/ad/style/0.1.35/one-ad/ Frame 1A69 		94 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.35/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1hrz5pks30fkse0nmnstnpy7nf72zy9v4mqya02cfgz5fqq9s1tcctkb5ef46f86g1e0sb7a3ay0tb741jnccf7ns9wgxr5dx7cbx6x2s0jrk5jymrvshbx6h6h2e4g190sa29rh3p237jmcfbf30mmfwsms8fq9e8g09ymh06173pq0c4cnvcx89ey752b9cn1ebe0bnahv65asaph5qvy7kdfqegepj05cxqpn83pwvwptgxjvpb126kfqrdgztjb4ezkcwsdwv869erfxkg954y66j2b2yzj7kpgczprayak85vpwnww3w2vxztaqshmcsb8rstsxpw7cfmcqydx4ka2zfzb9vj3bkybzyp8fstzb3ekt5ccysh039kr0bj00y7hsfr9apjw3bcspj8ecbmetszeaawvmvjjbb2qhfmc5fc3b6n3xbf6j8h9z6z9jxf4v&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC2rg2VoASZOnUK8Lj7gPklKugB5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2NjM3NTM0Njc5OTk1OTTIAQmpAmUyKe-Vw7E-4AIAqAMBqgSAAk_QXHnjBdlqGlDUc9kBs-Y4gHWeWKh7fFdn5sqqbJ3bcFYlNXUNokN4EEeM3fwfErcBVzFXq7ujR7O7vOyvP7OGGg0-nLRi6_1UTL6wCJuYYUikIPL5a3dUhPTrACFTWWW78m4VXYyOoXJ7Z9dYzfrXkxwDzYIfInFVaJKwY3sRS2GWoWVk3hrq9azKf6V8Lj66Fty8LvoReiAneCS3r5GEWT3yP5kOS_-tqySh3X3wMHiMXJn2CoDzfvM8jBFex20M0qtbGBW7AKDevBAD9KWm15-G_2BEl-nyBHEMs_wuBmjjmmRS9uhSZRBUftMT5fvqv_Wmd4IsdivU8AeMVAbgBAGABrnqssHX0466vgGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_29pSuQS7WbIJCBaoJJQ9HIiAJecw%26client%3Dca-pub-4663753467999594%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
926a4ca073c39c40cabffbf1b0371803f245f084cdb9177fc7b3f9d81c0e394d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1hrz5pks30fkse0nmnstnpy7nf72zy9v4mqya02cfgz5fqq9s1tcctkb5ef46f86g1e0sb7a3ay0tb741jnccf7ns9wgxr5dx7cbx6x2s0jrk5jymrvshbx6h6h2e4g190sa29rh3p237jmcfbf30mmfwsms8fq9e8g09ymh06173pq0c4cnvcx89ey752b9cn1ebe0bnahv65asaph5qvy7kdfqegepj05cxqpn83pwvwptgxjvpb126kfqrdgztjb4ezkcwsdwv869erfxkg954y66j2b2yzj7kpgczprayak85vpwnww3w2vxztaqshmcsb8rstsxpw7cfmcqydx4ka2zfzb9vj3bkybzyp8fstzb3ekt5ccysh039kr0bj00y7hsfr9apjw3bcspj8ecbmetszeaawvmvjjbb2qhfmc5fc3b6n3xbf6j8h9z6z9jxf4v&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC2rg2VoASZOnUK8Lj7gPklKugB5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2NjM3NTM0Njc5OTk1OTTIAQmpAmUyKe-Vw7E-4AIAqAMBqgSAAk_QXHnjBdlqGlDUc9kBs-Y4gHWeWKh7fFdn5sqqbJ3bcFYlNXUNokN4EEeM3fwfErcBVzFXq7ujR7O7vOyvP7OGGg0-nLRi6_1UTL6wCJuYYUikIPL5a3dUhPTrACFTWWW78m4VXYyOoXJ7Z9dYzfrXkxwDzYIfInFVaJKwY3sRS2GWoWVk3hrq9azKf6V8Lj66Fty8LvoReiAneCS3r5GEWT3yP5kOS_-tqySh3X3wMHiMXJn2CoDzfvM8jBFex20M0qtbGBW7AKDevBAD9KWm15-G_2BEl-nyBHEMs_wuBmjjmmRS9uhSZRBUftMT5fvqv_Wmd4IsdivU8AeMVAbgBAGABrnqssHX0466vgGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_29pSuQS7WbIJCBaoJJQ9HIiAJecw%26client%3Dca-pub-4663753467999594%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:35:03 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime
1677666448
age
57691
cf-polished
origSize=96968
x-guploader-uploadid
ADPycduxnnyMRJTFaD4Dg7Hd8aRn6xTYu1PRy7TXWWh0GjCBxwAMZMkehaNAf-UCycuwqnGLPQWuj1EZCp5aL6ZRZOMYGSoR-sy7
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 01 Mar 2023 10:28:06 GMT
server
cloudflare
etag
W/"6110dc3a24c902508647a582294bcc25"
vary
Accept-Encoding
x-goog-generation
1677666486645030
content-type
text/css
x-goog-hash
crc32c=6qzuyQ==, md5=YRDcOiTJAlCGR6WCKUvMJQ==
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IuDYAcA5N3%2FwoMiFXSHWiXWhprFj25dig5%2BqrCoQl6kwjoVoGU83doVURaZH2DaMZabjb7NWPXxGrYeEasTTv9sg2onXgrBdjJqMwOleP25nW9U2oB7NdASrRu0s4pDR6xjNyKNkLic%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
96968
cf-ray
7a8999c23e8a9213-FRA
expires
Thu, 16 Mar 2023 03:35:03 GMT
r62eglto.js
ad4m.at/ Frame 1A69 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/r62eglto.js
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1hrz5pks30fkse0nmnstnpy7nf72zy9v4mqya02cfgz5fqq9s1tcctkb5ef46f86g1e0sb7a3ay0tb741jnccf7ns9wgxr5dx7cbx6x2s0jrk5jymrvshbx6h6h2e4g190sa29rh3p237jmcfbf30mmfwsms8fq9e8g09ymh06173pq0c4cnvcx89ey752b9cn1ebe0bnahv65asaph5qvy7kdfqegepj05cxqpn83pwvwptgxjvpb126kfqrdgztjb4ezkcwsdwv869erfxkg954y66j2b2yzj7kpgczprayak85vpwnww3w2vxztaqshmcsb8rstsxpw7cfmcqydx4ka2zfzb9vj3bkybzyp8fstzb3ekt5ccysh039kr0bj00y7hsfr9apjw3bcspj8ecbmetszeaawvmvjjbb2qhfmc5fc3b6n3xbf6j8h9z6z9jxf4v&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC2rg2VoASZOnUK8Lj7gPklKugB5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2NjM3NTM0Njc5OTk1OTTIAQmpAmUyKe-Vw7E-4AIAqAMBqgSAAk_QXHnjBdlqGlDUc9kBs-Y4gHWeWKh7fFdn5sqqbJ3bcFYlNXUNokN4EEeM3fwfErcBVzFXq7ujR7O7vOyvP7OGGg0-nLRi6_1UTL6wCJuYYUikIPL5a3dUhPTrACFTWWW78m4VXYyOoXJ7Z9dYzfrXkxwDzYIfInFVaJKwY3sRS2GWoWVk3hrq9azKf6V8Lj66Fty8LvoReiAneCS3r5GEWT3yP5kOS_-tqySh3X3wMHiMXJn2CoDzfvM8jBFex20M0qtbGBW7AKDevBAD9KWm15-G_2BEl-nyBHEMs_wuBmjjmmRS9uhSZRBUftMT5fvqv_Wmd4IsdivU8AeMVAbgBAGABrnqssHX0466vgGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_29pSuQS7WbIJCBaoJJQ9HIiAJecw%26client%3Dca-pub-4663753467999594%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2d5e67a38c9a11424cac19ce192c9fd124a6d74e64d3791a01561dbd3e39c0b4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:35:03 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 14 Mar 2023 13:45:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
132566
etag
W/"fcb2a26b07bd76d9a925cae661d6d94d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dNJOMCMMm5yW96wrL%2BvMTggnyeH0%2FjUvvOhtJ8U%2BwdKQo1%2BU9NY1bvYRDw1wlqYXVM5CTSjMb4IJsYWvnogdslRHF1XvXKqG82Z7mv7HPFv2kE%2BOrgVfktdTZRCknQImhRbWj8k%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray
7a8999c23e8b9213-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 14 Mar 2023 13:45:37 GMT
adunitMapping
webservices.webspectator.com/ Frame F491 		726 B
770 B 		Script
General
Check archive.org
Download Go to
Full URL
https://webservices.webspectator.com/adunitMapping?appId=2739&eaup=/22452847/Istoe_Home&eolid=null&eci=null&ct=%7B%7D&w=728&h=90&wsRotSlot=&isda=1
Requested by
Host: wfpscripts.webspectator.com
URL: https://wfpscripts.webspectator.com/ws-4.4.62.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.192.67.210 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-192-67-210.compute-1.amazonaws.com
Software
WildFly/10 / Undertow/1
Resource Hash
f68f087d59e516b8ef9af7b4c43bda59cf7d34c4ca1e834efad0307fa345e5b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://istoe.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 16 Mar 2023 02:35:03 GMT
Content-Encoding
gzip
Server
WildFly/10
X-Powered-By
Undertow/1
Transfer-Encoding
chunked
Content-Type
text/javascript;charset=UTF-8
X-NoCache
true
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Jan 1970 00:00:00 GMT
dpixel
cms.quantserve.com/ Frame 24B3 		35 B
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEEUxbFy4soK4lqZ-LRl_66I&google_cver=1&google_push=Aa02lx_gLMaUVwloEOm5aZRJxK6J_NVOvcWAxEMUa_kFecIeJO7B55TVrh0cvn4z5kwYekhk3nCs1TxLCFFdpq3mB_AnOBWp3aWrrWU
Requested by
Host: 3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com
URL: https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:de2e:c7b3:55c0:d5a0 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 16 Mar 2023 02:35:03 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
strict-transport-security
max-age=86400
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
google
match.adsrvr.org/track/cmf/ Frame 24B3 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEFZHdOds9G4hVrVNMNbju70&google_cver=1&google_push=Aa02lx8-dlfVA2S9tHj5IVvftKZJHRuR14_WBh_a3eNnxzB-_jorHgs8i-5O-YtlPT_U7Res7grlwddE7h7Hmkf3xciNaZOh-GxPJG4
Requested by
Host: 3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com
URL: https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 16 Mar 2023 02:35:03 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 24B3
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEJzgAIR_hINzXxip4X4uho4&google_cver=1&google_push=Aa02lx_LDznFGjsiGNG6gNY5sHGoTyg1TGJkeGCspbz4f5s4CyXUCllPsy_nr8ec1QjSqfdek74SyexzBLuie1SJoUaRcc5...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx_LDznFGjsiGNG6gNY5sHGoTyg1TGJkeGCspbz4f5s4CyXUCllPsy_nr8ec1QjSqfdek74SyexzBLuie1SJoUaRcc53V66uK7s&google_hm=eS0wQ2k4WUhCRTJwR19...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx_LDznFGjsiGNG6gNY5sHGoTyg1TGJkeGCspbz4f5s4CyXUCllPsy_nr8ec1QjSqfdek74SyexzBLuie1SJoUaRcc53V66uK7s&google_hm=eS0wQ2k4WUhCRTJwR19Xc29WbnBHT2NyQVBMbmpsV3ZYNn5B
Requested by
Host: 3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com
URL: https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Mar 2023 02:35:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 16 Mar 2023 02:35:03 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx_LDznFGjsiGNG6gNY5sHGoTyg1TGJkeGCspbz4f5s4CyXUCllPsy_nr8ec1QjSqfdek74SyexzBLuie1SJoUaRcc53V66uK7s&google_hm=eS0wQ2k4WUhCRTJwR19Xc29WbnBHT2NyQVBMbmpsV3ZYNn5B
content-length
0
attr
cm.g.doubleclick.net/pixel/ Frame 24B3 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IR1m-p4ikKWBSRbFlAGmDyX73tNCFNdXoQtKeBwb6zFw
Requested by
Host: 3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com
URL: https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:35:03 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
relytopics.html
resources-rt.idx.lat/ Frame 639F 		1 KB
850 B 		Document
General
Check archive.org
Download Go to
Full URL
https://resources-rt.idx.lat/relytopics.html?siteUrl=https://istoe.com.br
Requested by
Host: resources-rt.idx.lat
URL: https://resources-rt.idx.lat/T2.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4acb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f813e0face82cbe92c8a92ec562d1f6551f34bb20eae1aedbed177b45d2700ca

Request headers

Referer
https://istoe.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1247
cache-control
max-age=86400
cf-cache-status
HIT
cf-ray
7a8999c27b4abbda-FRA
content-encoding
gzip
content-type
text/html
date
Thu, 16 Mar 2023 02:35:03 GMT
last-modified
Fri, 24 Feb 2023 15:55:48 GMT
server
cloudflare
vary
Accept-Encoding
via
1.1 8d07edb8bf98788bf512d51f8cc554f6.cloudfront.net (CloudFront)
x-amz-cf-id
hbSvgU2zFNvQrXYHATV7l-pRtvh_HYqVZAEzgJSzm1Z0cnkXsp4_iA==
x-amz-cf-pop
FRA56-P6
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		79 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: tags.denakop.com
URL: https://tags.denakop.com/10076/denakop.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b3ec1618d3e929668626e7cc9f6c958f654c4dccfe32bd1f517833cc000feeab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://istoe.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:35:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27421
x-xss-protection
0
server
sffe
etag
"1512 / 237 of 1000 / last-modified: 1678929173"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 16 Mar 2023 02:35:03 GMT
prebid.js
tags.denakop.com/ 		275 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.denakop.com/prebid.js
Requested by
Host: tags.denakop.com
URL: https://tags.denakop.com/10076/denakop.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:160e -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
7e42ab12a1f9f4fae98ca66922274bd751c9793ad0afe0361dad4a1026e5dc70

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://istoe.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:35:03 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Thu, 02 Feb 2023 13:45:25 GMT
server
cloudflare
age
1403
cf-polished
origSize=282535
etag
W/"63dbbe75-44fa7"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, must-revalidate, max-age=3600
timing-allow-origin
*
cf-ray
7a8999c29b179052-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
istoe.com.br.js
tags.denakop.com/10076/ 		214 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.denakop.com/10076/istoe.com.br.js
Requested by
Host: tags.denakop.com
URL: https://tags.denakop.com/10076/denakop.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:160e -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
6b4088267ae7d06f74cc5aa358d34e827f98555a0bba794f28d5dd1c11ae5ad7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://istoe.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:35:03 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Wed, 15 Mar 2023 15:07:19 GMT
server
cloudflare
age
3403
etag
W/"6411df27-3566e"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, must-revalidate, max-age=3600
timing-allow-origin
*
cf-ray
7a8999c29b189052-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
apstag.js
c.amazon-adsystem.com/aax2/ 		222 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: tags.denakop.com
URL: https://tags.denakop.com/10076/denakop.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.195.78 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2e2d56cece389641b16dea99088a149ade31ad4dd2a3864f501c729dac4543e0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://istoe.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:34:34 GMT
content-encoding
gzip
via
1.1 6b17c6258978715ba0681e1d5589502c.cloudfront.net (CloudFront), 1.1 3b02f73dccc5077f1ad544a27a475ed6.cloudfront.net (CloudFront)
last-modified
Wed, 15 Mar 2023 20:24:51 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, FRA2-C1
age
30
x-amz-server-side-encryption
AES256
etag
W/"a7e0149ce78dcfe46a1b0656ebdcc903"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-id
EB20l1-M-qYs-yDnEhS7X6LOJb1aRcht-S1Fq9XbNjWDkzovia1mpg==
ws-ad.js
wfpscripts.webspectator.com/ Frame 470F 		21 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wfpscripts.webspectator.com/ws-ad.js
Requested by
Host: webservices.webspectator.com
URL: https://webservices.webspectator.com/adunitMapping?appId=2739&eaup=/22452847/Istoe_Home&eolid=null&eci=null&ct=%7B%22pos%22%3A%5B%224%22%5D%7D&w=970&h=250&wsRotSlot=&isda=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.1.252.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-252-251.compute-1.amazonaws.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
9d02c3facc410ee6a9dceade80ce0bc710f6037df881453124d3f5c83a6241b5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://istoe.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:35:03 GMT
content-encoding
gzip
last-modified
Tue, 12 Feb 2019 15:34:42 GMT
server
nginx/1.10.3 (Ubuntu)
etag
"5134affc2f01c20ef17e399c5c7cbfbd"
x-cache-status
HIT
content-type
application/javascript
cache-control
max-age=300
content-length
8492
dpixel
cms.quantserve.com/ Frame 2A61 		35 B
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEEUxbFy4soK4lqZ-LRl_66I&google_cver=1&google_push=Aa02lx_m1xW6-oCAFbzEDR2i8XtC8Xq9cAAh73Ah66HfYoaMT3h8B2n67RpQx7JboVpe3DE3ZcJPvR3_03bcTt78UcmJDwwgkch0l1zi
Requested by
Host: 3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com
URL: https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:de2e:c7b3:55c0:d5a0 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 16 Mar 2023 02:35:03 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
strict-transport-security
max-age=86400
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
google
match.adsrvr.org/track/cmf/ Frame 2A61 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEFZHdOds9G4hVrVNMNbju70&google_cver=1&google_push=Aa02lx-k2eCxTt15WM-aJa-mckIBPTSpoTF__kyQWC9ifZ1UJoq-jCcgGIq5QXxm8DV9k_NxL_DYYbvvGZrrkpWnCUSoro6PnN3j4Fg
Requested by
Host: 3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com
URL: https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 16 Mar 2023 02:35:03 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 2A61
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEJzgAIR_hINzXxip4X4uho4&google_cver=1&google_push=Aa02lx9lRVbCtcMkafb7UrCQak30inzoTputGLQpQUtrwwyQM-u-8MXnmprO0cOqIbVvRzbDtPTonrCeIJGt3QSg8YNsH9O...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx9lRVbCtcMkafb7UrCQak30inzoTputGLQpQUtrwwyQM-u-8MXnmprO0cOqIbVvRzbDtPTonrCeIJGt3QSg8YNsH9OlyWGGK9s&google_hm=eS0wQ2k4WUhCRTJwR19...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx9lRVbCtcMkafb7UrCQak30inzoTputGLQpQUtrwwyQM-u-8MXnmprO0cOqIbVvRzbDtPTonrCeIJGt3QSg8YNsH9OlyWGGK9s&google_hm=eS0wQ2k4WUhCRTJwR19Xc29WbnBHT2NyQVBMbmpsV3ZYNn5B
Requested by
Host: 3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com
URL: https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Mar 2023 02:35:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 16 Mar 2023 02:35:03 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx9lRVbCtcMkafb7UrCQak30inzoTputGLQpQUtrwwyQM-u-8MXnmprO0cOqIbVvRzbDtPTonrCeIJGt3QSg8YNsH9OlyWGGK9s&google_hm=eS0wQ2k4WUhCRTJwR19Xc29WbnBHT2NyQVBMbmpsV3ZYNn5B
content-length
0
attr
cm.g.doubleclick.net/pixel/ Frame 2A61 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KDKO4LuQ-G-dKSnlsHsISuTkLVWfpP0rE-OCW8ldzSRg
Requested by
Host: 3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com
URL: https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:35:03 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
truncated
/ Frame 7207 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c155a4d20eeb8f36e9772923363493852b846d2138a814ac6a5394fb09ba1b0d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type
image/png
frame.html
ad4m.at/ Frame 4A83 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
293468
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
public, max-age=3600
cf-cache-status
HIT
cf-ray
7a8999c31efc9213-FRA
content-encoding
br
content-language
en
content-type
text/html; charset=utf-8
date
Thu, 16 Mar 2023 02:35:03 GMT
expires
Mon, 27 Feb 2023 21:37:06 GMT
last-modified
Thu, 25 Aug 2022 14:12:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jl1%2BaxH%2BCPC1r2wc%2FYjOxxqYjzQDaaLeIsxfPifFHbEwEn6DtjJsoXP6zEchGz7yGdZiHE%2FBu8qsubNyWUSLtKheBLZAlYwqnhZunRYQxaGwZByNkI%2BizxEA7oxPcXhHugkDRjQ%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 098C 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.35/one-ad/default.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:444e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:35:03 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2742
x-guploader-uploadid
ADPycds1SLdGXbfm0r3qDGy8sfwZXQfpj1kJA4sERetf1LIRiVzV7g41c7a-EwZMzWmu5dxBmhh2VgdQIymIU8Old3wWOUTyb-2i
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3262
last-modified
Tue, 21 Jun 2022 12:31:17 GMT
server
cloudflare
etag
"794c84d30e213ec6a144d64215f07551"
vary
Accept-Encoding
x-goog-generation
1655814677405990
content-type
image/png
content-language
en
x-goog-hash
crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
cache-control
public, max-age=7200
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uT6boxkFyATi%2BgKqzj5ybDK0elNa8GTI3TJVca%2FM70rI3iY5dTjJOYCH3VQ3MCJXDPU4rvB9EJPUKCelrhLJsRgQ3jTQQENM%2F5dEU61nn4gAc4WAT0D2vGVQjqO8sPcqukZhGSde4Eyh6f4Z8O38ujx7"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
3262
accept-ranges
bytes
cf-ray
7a8999c31d2f2c4f-FRA
expires
Thu, 16 Mar 2023 02:18:59 GMT
frame.html
ad4m.at/ Frame EA69 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
293468
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
public, max-age=3600
cf-cache-status
HIT
cf-ray
7a8999c34f129213-FRA
content-encoding
br
content-language
en
content-type
text/html; charset=utf-8
date
Thu, 16 Mar 2023 02:35:03 GMT
expires
Mon, 27 Feb 2023 21:37:06 GMT
last-modified
Thu, 25 Aug 2022 14:12:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wxE7jSKkEDvt3uey7%2BV44pjbIuZxiQm7pQGBrMpBaR66ABZTbSKwOPJsHCJ792m7ZuIXjkKA%2BCufeU5ALr69Ns4HWHukQL99pigOYOqbSu8sJ5nudZcu9YfQuM%2BLazVT22GOMpI%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
truncated
/ Frame 7387 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a2fda8e31661220ed47964003f8283abbc0ffaa73ced84863b87aa6019065929

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type
image/png
adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 1A69 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.35/one-ad/default.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:444e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:35:03 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2742
x-guploader-uploadid
ADPycds1SLdGXbfm0r3qDGy8sfwZXQfpj1kJA4sERetf1LIRiVzV7g41c7a-EwZMzWmu5dxBmhh2VgdQIymIU8Old3wWOUTyb-2i
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3262
last-modified
Tue, 21 Jun 2022 12:31:17 GMT
server
cloudflare
etag
"794c84d30e213ec6a144d64215f07551"
vary
Accept-Encoding
x-goog-generation
1655814677405990
content-type
image/png
content-language
en
x-goog-hash
crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
cache-control
public, max-age=7200
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=myqdkYRcj9L8TLYenmFtzkYG2Hmfw5GgHxET4IvMjpQsQMJi7nEi%2F3bMrUF0GHzTbnyQHOV0mkNv8djIPHLTf1amqgA951HBZ1j%2BF99sjwcSITzw%2Bo5PJE5Y4uVf24h11Iv3pEJQ2iJP7D7Qbq6Mq6xI"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
3262
accept-ranges
bytes
cf-ray
7a8999c37d682c4f-FRA
expires
Thu, 16 Mar 2023 02:18:59 GMT
ws-ad.js
wfpscripts.webspectator.com/ Frame F491 		21 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wfpscripts.webspectator.com/ws-ad.js
Requested by
Host: webservices.webspectator.com
URL: https://webservices.webspectator.com/adunitMapping?appId=2739&eaup=/22452847/Istoe_Home&eolid=null&eci=null&ct=%7B%7D&w=728&h=90&wsRotSlot=&isda=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.1.252.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-252-251.compute-1.amazonaws.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
9d02c3facc410ee6a9dceade80ce0bc710f6037df881453124d3f5c83a6241b5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://istoe.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:35:03 GMT
content-encoding
gzip
last-modified
Tue, 12 Feb 2019 15:34:42 GMT
server
nginx/1.10.3 (Ubuntu)
etag
"5134affc2f01c20ef17e399c5c7cbfbd"
x-cache-status
HIT
content-type
application/javascript
cache-control
max-age=300
content-length
8492
VideoBidRequestHandlerServlet
am-wf.taboola.com/ 		2 KB
942 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://am-wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1678934103611&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=3&pv=1507&pt=-1799574963&tz=0&viewable=true&ddast=V7VG8CFgPW4ebAeYgwoQTW4ebAeYgwoQUAAAAGBvQHJGbxWCyuicUt8syWa9HMZlxLHJORWzlZ7WaWxcgw8q2MQGIWj8XimljcIs9suRbNbMa1xDEZuZWT1W5mWYwMI9_KChzGcpkMaoGEZfb7DkK-22UQFV1vi93hNHveUIGm0-Fz3euVntPfZdf43XaJ5S8HAAAAgIf___9_CAAAAIAIAAAAAAkAAAAAioCKfwuBCwAAAACM____fw0AKI4Dsrw8J5fdHwAAAAAgAAAAACQAA_a1JQAVa3Un__________8xA_SZNzL_____NwY9AA8-AA9CAAAAH0Mr5SafGw-4bkQFwkWMAAAAAHKrNxuPJnVCZVH1___fbwVwBQAQYIhexGORpTso8RYGAAAAMLZAD4vfb3bYNX63y_7_________zf7P_tGEmHri0oK64EjVfgEBANZ-AQEA2MYNAOBNAC7oCFoxGKwOQZar1WAymcwOAAAA4O7___9fD0R2G49xsVoMRibHZDIaroYTx2hk3MxMjsXI5Nxs71g3-J-zVQSlz0NYZr_vIOS7XQZR0fW22B1Os-cgPmgYlpNBML8JW4xWk8lmOZwtF5PBcDQcjfY3EIvFACdisFxOJovJbjVajTbD3Wg2WKBADCZI0aLBZDUaTRaT4Wo0Wc2Wi91ugxStWs1Gm8FwNZvMdrvVcDBcjkY4YYvRajLZLIez5WIyGI6Go9EQYcY22s1sk9Fa5LLY3KLFaLiWOHybtWbkWEwmy-XGNFisRa-P6WLYGFYjwxYFA0T2InlapBORy2OabVbGmXE3mCw8ruVk5ZyYHMvdcuFZLlyOiViiOVmkE9llX9ltPMbFajEYmRyTyWi4Gk4co5FxMzM5FiOTc7Pv2Ea7mW0yWotcFptbtBgN1xKHb7PWjByLyWS53JgGi7Xo9TFdDBvDamTYN2a74XIzGixn-8ZsN1xuRoPlbN9hMj1Tn7NReNxqPD7FM3aTWW8Og8JlsHh_EtNi2p0dTGff0WnzqZdFndHv9_v9fr_f7_f7DVrPwWxQ-LbRW7Z3DZpL17G5IDYYFLFEcJFOVCan6W95eNZKz-lvEUuUpot0oi_63S7Dw-fyV8QSwekinQj9bpdF_ceHGK7mksVmrlit5orRYpUAAAAAAAAAAJYwZ94EAAAA4DSQ1XI3W63zIEaDzW62Wi5AhJSp7s-xXMhZxi70LqMW-vwET0dQcePHDWVymv6Wh2et9Jz-VgaIkCpl3vyZINZqtawBAAAEsAEAAAK4dfMWmDrF_____8cBAADIyNEDAADQ7wNdwY9eK_TE8RfEYDTbDQ!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=8&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=1&dtagid=1403765&dpubid=259765&abtst=nonrv_vA!prp_vC!prp_vC!ufm_vG&mPre=0.033&cirf=https%3A%2F%2Fistoe.com.br&en=1&subu=3
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.9.9/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
439eecbc5ee271e848b2b07d57dc67b391c9f8740f8ca25cf03c7471a2ccdce1

Request headers

Referer
https://istoe.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Thu, 16 Mar 2023 02:35:03 GMT
content-encoding
gzip
server
nginx
machineid
1461
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://istoe.com.br
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
expires
Sat, 26 Jul 1997 05:00:00 GMT
frame.html
ad4m.at/ Frame FDFF 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
293468
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
public, max-age=3600
cf-cache-status
HIT
cf-ray
7a8999c3bf519213-FRA
content-encoding
br
content-language
en
content-type
text/html; charset=utf-8
date
Thu, 16 Mar 2023 02:35:03 GMT
expires
Mon, 27 Feb 2023 21:37:06 GMT
last-modified
Thu, 25 Aug 2022 14:12:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QUkPOrGhJfUcZb3JJyvMH6LbrP2k0XsKkQpsBvSsZFLBigi7WpUfTraFDQ%2FUuUNjV7DqwX1olJMl%2Fmfmoei%2F%2FnmHzjZC6dkG6t2qrSDPSct9zEWxUC8RlkQaZ3M1Mrla9DKnziU%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
config
c.amazon-adsystem.com/cdn/prod/ 		0
307 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fistoe.com.br&pubid=2bb0a508-595f-49a8-87af-9e3915fc9884
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.195.78 -, , ASN (),
Reverse DNS
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://istoe.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 15 Mar 2023 23:32:07 GMT
via
1.1 3b02f73dccc5077f1ad544a27a475ed6.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA2-C1
age
10976
x-cache
Hit from cloudfront
access-control-allow-origin
https://istoe.com.br
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-id
4boYlLN9-j1VXIMT6ZJFaxxEx77de4X7G4p9Z4i70dG1GOGve9ku_Q==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.195.78 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://istoe.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id
XEGmc9MeWOPeqjC.bMBvPzs7I4WH7xPz
content-encoding
gzip
via
1.1 dde0b4b1e223fa23670e93078a04c116.cloudfront.net (CloudFront)
date
Thu, 16 Mar 2023 02:13:56 GMT
x-amz-cf-pop
FRA2-C1
age
4548
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Fri, 03 Mar 2023 23:20:46 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
A1tg3svmJAGz4Tbb6EoUdvb9XN40WgHnyHAyqVBsUENwEqcB6Pb1Mw==
api.gif
tags.denakop.com/ 		0
366 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.denakop.com/api.gif?a=10076&d=desktop&b=Chrome&o=Windows&v=4.18.8&sw=1600&sh=1200&ac=p&p=https%3A%2F%2Fistoe.com.br%2F&t=1678934103663&cb=0.6238447626603179
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:160e -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://istoe.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Mar 2023 02:35:03 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
x-frame-options
DENY
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
cf-ray
7a8999c3e8f5912a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
Sun, 01 Jan 2014 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 72B7 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?v=3&s=pagead&action=load3pas&it=fb.635,e2e.1808,fs.598,reqs.599,ress.635,rese.636&srt=38&e=&id=csi_pagead&gqid=&qqid=CPHQhPa03_0CFazjEQgdrIsHHw&rt=lb.986,ol.1173
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Mar 2023 02:35:03 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tracking-event
api.webgains.io/ Frame 6DA3 		16 B
232 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.41.33.70 -, , ASN (),
Reverse DNS
Software
nginx / PHP/8.1.14
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 16 Mar 2023 02:35:03 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/8.1.14
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
tracking-event
api.webgains.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.41.33.70 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-headers
Authorization, Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
*
date
Thu, 16 Mar 2023 02:35:03 GMT
server
nginx
rs
ad4m.at/ Frame B5BF 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc595a01fcb32a59f727cea14c299998e7dbff8fc27d5b590b048cd5211aff41

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 16 Mar 2023 02:35:03 GMT
via
1.1 google
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wWdskb01UZRtPvncUBiXTA0catz6fbURFQbODcJW7zOyyw%2F3ii51bn2t9Ty%2FOLlQGQQquou6%2Bhq4qjDCMQ7z0F9PPRMLOnGuGvo1L1HkvfCZmqOm76Kk9HNWnDmcUOV4t4G%2BjrA%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://as.ad4m.at
access-control-allow-credentials
true
cf-ray
7a8999c4e80d9295-FRA
x-backend-server
aa-reachservice-group-europe-west1-8tkt
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
rs
ad4m.at/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin
https://as.ad4m.at
access-control-max-age
1800
allow
HEAD,POST,GET,OPTIONS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7a8999c4afed9295-FRA
content-length
24
content-type
text/plain
date
Thu, 16 Mar 2023 02:35:03 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NcnAVMjWVVFQ1PQSMH%2BTZu79koeOkNRPCNDABc9%2BzVOqnXTBsF%2BD%2BZjrK%2F7bFfw1flo4Q4y8wk3y9KIfbyDoG02Gb5Wo7G%2F2sB%2BfU6RHRiie36OBTYvo7mBU3VsulNz%2BgXTA%2BGM%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
via
1.1 google
x-backend-server
aa-reachservice-group-europe-west1-8tkt
rs
ad4m.at/ Frame 098C 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e0b1c39c8a80b6444c8e453a9b61b1c9d8abfacf35264ca442b5c0f614682ca

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 16 Mar 2023 02:35:03 GMT
via
1.1 google
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ktOOu%2FRliuMwPV2Aztii6UdiJbbQ4LfJRv3M9Bzo7Wp6l%2F3A6FIlcRwNlQCEui0JN1RDSFNnINg0Sd77bZVb0J2003LfeGP6KxNHmYMTlgTG2%2FcUfEdLmwzSXLtfeb%2FU9Ok7v6g%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://as.ad4m.at
access-control-allow-credentials
true
cf-ray
7a8999c4d80a9295-FRA
x-backend-server
aa-reachservice-group-europe-west1-8tkt
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
rs
ad4m.at/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin
https://as.ad4m.at
access-control-max-age
1800
allow
HEAD,POST,GET,OPTIONS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7a8999c4afef9295-FRA
content-length
24
content-type
text/plain
date
Thu, 16 Mar 2023 02:35:03 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f9LfTzH8kas8MlWx%2BW2MlUgJHwogSIJIHfULCJjvsjcB%2BMJiRgHi1SEKAY9ghZfDqDN0AH7rlVdyi6T5z5rVvpTlDsnvgXioBc35x5w5dfw8fcj8z44Z53eZBP2r1s3vt%2Bj29%2BI%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
via
1.1 google
x-backend-server
aa-reachservice-group-europe-west1-8tkt
rs
ad4m.at/ Frame 1A69 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6a371ac14501ffac6be8d3d91412836f48b19ba6ea5fb246df8f516abf1c8545

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 16 Mar 2023 02:35:03 GMT
via
1.1 google
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E43J7Nb4N89hncId2Q8Aw3i3SaR34Dp1yjy11Fj2V2jjS4FE4lMSVUFv4f%2B8aL%2ByePdJh7NKABLtyHdhPUa2ovJTT2C7VeqfrMqdwxxWbdWD00UF9T3LkjIyndmn5c6gTni3J40%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://as.ad4m.at
access-control-allow-credentials
true
cf-ray
7a8999c4e8159295-FRA
x-backend-server
aa-reachservice-group-europe-west1-8tkt
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
rs
ad4m.at/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin
https://as.ad4m.at
access-control-max-age
1800
allow
HEAD,POST,GET,OPTIONS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7a8999c4bffb9295-FRA
content-length
24
content-type
text/plain
date
Thu, 16 Mar 2023 02:35:03 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kO3XTaTfC2J%2BB0xpVNxqmmn6S01qiG7LlwmciOMp0GSyEZ0LHk4g4JfZqH39vW0YulQ7u2L%2FiWMFT4MfoMnBP9Z9ny1ZYr0zbzlkoiNVcAGQs4372TCAZuTV1zsPeIJ8b62Eq6Q%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
via
1.1 google
x-backend-server
aa-reachservice-group-europe-west1-8tkt
tracking-event
api.webgains.io/ Frame 31EB 		16 B
232 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.41.33.70 -, , ASN (),
Reverse DNS
Software
nginx / PHP/8.1.14
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 16 Mar 2023 02:35:03 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/8.1.14
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
tracking-event
api.webgains.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.41.33.70 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-headers
Authorization, Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
*
date
Thu, 16 Mar 2023 02:35:03 GMT
server
nginx
rar
as.ad4m.at/ad/ Frame B3D0 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/rar?a=19769%2C325408%2C29002&b=jk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2CD13t3fwf26AYC3HmH9t1tkKwQsxSmTYYQSZMQg%2CxmDFQfAf7EJCPHdHztQtxJEH7S6TKKps17xd&f=xmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2Cdk8aEfkf5W2qcEHjHwtqC5wK3CeS4T55PfgVPW%2CY4Xsrf3fr5gaVH9HetgCpQ5HkS1Tddju1ZYe&c=800&d=250&e=&g=307dd0c0ec66c5a5a55caa41fad61896%2F723741124875372859&i=21630%2C84417%2C25052&j=16%2C52%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1678934103834&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gwv99q3pzw60219sxy42b2tx60j6sanmd34z7r6a4epeakyjcfq877qcew5gypt1tz4acmt3fhj78drtjt7pcmvhhcz6qkzhge7pw2505z0tfw4scy9ae7nad6pk346kvmzghdxj08car0q6s0e83qpyr9zec84cbrkmgzvatpabxkrk6eyz53986ah309npd08531ea3jwwk8tthz0y2dq7heb8pxmw2ky2x3nhyxrew2pdhh8z4k184kfd11q1td19vahy42pe3306cznwa0d%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC_gMoVoASZJzNGcT5-gbZi6nIAZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2NjM3NTM0Njc5OTk1OTTIAQmpAgDnZx5_v7E-4AIAqAMBqgSEAk_QFkOhtqSvsB_DXfvZWX3sQhDVRnodOaVg3Qfg3fPkBqFrUUnJvUvgC3FN9-uWr9ZA3TOpGczRZYAsPBz5lGMphZ7GiHBqJ_1q3RiUCGSqJp-hcglevgemtrDuqBfFcWEzHg-CSwyApLBgLSPm__EU2qGF8NtI8txJHYZ2PTGPsdKM-nOqDDnwoy4dQbpHJuWyfvHMpfrI44slqDTajyxY_qm3eWDAvKajiXJBy_gpM51EW5e7OGGag29ZXDBGeU-sr4q8NIR-uXXDCgZlqR5OgfVxpUO_YfyPN0OaldnykgyfMXkpDdIW8JqW-rQuOoQrdtdC3TtX1f0kDQp9YfARI9sS4AQBgAaS9aHpmoa-1xagBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0t_Xs6HrGda2NuAB76qiUuoHAZhQ%2526client%253Dca-pub-4663753467999594%2526adurl%253D&y=1&s=&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
159b24f26e27f72c02e2b510a8f9f5d7127f018ada04b763349bb1cdf84721b2
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://as.ad4m.at/ad/dr?ed=1h3wecdh5ma6q0qemv8cxymps4abb86ayd0pp8nqwyphdy4tcn64km4xt5a18mfgjwkvhqp7f68eqs6swrm8r2phzncc12x8trtv3fvk02rb5sx1asmmx09rg4e07t292mf5rwzst3da6eezg9qh8z948sk814zdz620p167fj440p8svaexk8zyh3nbsmaf4sqaxeq04hmqtbacsfhz3xtfctrc2yah3wwfrmt0qa0yqej803rtewvj1t8xwnh26ycrg8nbyj0t1vwe0m3855e2m5f7m6qzpfge0xcskwqn3dpp8vggtygh725x75rww94mtvgy81vp4d0wa34vdnk47rtzgzwwm6f9b2yem78ckccqnssc3gz34gm9a5my9fd4mbzwd7b0s7sbtzww7yywk9p3dshp69k6dvrzzb50x1wnmm6stwhghfszdzb9ne2qdawckc&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_gMoVoASZJzNGcT5-gbZi6nIAZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2NjM3NTM0Njc5OTk1OTTIAQmpAgDnZx5_v7E-4AIAqAMBqgSEAk_QFkOhtqSvsB_DXfvZWX3sQhDVRnodOaVg3Qfg3fPkBqFrUUnJvUvgC3FN9-uWr9ZA3TOpGczRZYAsPBz5lGMphZ7GiHBqJ_1q3RiUCGSqJp-hcglevgemtrDuqBfFcWEzHg-CSwyApLBgLSPm__EU2qGF8NtI8txJHYZ2PTGPsdKM-nOqDDnwoy4dQbpHJuWyfvHMpfrI44slqDTajyxY_qm3eWDAvKajiXJBy_gpM51EW5e7OGGag29ZXDBGeU-sr4q8NIR-uXXDCgZlqR5OgfVxpUO_YfyPN0OaldnykgyfMXkpDdIW8JqW-rQuOoQrdtdC3TtX1f0kDQp9YfARI9sS4AQBgAaS9aHpmoa-1xagBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0t_Xs6HrGda2NuAB76qiUuoHAZhQ%26client%3Dca-pub-4663753467999594%26adurl%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
7a8999c51ffc9213-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Thu, 16 Mar 2023 02:35:03 GMT
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
rar
as.ad4m.at/ad/ Frame 1213 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/rar?a=63352%2C64769%2C117569&b=PGBuBfbfKY6mt9HjHbtMtY9qCJS9TDDAU6R3D%2Cjk8aEfGfx6VAuYHEH2t6txexsZSzT11bTdrg7%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=bk8aQfZfKqZRtYHbHzt8CqGxubSJTMMZHKqQP%2CxmDFQfAfAZzjsPHdHztDC3E3s7S6TKKps17xd%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=728&d=90&e=&g=fbdd7d044dd5f0856f103cfefc557fa0%2F969736781405137192&i=28908%2C27835%2C29981&j=24%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1678934103836&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jcw6wt12gjdeks4b4gnrapx75hyk3v2d86vdy5tvbgdpvh60v2asea1x2nb82337jt5vn768hhhj22eat1mg2768g4b470284a4hqq0hc0x1vdazce949zwwbczsw9r2hkaa1k6xwyfra77ht8w6vv9vt6fyngwjnrpts6pkp3b4g3c3y8h78sym3wvcm4gkn5g0r1rkkzn64xpxyj2rbcga6kycz9d05w58zk7pmcyfdzd9n7p8am028rbaky6mypzw90gapcqe3zvaa71mdyx%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC8NDHVoASZPHNA6zHx_APrJee-AGQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi00NjYzNzUzNDY3OTk5NTk0yAEJqQIA52cef7-xPuACAKgDAaoEgAJP0K-bFVbdti8XsUr0ZV5Yr66sXCp57Dtpc6TqSzxMVHTg1VLEHk0ETeXxmK4mnTOycMA1pLE3fnnPd-TroSxasfGhGrDgs8RXwt3xpd_vjD6qH4QhYyMKB6me7mxmpFLn9ToUmv2zwU70xn6Zx_4IL_m7BlRr5zOcngVhO3sMU5Gnui52Gg6t2_AQbZr0GNdul7WHuyE2_K52bmzaF1a9BsPEf0U2Ff2touLkkrA8x_WEsBZqJr_w2kGuaVyOwofbowzsKMPqkOYOUPo1dIs2AU0p5OPx3JZjom6UxTZlM1_sQrzEiU1phUtz6s8qE59QtrecZk_Keq9nougYFgON4AQBgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2xgkY2wtJNXXK1WyWe-SzTrqvKdQ%2526client%253Dca-pub-4663753467999594%2526adurl%253D&y=1&s=&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c08ad2189cec61068fe509a653f1460af130be0d646938a52bf9c8271278ec6f
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://as.ad4m.at/ad/dr?ed=1gtm31qmgeard06krq87cknyrwzmm4hjtst03z0sk7nb1hf3ebnnhz77v291mcbsk3r5z7dpyr8jwnd8f7w86bypffrqgecawbvvemrnwhtedcdsk8t1we9m69xcvf041vv85qw1jqcf88cs8f32kfmjpd55s0fy6mtsrzfan6p7kd6fjp3c1ar602smerww8q1cf5mqe7vp8441v1q232yx3zdht4733dyj2csr10vph09ahdjw2xbdw3q4cvrw27cmd4sbw8z854mk86tty3by68vkadm6d97hss96rfggbn6g08348q7e5rw8v7mjy4szafhj9yn8txt077k3ebhzwfs0zgkgnmcdfjttvp2gf8w6epxvrpatgweqjaept7rr6zvp44sm7zsr6nsy2tetvrf72rmp4g3ew2saqawem10tn1bv7asz6w936c0d76gws5nn&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC8NDHVoASZPHNA6zHx_APrJee-AGQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi00NjYzNzUzNDY3OTk5NTk0yAEJqQIA52cef7-xPuACAKgDAaoEgAJP0K-bFVbdti8XsUr0ZV5Yr66sXCp57Dtpc6TqSzxMVHTg1VLEHk0ETeXxmK4mnTOycMA1pLE3fnnPd-TroSxasfGhGrDgs8RXwt3xpd_vjD6qH4QhYyMKB6me7mxmpFLn9ToUmv2zwU70xn6Zx_4IL_m7BlRr5zOcngVhO3sMU5Gnui52Gg6t2_AQbZr0GNdul7WHuyE2_K52bmzaF1a9BsPEf0U2Ff2touLkkrA8x_WEsBZqJr_w2kGuaVyOwofbowzsKMPqkOYOUPo1dIs2AU0p5OPx3JZjom6UxTZlM1_sQrzEiU1phUtz6s8qE59QtrecZk_Keq9nougYFgON4AQBgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2xgkY2wtJNXXK1WyWe-SzTrqvKdQ%26client%3Dca-pub-4663753467999594%26adurl%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
7a8999c52fff9213-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Thu, 16 Mar 2023 02:35:03 GMT
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
rar
as.ad4m.at/ad/ Frame 285F 		11 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/rar?a=19458%2C188429%2C197862&b=Z28fwfBf6wRUmHDHDt3tJJZC6SXTQQefY5jB%2CmD8hefGfWJ6jsmHZHZtztJGjTKSwTeezuGgw2%2C3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3&f=9kMaMfmfxEVFKHBH2tzCrr9U9SmTzzmSrbBX%2C791CqfzfjD9JarHXHgtECVdXS4S1TQQ2f2kBW%2CWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W&c=728&d=90&e=&g=64369f81fb561724c4f54962039ede43%2F2990747796723692709&i=20774%2C21596%2C71725&j=14%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1678934103843&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kfqz9v6skd2jye7dyyy3cd7q1kmnh209sppdnst3gm7bnwpnky0jh6y3qh3nhhpfmqtvwy21zke5wekbxa5v0hbw979w9r1epa3w2trnj8swj3h2evk2xzxvy1bhfn2xytkzcyrz3hj1ejsmw6s680xxx4sqpmk0tp7ymjc3256kwjcew18ddfhvq87bm6wf25bnk2m6bxp7p5qjs1t7c6t9v5csqr8graetcnq954wvkcsxk3z4qzv04aqff2y75txzqnzfvr87hx26eyqwt37%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC2rg2VoASZOnUK8Lj7gPklKugB5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2NjM3NTM0Njc5OTk1OTTIAQmpAmUyKe-Vw7E-4AIAqAMBqgSAAk_QXHnjBdlqGlDUc9kBs-Y4gHWeWKh7fFdn5sqqbJ3bcFYlNXUNokN4EEeM3fwfErcBVzFXq7ujR7O7vOyvP7OGGg0-nLRi6_1UTL6wCJuYYUikIPL5a3dUhPTrACFTWWW78m4VXYyOoXJ7Z9dYzfrXkxwDzYIfInFVaJKwY3sRS2GWoWVk3hrq9azKf6V8Lj66Fty8LvoReiAneCS3r5GEWT3yP5kOS_-tqySh3X3wMHiMXJn2CoDzfvM8jBFex20M0qtbGBW7AKDevBAD9KWm15-G_2BEl-nyBHEMs_wuBmjjmmRS9uhSZRBUftMT5fvqv_Wmd4IsdivU8AeMVAbgBAGABrnqssHX0466vgGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_29pSuQS7WbIJCBaoJJQ9HIiAJecw%2526client%253Dca-pub-4663753467999594%2526adurl%253D&y=1&s=&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
29e1d8c14a236e4b772ce93822d138e3e3d462c7b6905468cc195f132a996fa0
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://as.ad4m.at/ad/dr?ed=1hrz5pks30fkse0nmnstnpy7nf72zy9v4mqya02cfgz5fqq9s1tcctkb5ef46f86g1e0sb7a3ay0tb741jnccf7ns9wgxr5dx7cbx6x2s0jrk5jymrvshbx6h6h2e4g190sa29rh3p237jmcfbf30mmfwsms8fq9e8g09ymh06173pq0c4cnvcx89ey752b9cn1ebe0bnahv65asaph5qvy7kdfqegepj05cxqpn83pwvwptgxjvpb126kfqrdgztjb4ezkcwsdwv869erfxkg954y66j2b2yzj7kpgczprayak85vpwnww3w2vxztaqshmcsb8rstsxpw7cfmcqydx4ka2zfzb9vj3bkybzyp8fstzb3ekt5ccysh039kr0bj00y7hsfr9apjw3bcspj8ecbmetszeaawvmvjjbb2qhfmc5fc3b6n3xbf6j8h9z6z9jxf4v&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC2rg2VoASZOnUK8Lj7gPklKugB5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2NjM3NTM0Njc5OTk1OTTIAQmpAmUyKe-Vw7E-4AIAqAMBqgSAAk_QXHnjBdlqGlDUc9kBs-Y4gHWeWKh7fFdn5sqqbJ3bcFYlNXUNokN4EEeM3fwfErcBVzFXq7ujR7O7vOyvP7OGGg0-nLRi6_1UTL6wCJuYYUikIPL5a3dUhPTrACFTWWW78m4VXYyOoXJ7Z9dYzfrXkxwDzYIfInFVaJKwY3sRS2GWoWVk3hrq9azKf6V8Lj66Fty8LvoReiAneCS3r5GEWT3yP5kOS_-tqySh3X3wMHiMXJn2CoDzfvM8jBFex20M0qtbGBW7AKDevBAD9KWm15-G_2BEl-nyBHEMs_wuBmjjmmRS9uhSZRBUftMT5fvqv_Wmd4IsdivU8AeMVAbgBAGABrnqssHX0466vgGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_29pSuQS7WbIJCBaoJJQ9HIiAJecw%26client%3Dca-pub-4663753467999594%26adurl%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
7a8999c528029213-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Thu, 16 Mar 2023 02:35:03 GMT
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
default.css
as.ad4m.at/ad/style/0.1.35/one-ad/ Frame B3D0 		94 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.35/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19769%2C325408%2C29002&b=jk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2CD13t3fwf26AYC3HmH9t1tkKwQsxSmTYYQSZMQg%2CxmDFQfAf7EJCPHdHztQtxJEH7S6TKKps17xd&f=xmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2Cdk8aEfkf5W2qcEHjHwtqC5wK3CeS4T55PfgVPW%2CY4Xsrf3fr5gaVH9HetgCpQ5HkS1Tddju1ZYe&c=800&d=250&e=&g=307dd0c0ec66c5a5a55caa41fad61896%2F723741124875372859&i=21630%2C84417%2C25052&j=16%2C52%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1678934103834&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gwv99q3pzw60219sxy42b2tx60j6sanmd34z7r6a4epeakyjcfq877qcew5gypt1tz4acmt3fhj78drtjt7pcmvhhcz6qkzhge7pw2505z0tfw4scy9ae7nad6pk346kvmzghdxj08car0q6s0e83qpyr9zec84cbrkmgzvatpabxkrk6eyz53986ah309npd08531ea3jwwk8tthz0y2dq7heb8pxmw2ky2x3nhyxrew2pdhh8z4k184kfd11q1td19vahy42pe3306cznwa0d%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC_gMoVoASZJzNGcT5-gbZi6nIAZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2NjM3NTM0Njc5OTk1OTTIAQmpAgDnZx5_v7E-4AIAqAMBqgSEAk_QFkOhtqSvsB_DXfvZWX3sQhDVRnodOaVg3Qfg3fPkBqFrUUnJvUvgC3FN9-uWr9ZA3TOpGczRZYAsPBz5lGMphZ7GiHBqJ_1q3RiUCGSqJp-hcglevgemtrDuqBfFcWEzHg-CSwyApLBgLSPm__EU2qGF8NtI8txJHYZ2PTGPsdKM-nOqDDnwoy4dQbpHJuWyfvHMpfrI44slqDTajyxY_qm3eWDAvKajiXJBy_gpM51EW5e7OGGag29ZXDBGeU-sr4q8NIR-uXXDCgZlqR5OgfVxpUO_YfyPN0OaldnykgyfMXkpDdIW8JqW-rQuOoQrdtdC3TtX1f0kDQp9YfARI9sS4AQBgAaS9aHpmoa-1xagBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0t_Xs6HrGda2NuAB76qiUuoHAZhQ%2526client%253Dca-pub-4663753467999594%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
926a4ca073c39c40cabffbf1b0371803f245f084cdb9177fc7b3f9d81c0e394d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/rar?a=19769%2C325408%2C29002&b=jk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2CD13t3fwf26AYC3HmH9t1tkKwQsxSmTYYQSZMQg%2CxmDFQfAf7EJCPHdHztQtxJEH7S6TKKps17xd&f=xmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2Cdk8aEfkf5W2qcEHjHwtqC5wK3CeS4T55PfgVPW%2CY4Xsrf3fr5gaVH9HetgCpQ5HkS1Tddju1ZYe&c=800&d=250&e=&g=307dd0c0ec66c5a5a55caa41fad61896%2F723741124875372859&i=21630%2C84417%2C25052&j=16%2C52%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1678934103834&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gwv99q3pzw60219sxy42b2tx60j6sanmd34z7r6a4epeakyjcfq877qcew5gypt1tz4acmt3fhj78drtjt7pcmvhhcz6qkzhge7pw2505z0tfw4scy9ae7nad6pk346kvmzghdxj08car0q6s0e83qpyr9zec84cbrkmgzvatpabxkrk6eyz53986ah309npd08531ea3jwwk8tthz0y2dq7heb8pxmw2ky2x3nhyxrew2pdhh8z4k184kfd11q1td19vahy42pe3306cznwa0d%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC_gMoVoASZJzNGcT5-gbZi6nIAZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2NjM3NTM0Njc5OTk1OTTIAQmpAgDnZx5_v7E-4AIAqAMBqgSEAk_QFkOhtqSvsB_DXfvZWX3sQhDVRnodOaVg3Qfg3fPkBqFrUUnJvUvgC3FN9-uWr9ZA3TOpGczRZYAsPBz5lGMphZ7GiHBqJ_1q3RiUCGSqJp-hcglevgemtrDuqBfFcWEzHg-CSwyApLBgLSPm__EU2qGF8NtI8txJHYZ2PTGPsdKM-nOqDDnwoy4dQbpHJuWyfvHMpfrI44slqDTajyxY_qm3eWDAvKajiXJBy_gpM51EW5e7OGGag29ZXDBGeU-sr4q8NIR-uXXDCgZlqR5OgfVxpUO_YfyPN0OaldnykgyfMXkpDdIW8JqW-rQuOoQrdtdC3TtX1f0kDQp9YfARI9sS4AQBgAaS9aHpmoa-1xagBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0t_Xs6HrGda2NuAB76qiUuoHAZhQ%2526client%253Dca-pub-4663753467999594%2526adurl%253D&y=1&s=&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:35:03 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime
1677666448
age
57691
cf-polished
origSize=96968
x-guploader-uploadid
ADPycduxnnyMRJTFaD4Dg7Hd8aRn6xTYu1PRy7TXWWh0GjCBxwAMZMkehaNAf-UCycuwqnGLPQWuj1EZCp5aL6ZRZOMYGSoR-sy7
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 01 Mar 2023 10:28:06 GMT
server
cloudflare
etag
W/"6110dc3a24c902508647a582294bcc25"
vary
Accept-Encoding
x-goog-generation
1677666486645030
content-type
text/css
x-goog-hash
crc32c=6qzuyQ==, md5=YRDcOiTJAlCGR6WCKUvMJQ==
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dW%2BkF24gJQXFbUsAwFSGE%2BFvRNnljyIj5RIVX2CvukcLHzLBSOkdBTzYUdC7RJ%2BAZjvkK64WB6%2B%2BxiRcZrdyBMbjgnlbqK%2BMJwgpHXSyWBQaXvkT%2FKt6Pwtu4cgmdzq%2FL00%2BIsqBKYw%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
96968
cf-ray
7a8999c558109213-FRA
expires
Thu, 16 Mar 2023 03:35:03 GMT
90E11D2E4CFB32857DB7C2E1317DD53401EA4F6F6F9CD68E6E871CA9D0C876402E8B3C561F20D09E5FFCF6D6F6634B28F60F47276020F60158747BE09B58F826
assets.ad4m.at/logo/ Frame B3D0 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/90E11D2E4CFB32857DB7C2E1317DD53401EA4F6F6F9CD68E6E871CA9D0C876402E8B3C561F20D09E5FFCF6D6F6634B28F60F47276020F60158747BE09B58F826
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19769%2C325408%2C29002&b=jk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2CD13t3fwf26AYC3HmH9t1tkKwQsxSmTYYQSZMQg%2CxmDFQfAf7EJCPHdHztQtxJEH7S6TKKps17xd&f=xmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2Cdk8aEfkf5W2qcEHjHwtqC5wK3CeS4T55PfgVPW%2CY4Xsrf3fr5gaVH9HetgCpQ5HkS1Tddju1ZYe&c=800&d=250&e=&g=307dd0c0ec66c5a5a55caa41fad61896%2F723741124875372859&i=21630%2C84417%2C25052&j=16%2C52%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1678934103834&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gwv99q3pzw60219sxy42b2tx60j6sanmd34z7r6a4epeakyjcfq877qcew5gypt1tz4acmt3fhj78drtjt7pcmvhhcz6qkzhge7pw2505z0tfw4scy9ae7nad6pk346kvmzghdxj08car0q6s0e83qpyr9zec84cbrkmgzvatpabxkrk6eyz53986ah309npd08531ea3jwwk8tthz0y2dq7heb8pxmw2ky2x3nhyxrew2pdhh8z4k184kfd11q1td19vahy42pe3306cznwa0d%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC_gMoVoASZJzNGcT5-gbZi6nIAZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2NjM3NTM0Njc5OTk1OTTIAQmpAgDnZx5_v7E-4AIAqAMBqgSEAk_QFkOhtqSvsB_DXfvZWX3sQhDVRnodOaVg3Qfg3fPkBqFrUUnJvUvgC3FN9-uWr9ZA3TOpGczRZYAsPBz5lGMphZ7GiHBqJ_1q3RiUCGSqJp-hcglevgemtrDuqBfFcWEzHg-CSwyApLBgLSPm__EU2qGF8NtI8txJHYZ2PTGPsdKM-nOqDDnwoy4dQbpHJuWyfvHMpfrI44slqDTajyxY_qm3eWDAvKajiXJBy_gpM51EW5e7OGGag29ZXDBGeU-sr4q8NIR-uXXDCgZlqR5OgfVxpUO_YfyPN0OaldnykgyfMXkpDdIW8JqW-rQuOoQrdtdC3TtX1f0kDQp9YfARI9sS4AQBgAaS9aHpmoa-1xagBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0t_Xs6HrGda2NuAB76qiUuoHAZhQ%2526client%253Dca-pub-4663753467999594%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a2b9eefee68fa18c6be3c3bbe11d769b5affc01b84ea94c7ec68ae4ffacd858a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:35:03 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
288499
cf-polished
origFmt=png, origSize=62828
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
36446
cf-bgj
imgq:85,h2pri
last-modified
Tue, 18 Oct 2022 15:02:47 GMT
server
cloudflare
etag
"e12c1a9f1887c09d377658838eaaa06d"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dki4iwG4F%2FQrDzss98nZBMFdP6YhoElRRq1SpJuztLwgC7tpS0UjfcL29U1vWmJtf4b983CCJDVdLFWwYFHt5jE7e4AyhHNeJBqfwQSadczihGXJxSKqhP5vIM%2FhPGkrwPTEv2EdWJ2Pi8%2BZ"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7a8999c558119213-FRA
expires
Fri, 17 Mar 2023 02:35:03 GMT
287435BEDBEF5210566F91ED2E6D57494D1CBA241E887A111712FB8ADF6747B3B44CBC7EE390AD74BB6985CDD69339A9B2EDEE7334ACD70F503D0812F8C7EBF1
assets.ad4m.at/ Frame B3D0 		28 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/287435BEDBEF5210566F91ED2E6D57494D1CBA241E887A111712FB8ADF6747B3B44CBC7EE390AD74BB6985CDD69339A9B2EDEE7334ACD70F503D0812F8C7EBF1
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19769%2C325408%2C29002&b=jk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2CD13t3fwf26AYC3HmH9t1tkKwQsxSmTYYQSZMQg%2CxmDFQfAf7EJCPHdHztQtxJEH7S6TKKps17xd&f=xmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2Cdk8aEfkf5W2qcEHjHwtqC5wK3CeS4T55PfgVPW%2CY4Xsrf3fr5gaVH9HetgCpQ5HkS1Tddju1ZYe&c=800&d=250&e=&g=307dd0c0ec66c5a5a55caa41fad61896%2F723741124875372859&i=21630%2C84417%2C25052&j=16%2C52%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1678934103834&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gwv99q3pzw60219sxy42b2tx60j6sanmd34z7r6a4epeakyjcfq877qcew5gypt1tz4acmt3fhj78drtjt7pcmvhhcz6qkzhge7pw2505z0tfw4scy9ae7nad6pk346kvmzghdxj08car0q6s0e83qpyr9zec84cbrkmgzvatpabxkrk6eyz53986ah309npd08531ea3jwwk8tthz0y2dq7heb8pxmw2ky2x3nhyxrew2pdhh8z4k184kfd11q1td19vahy42pe3306cznwa0d%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC_gMoVoASZJzNGcT5-gbZi6nIAZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2NjM3NTM0Njc5OTk1OTTIAQmpAgDnZx5_v7E-4AIAqAMBqgSEAk_QFkOhtqSvsB_DXfvZWX3sQhDVRnodOaVg3Qfg3fPkBqFrUUnJvUvgC3FN9-uWr9ZA3TOpGczRZYAsPBz5lGMphZ7GiHBqJ_1q3RiUCGSqJp-hcglevgemtrDuqBfFcWEzHg-CSwyApLBgLSPm__EU2qGF8NtI8txJHYZ2PTGPsdKM-nOqDDnwoy4dQbpHJuWyfvHMpfrI44slqDTajyxY_qm3eWDAvKajiXJBy_gpM51EW5e7OGGag29ZXDBGeU-sr4q8NIR-uXXDCgZlqR5OgfVxpUO_YfyPN0OaldnykgyfMXkpDdIW8JqW-rQuOoQrdtdC3TtX1f0kDQp9YfARI9sS4AQBgAaS9aHpmoa-1xagBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0t_Xs6HrGda2NuAB76qiUuoHAZhQ%2526client%253Dca-pub-4663753467999594%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e944aa2add7d89134400d6d51b9b0954ad0e988edd934eccff8907ab90e1c853

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:35:03 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
536314
cf-polished
qual=85, origFmt=jpeg, origSize=133780
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
28740
cf-bgj
imgq:85,h2pri
last-modified
Tue, 18 Feb 2020 10:22:01 GMT
server
cloudflare
etag
"d061ca155f758f490340e147604dc3ee"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l3askQ5iAOeKs2aEE8n2HajHBV3v9BM%2BrKlSbStTS41O2B%2BkjFl7%2BzN%2BV31AwQASudgENcW%2Bi0MugEQEwHnNeVGv%2FKAEdwWdlMKrCfFamJPdRfo9Qo7uhOPpINcWfxsovUSbr052vOEwXVSX"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7a8999c5681a9213-FRA
expires
Fri, 17 Mar 2023 02:35:03 GMT
cshow.php
www.awin1.com/ Frame B3D0 		43 B
704 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=2531885&v=14702&q=365825&r=412871&pv=1&pref3=oneidjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7oneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19769%2C325408%2C29002&b=jk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2CD13t3fwf26AYC3HmH9t1tkKwQsxSmTYYQSZMQg%2CxmDFQfAf7EJCPHdHztQtxJEH7S6TKKps17xd&f=xmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2Cdk8aEfkf5W2qcEHjHwtqC5wK3CeS4T55PfgVPW%2CY4Xsrf3fr5gaVH9HetgCpQ5HkS1Tddju1ZYe&c=800&d=250&e=&g=307dd0c0ec66c5a5a55caa41fad61896%2F723741124875372859&i=21630%2C84417%2C25052&j=16%2C52%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1678934103834&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gwv99q3pzw60219sxy42b2tx60j6sanmd34z7r6a4epeakyjcfq877qcew5gypt1tz4acmt3fhj78drtjt7pcmvhhcz6qkzhge7pw2505z0tfw4scy9ae7nad6pk346kvmzghdxj08car0q6s0e83qpyr9zec84cbrkmgzvatpabxkrk6eyz53986ah309npd08531ea3jwwk8tthz0y2dq7heb8pxmw2ky2x3nhyxrew2pdhh8z4k184kfd11q1td19vahy42pe3306cznwa0d%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC_gMoVoASZJzNGcT5-gbZi6nIAZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2NjM3NTM0Njc5OTk1OTTIAQmpAgDnZx5_v7E-4AIAqAMBqgSEAk_QFkOhtqSvsB_DXfvZWX3sQhDVRnodOaVg3Qfg3fPkBqFrUUnJvUvgC3FN9-uWr9ZA3TOpGczRZYAsPBz5lGMphZ7GiHBqJ_1q3RiUCGSqJp-hcglevgemtrDuqBfFcWEzHg-CSwyApLBgLSPm__EU2qGF8NtI8txJHYZ2PTGPsdKM-nOqDDnwoy4dQbpHJuWyfvHMpfrI44slqDTajyxY_qm3eWDAvKajiXJBy_gpM51EW5e7OGGag29ZXDBGeU-sr4q8NIR-uXXDCgZlqR5OgfVxpUO_YfyPN0OaldnykgyfMXkpDdIW8JqW-rQuOoQrdtdC3TtX1f0kDQp9YfARI9sS4AQBgAaS9aHpmoa-1xagBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0t_Xs6HrGda2NuAB76qiUuoHAZhQ%2526client%253Dca-pub-4663753467999594%2526adurl%253D&y=1&s=&z=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.19.44.80 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-44-80.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 16 Mar 2023 02:35:03 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
Content-Type
image/gif
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
43
Expires
0
4A07706B34A11961B8AE8FC77F58A3EA0206C5E6A560AE65EDB0FE4FAEE718E7F697C964CD3919045843303DE4EF8C06F644B1ADA3CDFB536E3B894F194FB2DA
assets.ad4m.at/logo/ Frame B3D0 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/4A07706B34A11961B8AE8FC77F58A3EA0206C5E6A560AE65EDB0FE4FAEE718E7F697C964CD3919045843303DE4EF8C06F644B1ADA3CDFB536E3B894F194FB2DA
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19769%2C325408%2C29002&b=jk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2CD13t3fwf26AYC3HmH9t1tkKwQsxSmTYYQSZMQg%2CxmDFQfAf7EJCPHdHztQtxJEH7S6TKKps17xd&f=xmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2Cdk8aEfkf5W2qcEHjHwtqC5wK3CeS4T55PfgVPW%2CY4Xsrf3fr5gaVH9HetgCpQ5HkS1Tddju1ZYe&c=800&d=250&e=&g=307dd0c0ec66c5a5a55caa41fad61896%2F723741124875372859&i=21630%2C84417%2C25052&j=16%2C52%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1678934103834&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gwv99q3pzw60219sxy42b2tx60j6sanmd34z7r6a4epeakyjcfq877qcew5gypt1tz4acmt3fhj78drtjt7pcmvhhcz6qkzhge7pw2505z0tfw4scy9ae7nad6pk346kvmzghdxj08car0q6s0e83qpyr9zec84cbrkmgzvatpabxkrk6eyz53986ah309npd08531ea3jwwk8tthz0y2dq7heb8pxmw2ky2x3nhyxrew2pdhh8z4k184kfd11q1td19vahy42pe3306cznwa0d%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC_gMoVoASZJzNGcT5-gbZi6nIAZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2NjM3NTM0Njc5OTk1OTTIAQmpAgDnZx5_v7E-4AIAqAMBqgSEAk_QFkOhtqSvsB_DXfvZWX3sQhDVRnodOaVg3Qfg3fPkBqFrUUnJvUvgC3FN9-uWr9ZA3TOpGczRZYAsPBz5lGMphZ7GiHBqJ_1q3RiUCGSqJp-hcglevgemtrDuqBfFcWEzHg-CSwyApLBgLSPm__EU2qGF8NtI8txJHYZ2PTGPsdKM-nOqDDnwoy4dQbpHJuWyfvHMpfrI44slqDTajyxY_qm3eWDAvKajiXJBy_gpM51EW5e7OGGag29ZXDBGeU-sr4q8NIR-uXXDCgZlqR5OgfVxpUO_YfyPN0OaldnykgyfMXkpDdIW8JqW-rQuOoQrdtdC3TtX1f0kDQp9YfARI9sS4AQBgAaS9aHpmoa-1xagBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0t_Xs6HrGda2NuAB76qiUuoHAZhQ%2526client%253Dca-pub-4663753467999594%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9d21039999ba2383e87ae4b094dfb7e598e9b4cf8b78eaeabebd8d31485bd923

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:35:03 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1925517
cf-polished
origFmt=png, origSize=11979
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3388
cf-bgj
imgq:85,h2pri
last-modified
Wed, 24 Aug 2022 10:43:12 GMT
server
cloudflare
etag
"52006a9bff31cff653afd13a1a692bc1"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ssJvmhzW55wBjMN62WBL1SpHZgg9H8l8gxN63duaa%2BsiBpdNngvrDmo6mGVxnksVoHzP3Pv7Z35k%2F9nAIGue7qwS42Vf2j%2B%2Fv8s7w4jm9IQIHfr3sYzBqr2ed3EqQJdM7CVMDN6Clc8vX06x"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7a8999c5681d9213-FRA
expires
Fri, 17 Mar 2023 02:35:03 GMT
35BEB9A3206693EFB6A58B7D638EB6905FF0D5C220E513807B9BB2A7DFC08632AB0EC9DAC6B8152D36D1EEBB97DED57F790393CF9B67A4F312E5470C8C9A28D7
assets.ad4m.at/product_image/ Frame B3D0 		82 KB
82 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/35BEB9A3206693EFB6A58B7D638EB6905FF0D5C220E513807B9BB2A7DFC08632AB0EC9DAC6B8152D36D1EEBB97DED57F790393CF9B67A4F312E5470C8C9A28D7
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19769%2C325408%2C29002&b=jk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2CD13t3fwf26AYC3HmH9t1tkKwQsxSmTYYQSZMQg%2CxmDFQfAf7EJCPHdHztQtxJEH7S6TKKps17xd&f=xmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2Cdk8aEfkf5W2qcEHjHwtqC5wK3CeS4T55PfgVPW%2CY4Xsrf3fr5gaVH9HetgCpQ5HkS1Tddju1ZYe&c=800&d=250&e=&g=307dd0c0ec66c5a5a55caa41fad61896%2F723741124875372859&i=21630%2C84417%2C25052&j=16%2C52%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1678934103834&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gwv99q3pzw60219sxy42b2tx60j6sanmd34z7r6a4epeakyjcfq877qcew5gypt1tz4acmt3fhj78drtjt7pcmvhhcz6qkzhge7pw2505z0tfw4scy9ae7nad6pk346kvmzghdxj08car0q6s0e83qpyr9zec84cbrkmgzvatpabxkrk6eyz53986ah309npd08531ea3jwwk8tthz0y2dq7heb8pxmw2ky2x3nhyxrew2pdhh8z4k184kfd11q1td19vahy42pe3306cznwa0d%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC_gMoVoASZJzNGcT5-gbZi6nIAZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2NjM3NTM0Njc5OTk1OTTIAQmpAgDnZx5_v7E-4AIAqAMBqgSEAk_QFkOhtqSvsB_DXfvZWX3sQhDVRnodOaVg3Qfg3fPkBqFrUUnJvUvgC3FN9-uWr9ZA3TOpGczRZYAsPBz5lGMphZ7GiHBqJ_1q3RiUCGSqJp-hcglevgemtrDuqBfFcWEzHg-CSwyApLBgLSPm__EU2qGF8NtI8txJHYZ2PTGPsdKM-nOqDDnwoy4dQbpHJuWyfvHMpfrI44slqDTajyxY_qm3eWDAvKajiXJBy_gpM51EW5e7OGGag29ZXDBGeU-sr4q8NIR-uXXDCgZlqR5OgfVxpUO_YfyPN0OaldnykgyfMXkpDdIW8JqW-rQuOoQrdtdC3TtX1f0kDQp9YfARI9sS4AQBgAaS9aHpmoa-1xagBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0t_Xs6HrGda2NuAB76qiUuoHAZhQ%2526client%253Dca-pub-4663753467999594%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
719377058580946e16f93fe38889e85f67fbdb94420006ba52787a3765e9d34a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:35:03 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2535946
cf-polished
origFmt=png, origSize=175148
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
83730
cf-bgj
imgq:85,h2pri
last-modified
Wed, 14 Dec 2022 17:29:28 GMT
server
cloudflare
etag
"821542ea3d3ef473006c2cb80fd5e97d"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xI4BiOIhDSVZ0ZzaCXDaWqtbu%2BJFDowqskMYct7oHslu6hp8IUfKtw9FfQypcr502ulK3sv65vVRPBpsyU%2B%2F%2BdCcwzr8FGE7VZeR1St1ETu2FSMvU14byeh0OSt61FiZX46NVbqYnugWprdv"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7a8999c5681e9213-FRA
expires
Fri, 17 Mar 2023 02:35:03 GMT
tsv
ppwgfd.aladin-shishashop.de/ts/i5547039/ Frame B3D0 		43 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ppwgfd.aladin-shishashop.de/ts/i5547039/tsv?amc=dis.blbn.455799.507632.CRTTe0c239t&smc1=oneidD13t3fwf26AYC3HmH9t1tkKwQsxSmTYYQSZMQgoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19769%2C325408%2C29002&b=jk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2CD13t3fwf26AYC3HmH9t1tkKwQsxSmTYYQSZMQg%2CxmDFQfAf7EJCPHdHztQtxJEH7S6TKKps17xd&f=xmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2Cdk8aEfkf5W2qcEHjHwtqC5wK3CeS4T55PfgVPW%2CY4Xsrf3fr5gaVH9HetgCpQ5HkS1Tddju1ZYe&c=800&d=250&e=&g=307dd0c0ec66c5a5a55caa41fad61896%2F723741124875372859&i=21630%2C84417%2C25052&j=16%2C52%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1678934103834&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gwv99q3pzw60219sxy42b2tx60j6sanmd34z7r6a4epeakyjcfq877qcew5gypt1tz4acmt3fhj78drtjt7pcmvhhcz6qkzhge7pw2505z0tfw4scy9ae7nad6pk346kvmzghdxj08car0q6s0e83qpyr9zec84cbrkmgzvatpabxkrk6eyz53986ah309npd08531ea3jwwk8tthz0y2dq7heb8pxmw2ky2x3nhyxrew2pdhh8z4k184kfd11q1td19vahy42pe3306cznwa0d%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC_gMoVoASZJzNGcT5-gbZi6nIAZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2NjM3NTM0Njc5OTk1OTTIAQmpAgDnZx5_v7E-4AIAqAMBqgSEAk_QFkOhtqSvsB_DXfvZWX3sQhDVRnodOaVg3Qfg3fPkBqFrUUnJvUvgC3FN9-uWr9ZA3TOpGczRZYAsPBz5lGMphZ7GiHBqJ_1q3RiUCGSqJp-hcglevgemtrDuqBfFcWEzHg-CSwyApLBgLSPm__EU2qGF8NtI8txJHYZ2PTGPsdKM-nOqDDnwoy4dQbpHJuWyfvHMpfrI44slqDTajyxY_qm3eWDAvKajiXJBy_gpM51EW5e7OGGag29ZXDBGeU-sr4q8NIR-uXXDCgZlqR5OgfVxpUO_YfyPN0OaldnykgyfMXkpDdIW8JqW-rQuOoQrdtdC3TtX1f0kDQp9YfARI9sS4AQBgAaS9aHpmoa-1xagBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0t_Xs6HrGda2NuAB76qiUuoHAZhQ%2526client%253Dca-pub-4663753467999594%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.187.21.229 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Mar 2023 02:35:03 GMT
last-modified
Thu, 16 Mar 2023 02:35:03 GMT
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, private, post-check=0, pre-check=0
content-length
43
x-xss-protection
0
expires
Mon, 26 Jul 1997 05:00:00 GMT
7DC86BB3A0677D1A111CF2F02BF20FC822723E084233C66D05A3D22F9BFF9CBFABB3E42ACE676F78BB64730FEC16E4997CC372D96DF4EFE43050DA28B276D6EA
assets.ad4m.at/logo/ Frame B3D0 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/7DC86BB3A0677D1A111CF2F02BF20FC822723E084233C66D05A3D22F9BFF9CBFABB3E42ACE676F78BB64730FEC16E4997CC372D96DF4EFE43050DA28B276D6EA
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19769%2C325408%2C29002&b=jk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2CD13t3fwf26AYC3HmH9t1tkKwQsxSmTYYQSZMQg%2CxmDFQfAf7EJCPHdHztQtxJEH7S6TKKps17xd&f=xmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2Cdk8aEfkf5W2qcEHjHwtqC5wK3CeS4T55PfgVPW%2CY4Xsrf3fr5gaVH9HetgCpQ5HkS1Tddju1ZYe&c=800&d=250&e=&g=307dd0c0ec66c5a5a55caa41fad61896%2F723741124875372859&i=21630%2C84417%2C25052&j=16%2C52%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1678934103834&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gwv99q3pzw60219sxy42b2tx60j6sanmd34z7r6a4epeakyjcfq877qcew5gypt1tz4acmt3fhj78drtjt7pcmvhhcz6qkzhge7pw2505z0tfw4scy9ae7nad6pk346kvmzghdxj08car0q6s0e83qpyr9zec84cbrkmgzvatpabxkrk6eyz53986ah309npd08531ea3jwwk8tthz0y2dq7heb8pxmw2ky2x3nhyxrew2pdhh8z4k184kfd11q1td19vahy42pe3306cznwa0d%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC_gMoVoASZJzNGcT5-gbZi6nIAZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2NjM3NTM0Njc5OTk1OTTIAQmpAgDnZx5_v7E-4AIAqAMBqgSEAk_QFkOhtqSvsB_DXfvZWX3sQhDVRnodOaVg3Qfg3fPkBqFrUUnJvUvgC3FN9-uWr9ZA3TOpGczRZYAsPBz5lGMphZ7GiHBqJ_1q3RiUCGSqJp-hcglevgemtrDuqBfFcWEzHg-CSwyApLBgLSPm__EU2qGF8NtI8txJHYZ2PTGPsdKM-nOqDDnwoy4dQbpHJuWyfvHMpfrI44slqDTajyxY_qm3eWDAvKajiXJBy_gpM51EW5e7OGGag29ZXDBGeU-sr4q8NIR-uXXDCgZlqR5OgfVxpUO_YfyPN0OaldnykgyfMXkpDdIW8JqW-rQuOoQrdtdC3TtX1f0kDQp9YfARI9sS4AQBgAaS9aHpmoa-1xagBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0t_Xs6HrGda2NuAB76qiUuoHAZhQ%2526client%253Dca-pub-4663753467999594%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
80e7bfe2aaa1b8be1ff5792cf190eb4b9e7d922240eea9ccc0a835b2bbde9f56

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:35:03 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
782514
cf-polished
qual=85, origFmt=jpeg, origSize=20298
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6740
cf-bgj
imgq:85,h2pri
last-modified
Tue, 19 Jul 2022 19:05:28 GMT
server
cloudflare
etag
"dcdbfc63ef930c205a6c8ec70a6f5e71"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=otNPD8e%2FRiilqUoOTwugPlgadlIuAU3qoXGNOvqu0ErKBOBZnDqYJGEZ2JK3ndgUT6CMHs4Y4n6ArDIp%2FQfutXZ0QFWMfgxcdu3U5%2BJrgIes7SILUeIiXvsN%2BfPzmVnzzm7U9HzFWiCDzSQi"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7a8999c5681f9213-FRA
expires
Fri, 17 Mar 2023 02:35:03 GMT
EEACCF1387D6770984DA8E61AC19B9B106EFAB433C9BC99F272CCDE7F6C5F6963A2BD7EDCA944083C5D1FA54EA7EB69DFB75D9EFC064FB7CC124FCCC8412C2AC
assets.ad4m.at/product_image/ Frame B3D0 		256 KB
257 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/EEACCF1387D6770984DA8E61AC19B9B106EFAB433C9BC99F272CCDE7F6C5F6963A2BD7EDCA944083C5D1FA54EA7EB69DFB75D9EFC064FB7CC124FCCC8412C2AC
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19769%2C325408%2C29002&b=jk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2CD13t3fwf26AYC3HmH9t1tkKwQsxSmTYYQSZMQg%2CxmDFQfAf7EJCPHdHztQtxJEH7S6TKKps17xd&f=xmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2Cdk8aEfkf5W2qcEHjHwtqC5wK3CeS4T55PfgVPW%2CY4Xsrf3fr5gaVH9HetgCpQ5HkS1Tddju1ZYe&c=800&d=250&e=&g=307dd0c0ec66c5a5a55caa41fad61896%2F723741124875372859&i=21630%2C84417%2C25052&j=16%2C52%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1678934103834&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gwv99q3pzw60219sxy42b2tx60j6sanmd34z7r6a4epeakyjcfq877qcew5gypt1tz4acmt3fhj78drtjt7pcmvhhcz6qkzhge7pw2505z0tfw4scy9ae7nad6pk346kvmzghdxj08car0q6s0e83qpyr9zec84cbrkmgzvatpabxkrk6eyz53986ah309npd08531ea3jwwk8tthz0y2dq7heb8pxmw2ky2x3nhyxrew2pdhh8z4k184kfd11q1td19vahy42pe3306cznwa0d%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC_gMoVoASZJzNGcT5-gbZi6nIAZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2NjM3NTM0Njc5OTk1OTTIAQmpAgDnZx5_v7E-4AIAqAMBqgSEAk_QFkOhtqSvsB_DXfvZWX3sQhDVRnodOaVg3Qfg3fPkBqFrUUnJvUvgC3FN9-uWr9ZA3TOpGczRZYAsPBz5lGMphZ7GiHBqJ_1q3RiUCGSqJp-hcglevgemtrDuqBfFcWEzHg-CSwyApLBgLSPm__EU2qGF8NtI8txJHYZ2PTGPsdKM-nOqDDnwoy4dQbpHJuWyfvHMpfrI44slqDTajyxY_qm3eWDAvKajiXJBy_gpM51EW5e7OGGag29ZXDBGeU-sr4q8NIR-uXXDCgZlqR5OgfVxpUO_YfyPN0OaldnykgyfMXkpDdIW8JqW-rQuOoQrdtdC3TtX1f0kDQp9YfARI9sS4AQBgAaS9aHpmoa-1xagBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0t_Xs6HrGda2NuAB76qiUuoHAZhQ%2526client%253Dca-pub-4663753467999594%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
231515acac534354a11000685ba5e093bdf4b6d6bd3ca7455b6bb5a7502c570c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:35:03 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1384606
cf-polished
origFmt=png, origSize=404140
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
262476
cf-bgj
imgq:85,h2pri
last-modified
Tue, 31 May 2022 12:50:17 GMT
server
cloudflare
etag
"2ffe877a2fd7c65a1f5b57fbcb242dc1"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jJyRql1j9g9ImqpUwKSaanNZM35Np8xXf2bwABbbSO9Grqwktk0pHxERnfbBQYkisAdqFZNknL4XXgByvepd%2BR0H4jAj%2F0GDlqBMeZslBZORO77TOsyz6bo93guSqZTKlvZ4BBVXS9M5QzrN"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7a8999c568209213-FRA
expires
Fri, 17 Mar 2023 02:35:03 GMT
/
pvx.freenet-mobilfunk.de/ Frame B3D0
Redirect Chain
  • https://www.awin1.com/cshow.php?s=2524318&v=11420&q=392147&r=412871&pv=1&pref3=oneidxmDFQfAf7EJCPHdHztQtxJEH7S6TKKps17xdoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://pvx.freenet-mobilfunk.de/?vp_nummer=41006061&subvpid=412871&eventid=11420_412871_1678934103_2829d870-c3a3-11ed-b09e-2262db7920ac
43 B
800 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pvx.freenet-mobilfunk.de/?vp_nummer=41006061&subvpid=412871&eventid=11420_412871_1678934103_2829d870-c3a3-11ed-b09e-2262db7920ac
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19769%2C325408%2C29002&b=jk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2CD13t3fwf26AYC3HmH9t1tkKwQsxSmTYYQSZMQg%2CxmDFQfAf7EJCPHdHztQtxJEH7S6TKKps17xd&f=xmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2Cdk8aEfkf5W2qcEHjHwtqC5wK3CeS4T55PfgVPW%2CY4Xsrf3fr5gaVH9HetgCpQ5HkS1Tddju1ZYe&c=800&d=250&e=&g=307dd0c0ec66c5a5a55caa41fad61896%2F723741124875372859&i=21630%2C84417%2C25052&j=16%2C52%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1678934103834&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gwv99q3pzw60219sxy42b2tx60j6sanmd34z7r6a4epeakyjcfq877qcew5gypt1tz4acmt3fhj78drtjt7pcmvhhcz6qkzhge7pw2505z0tfw4scy9ae7nad6pk346kvmzghdxj08car0q6s0e83qpyr9zec84cbrkmgzvatpabxkrk6eyz53986ah309npd08531ea3jwwk8tthz0y2dq7heb8pxmw2ky2x3nhyxrew2pdhh8z4k184kfd11q1td19vahy42pe3306cznwa0d%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC_gMoVoASZJzNGcT5-gbZi6nIAZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2NjM3NTM0Njc5OTk1OTTIAQmpAgDnZx5_v7E-4AIAqAMBqgSEAk_QFkOhtqSvsB_DXfvZWX3sQhDVRnodOaVg3Qfg3fPkBqFrUUnJvUvgC3FN9-uWr9ZA3TOpGczRZYAsPBz5lGMphZ7GiHBqJ_1q3RiUCGSqJp-hcglevgemtrDuqBfFcWEzHg-CSwyApLBgLSPm__EU2qGF8NtI8txJHYZ2PTGPsdKM-nOqDDnwoy4dQbpHJuWyfvHMpfrI44slqDTajyxY_qm3eWDAvKajiXJBy_gpM51EW5e7OGGag29ZXDBGeU-sr4q8NIR-uXXDCgZlqR5OgfVxpUO_YfyPN0OaldnykgyfMXkpDdIW8JqW-rQuOoQrdtdC3TtX1f0kDQp9YfARI9sS4AQBgAaS9aHpmoa-1xagBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0t_Xs6HrGda2NuAB76qiUuoHAZhQ%2526client%253Dca-pub-4663753467999594%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Server
2606:4700:4400::6812:20ce -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
3331a0486cb3e8a75c8c2fdf02bf80fd8fe2b811dfe5c7b4aa892d38bfcf604a
Security Headers
Name Value
Strict-Transport-Security max-age=31536001; includeSubDomains; preload;, max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

p3p
CP="ALL CUR DEV PSA OUR IND STA"
date
Thu, 16 Mar 2023 02:35:04 GMT
strict-transport-security
max-age=31536001; includeSubDomains; preload;, max-age=31536000; includeSubDomains; preload
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7a8999c7b9726946-FRA
content-type
image/gif

Redirect headers

Date
Thu, 16 Mar 2023 02:35:03 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location
https://pvx.freenet-mobilfunk.de/?vp_nummer=41006061&subvpid=412871&eventid=11420_412871_1678934103_2829d870-c3a3-11ed-b09e-2262db7920ac
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
0
default.css
as.ad4m.at/ad/style/0.1.35/one-ad/ Frame 1213 		94 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.35/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=63352%2C64769%2C117569&b=PGBuBfbfKY6mt9HjHbtMtY9qCJS9TDDAU6R3D%2Cjk8aEfGfx6VAuYHEH2t6txexsZSzT11bTdrg7%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=bk8aQfZfKqZRtYHbHzt8CqGxubSJTMMZHKqQP%2CxmDFQfAfAZzjsPHdHztDC3E3s7S6TKKps17xd%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=728&d=90&e=&g=fbdd7d044dd5f0856f103cfefc557fa0%2F969736781405137192&i=28908%2C27835%2C29981&j=24%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1678934103836&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jcw6wt12gjdeks4b4gnrapx75hyk3v2d86vdy5tvbgdpvh60v2asea1x2nb82337jt5vn768hhhj22eat1mg2768g4b470284a4hqq0hc0x1vdazce949zwwbczsw9r2hkaa1k6xwyfra77ht8w6vv9vt6fyngwjnrpts6pkp3b4g3c3y8h78sym3wvcm4gkn5g0r1rkkzn64xpxyj2rbcga6kycz9d05w58zk7pmcyfdzd9n7p8am028rbaky6mypzw90gapcqe3zvaa71mdyx%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC8NDHVoASZPHNA6zHx_APrJee-AGQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi00NjYzNzUzNDY3OTk5NTk0yAEJqQIA52cef7-xPuACAKgDAaoEgAJP0K-bFVbdti8XsUr0ZV5Yr66sXCp57Dtpc6TqSzxMVHTg1VLEHk0ETeXxmK4mnTOycMA1pLE3fnnPd-TroSxasfGhGrDgs8RXwt3xpd_vjD6qH4QhYyMKB6me7mxmpFLn9ToUmv2zwU70xn6Zx_4IL_m7BlRr5zOcngVhO3sMU5Gnui52Gg6t2_AQbZr0GNdul7WHuyE2_K52bmzaF1a9BsPEf0U2Ff2touLkkrA8x_WEsBZqJr_w2kGuaVyOwofbowzsKMPqkOYOUPo1dIs2AU0p5OPx3JZjom6UxTZlM1_sQrzEiU1phUtz6s8qE59QtrecZk_Keq9nougYFgON4AQBgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2xgkY2wtJNXXK1WyWe-SzTrqvKdQ%2526client%253Dca-pub-4663753467999594%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
926a4ca073c39c40cabffbf1b0371803f245f084cdb9177fc7b3f9d81c0e394d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/rar?a=63352%2C64769%2C117569&b=PGBuBfbfKY6mt9HjHbtMtY9qCJS9TDDAU6R3D%2Cjk8aEfGfx6VAuYHEH2t6txexsZSzT11bTdrg7%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=bk8aQfZfKqZRtYHbHzt8CqGxubSJTMMZHKqQP%2CxmDFQfAfAZzjsPHdHztDC3E3s7S6TKKps17xd%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=728&d=90&e=&g=fbdd7d044dd5f0856f103cfefc557fa0%2F969736781405137192&i=28908%2C27835%2C29981&j=24%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1678934103836&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jcw6wt12gjdeks4b4gnrapx75hyk3v2d86vdy5tvbgdpvh60v2asea1x2nb82337jt5vn768hhhj22eat1mg2768g4b470284a4hqq0hc0x1vdazce949zwwbczsw9r2hkaa1k6xwyfra77ht8w6vv9vt6fyngwjnrpts6pkp3b4g3c3y8h78sym3wvcm4gkn5g0r1rkkzn64xpxyj2rbcga6kycz9d05w58zk7pmcyfdzd9n7p8am028rbaky6mypzw90gapcqe3zvaa71mdyx%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC8NDHVoASZPHNA6zHx_APrJee-AGQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi00NjYzNzUzNDY3OTk5NTk0yAEJqQIA52cef7-xPuACAKgDAaoEgAJP0K-bFVbdti8XsUr0ZV5Yr66sXCp57Dtpc6TqSzxMVHTg1VLEHk0ETeXxmK4mnTOycMA1pLE3fnnPd-TroSxasfGhGrDgs8RXwt3xpd_vjD6qH4QhYyMKB6me7mxmpFLn9ToUmv2zwU70xn6Zx_4IL_m7BlRr5zOcngVhO3sMU5Gnui52Gg6t2_AQbZr0GNdul7WHuyE2_K52bmzaF1a9BsPEf0U2Ff2touLkkrA8x_WEsBZqJr_w2kGuaVyOwofbowzsKMPqkOYOUPo1dIs2AU0p5OPx3JZjom6UxTZlM1_sQrzEiU1phUtz6s8qE59QtrecZk_Keq9nougYFgON4AQBgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2xgkY2wtJNXXK1WyWe-SzTrqvKdQ%2526client%253Dca-pub-4663753467999594%2526adurl%253D&y=1&s=&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:35:03 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime
1677666448
age
57691
cf-polished
origSize=96968
x-guploader-uploadid
ADPycduxnnyMRJTFaD4Dg7Hd8aRn6xTYu1PRy7TXWWh0GjCBxwAMZMkehaNAf-UCycuwqnGLPQWuj1EZCp5aL6ZRZOMYGSoR-sy7
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 01 Mar 2023 10:28:06 GMT
server
cloudflare
etag
W/"6110dc3a24c902508647a582294bcc25"
vary
Accept-Encoding
x-goog-generation
1677666486645030
content-type
text/css
x-goog-hash
crc32c=6qzuyQ==, md5=YRDcOiTJAlCGR6WCKUvMJQ==
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S%2FkoAD5aQUe5QcQ4iX128jKvKpPdBmMyYnX%2FdYqM3Q8xVAq0gaJFhPyKyQv%2BpH5B20qxiNbsWYY9aZ71p8tD%2F1imoyO7l6b1SW10BPPa0Na90n%2FqnaEVVAcvn02F2LX5%2BPDsllha6EA%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
96968
cf-ray
7a8999c568159213-FRA
expires
Thu, 16 Mar 2023 03:35:03 GMT
CEA01F26ECDA379B989AFCCDD90D855E85BC4EDC0167FDDF6D7518E94FACA1E86F5413262BA983FD7B3EB522C0EFBE68D862FAE17675C1759EF9CEF695FF252E
assets.ad4m.at/logo/ Frame 1213 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/CEA01F26ECDA379B989AFCCDD90D855E85BC4EDC0167FDDF6D7518E94FACA1E86F5413262BA983FD7B3EB522C0EFBE68D862FAE17675C1759EF9CEF695FF252E
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=63352%2C64769%2C117569&b=PGBuBfbfKY6mt9HjHbtMtY9qCJS9TDDAU6R3D%2Cjk8aEfGfx6VAuYHEH2t6txexsZSzT11bTdrg7%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=bk8aQfZfKqZRtYHbHzt8CqGxubSJTMMZHKqQP%2CxmDFQfAfAZzjsPHdHztDC3E3s7S6TKKps17xd%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=728&d=90&e=&g=fbdd7d044dd5f0856f103cfefc557fa0%2F969736781405137192&i=28908%2C27835%2C29981&j=24%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1678934103836&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jcw6wt12gjdeks4b4gnrapx75hyk3v2d86vdy5tvbgdpvh60v2asea1x2nb82337jt5vn768hhhj22eat1mg2768g4b470284a4hqq0hc0x1vdazce949zwwbczsw9r2hkaa1k6xwyfra77ht8w6vv9vt6fyngwjnrpts6pkp3b4g3c3y8h78sym3wvcm4gkn5g0r1rkkzn64xpxyj2rbcga6kycz9d05w58zk7pmcyfdzd9n7p8am028rbaky6mypzw90gapcqe3zvaa71mdyx%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC8NDHVoASZPHNA6zHx_APrJee-AGQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi00NjYzNzUzNDY3OTk5NTk0yAEJqQIA52cef7-xPuACAKgDAaoEgAJP0K-bFVbdti8XsUr0ZV5Yr66sXCp57Dtpc6TqSzxMVHTg1VLEHk0ETeXxmK4mnTOycMA1pLE3fnnPd-TroSxasfGhGrDgs8RXwt3xpd_vjD6qH4QhYyMKB6me7mxmpFLn9ToUmv2zwU70xn6Zx_4IL_m7BlRr5zOcngVhO3sMU5Gnui52Gg6t2_AQbZr0GNdul7WHuyE2_K52bmzaF1a9BsPEf0U2Ff2touLkkrA8x_WEsBZqJr_w2kGuaVyOwofbowzsKMPqkOYOUPo1dIs2AU0p5OPx3JZjom6UxTZlM1_sQrzEiU1phUtz6s8qE59QtrecZk_Keq9nougYFgON4AQBgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2xgkY2wtJNXXK1WyWe-SzTrqvKdQ%2526client%253Dca-pub-4663753467999594%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f529e54c362dfb6b4d2ac0c2ea7e9e669d9a082b76e08c29a770b18ed54b58b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:35:03 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1577140
cf-polished
origFmt=png, origSize=14213
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4130
cf-bgj
imgq:85,h2pri
last-modified
Fri, 22 Jul 2022 10:21:55 GMT
server
cloudflare
etag
"b2cd853289d9bbd9287c939fa27fb2a1"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UwtGPYwUkWeBsjAxysL8TMJH2srRklDqGuUwDzpIN2k0OcBYANkLlsnE08rmshjYnhORhvnqJ4AiJmrqL79w5lFHf62bFogJx8436gwnS5psmPoU49sDVhYtAfzNn03EFQ7%2B4shGZ9XHYji%2F"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7a8999c568179213-FRA
expires
Fri, 17 Mar 2023 02:35:03 GMT
AC92F6AF8AC9E05981E54B75AE60F30FA9528DE6C5B3D7072BCFD09159AE2D024FE1F7A82CEB3B725CB5412F991B87793BC7B08D68110A9D5DBAAF8D3FAA3780
assets.ad4m.at/product_image/ Frame 1213 		93 KB
94 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/AC92F6AF8AC9E05981E54B75AE60F30FA9528DE6C5B3D7072BCFD09159AE2D024FE1F7A82CEB3B725CB5412F991B87793BC7B08D68110A9D5DBAAF8D3FAA3780
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=63352%2C64769%2C117569&b=PGBuBfbfKY6mt9HjHbtMtY9qCJS9TDDAU6R3D%2Cjk8aEfGfx6VAuYHEH2t6txexsZSzT11bTdrg7%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=bk8aQfZfKqZRtYHbHzt8CqGxubSJTMMZHKqQP%2CxmDFQfAfAZzjsPHdHztDC3E3s7S6TKKps17xd%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=728&d=90&e=&g=fbdd7d044dd5f0856f103cfefc557fa0%2F969736781405137192&i=28908%2C27835%2C29981&j=24%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1678934103836&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jcw6wt12gjdeks4b4gnrapx75hyk3v2d86vdy5tvbgdpvh60v2asea1x2nb82337jt5vn768hhhj22eat1mg2768g4b470284a4hqq0hc0x1vdazce949zwwbczsw9r2hkaa1k6xwyfra77ht8w6vv9vt6fyngwjnrpts6pkp3b4g3c3y8h78sym3wvcm4gkn5g0r1rkkzn64xpxyj2rbcga6kycz9d05w58zk7pmcyfdzd9n7p8am028rbaky6mypzw90gapcqe3zvaa71mdyx%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC8NDHVoASZPHNA6zHx_APrJee-AGQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi00NjYzNzUzNDY3OTk5NTk0yAEJqQIA52cef7-xPuACAKgDAaoEgAJP0K-bFVbdti8XsUr0ZV5Yr66sXCp57Dtpc6TqSzxMVHTg1VLEHk0ETeXxmK4mnTOycMA1pLE3fnnPd-TroSxasfGhGrDgs8RXwt3xpd_vjD6qH4QhYyMKB6me7mxmpFLn9ToUmv2zwU70xn6Zx_4IL_m7BlRr5zOcngVhO3sMU5Gnui52Gg6t2_AQbZr0GNdul7WHuyE2_K52bmzaF1a9BsPEf0U2Ff2touLkkrA8x_WEsBZqJr_w2kGuaVyOwofbowzsKMPqkOYOUPo1dIs2AU0p5OPx3JZjom6UxTZlM1_sQrzEiU1phUtz6s8qE59QtrecZk_Keq9nougYFgON4AQBgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2xgkY2wtJNXXK1WyWe-SzTrqvKdQ%2526client%253Dca-pub-4663753467999594%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a9a11e4590d75f3922d0e91405b5f94a6a7ea6ddb2f4baa9bd5392a2d1f30944

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:35:03 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1235425
cf-polished
qual=85, origFmt=jpeg, origSize=210448
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
95192
cf-bgj
imgq:85,h2pri
last-modified
Tue, 19 Apr 2022 10:13:37 GMT
server
cloudflare
etag
"d61f1d0dabd5001038c005af387ed3ed"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FYZxlqPgIutczbD0LZKFyzYauBtN6rYq%2FRA4gFNDV6X5UvQUhaoFzxhRCyaUvS6vBd%2Bc8JB46tB%2BTQx2QEXjojCoSlrY3mVGtuP6zvpIKWXcft4GTMKL2kOrhZH4ub7GAPjHpwiVayRQ9kyV"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7a8999c578279213-FRA
expires
Fri, 17 Mar 2023 02:35:03 GMT
963fb8e2eec080164ced0d8b1bcc4e5d
trck.trendtours.de/trck/epv/ Frame 1213 		731 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://trck.trendtours.de/trck/epv/963fb8e2eec080164ced0d8b1bcc4e5d?subid=oneidPGBuBfbfKY6mt9HjHbtMtY9qCJS9TDDAU6R3Doneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=63352%2C64769%2C117569&b=PGBuBfbfKY6mt9HjHbtMtY9qCJS9TDDAU6R3D%2Cjk8aEfGfx6VAuYHEH2t6txexsZSzT11bTdrg7%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=bk8aQfZfKqZRtYHbHzt8CqGxubSJTMMZHKqQP%2CxmDFQfAfAZzjsPHdHztDC3E3s7S6TKKps17xd%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=728&d=90&e=&g=fbdd7d044dd5f0856f103cfefc557fa0%2F969736781405137192&i=28908%2C27835%2C29981&j=24%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1678934103836&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jcw6wt12gjdeks4b4gnrapx75hyk3v2d86vdy5tvbgdpvh60v2asea1x2nb82337jt5vn768hhhj22eat1mg2768g4b470284a4hqq0hc0x1vdazce949zwwbczsw9r2hkaa1k6xwyfra77ht8w6vv9vt6fyngwjnrpts6pkp3b4g3c3y8h78sym3wvcm4gkn5g0r1rkkzn64xpxyj2rbcga6kycz9d05w58zk7pmcyfdzd9n7p8am028rbaky6mypzw90gapcqe3zvaa71mdyx%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC8NDHVoASZPHNA6zHx_APrJee-AGQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi00NjYzNzUzNDY3OTk5NTk0yAEJqQIA52cef7-xPuACAKgDAaoEgAJP0K-bFVbdti8XsUr0ZV5Yr66sXCp57Dtpc6TqSzxMVHTg1VLEHk0ETeXxmK4mnTOycMA1pLE3fnnPd-TroSxasfGhGrDgs8RXwt3xpd_vjD6qH4QhYyMKB6me7mxmpFLn9ToUmv2zwU70xn6Zx_4IL_m7BlRr5zOcngVhO3sMU5Gnui52Gg6t2_AQbZr0GNdul7WHuyE2_K52bmzaF1a9BsPEf0U2Ff2touLkkrA8x_WEsBZqJr_w2kGuaVyOwofbowzsKMPqkOYOUPo1dIs2AU0p5OPx3JZjom6UxTZlM1_sQrzEiU1phUtz6s8qE59QtrecZk_Keq9nougYFgON4AQBgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2xgkY2wtJNXXK1WyWe-SzTrqvKdQ%2526client%253Dca-pub-4663753467999594%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.83.212.112 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
a0362f2908903573e95d7a313896bd8cdf45a678449b2492a1dd865799c65918

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:35:04 GMT
server
nginx
access-control-allow-methods
GET,PUT,POST,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-credentials
true
x-https-header
1
access-control-allow-headers
Origin, X-Requested-With, Content-Range, Content-Disposition, Content-Type, Authorization
63C59000D9C213BF45B1F82F0F2618F31313AAAA8B58CC73D9E650F42FBED7BA4DF9A1F0D5E39C9D50FDF4A5C844FF0FCC1CD3C6A60D5E5960184143530743A4
assets.ad4m.at/logo/ Frame 1213 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/63C59000D9C213BF45B1F82F0F2618F31313AAAA8B58CC73D9E650F42FBED7BA4DF9A1F0D5E39C9D50FDF4A5C844FF0FCC1CD3C6A60D5E5960184143530743A4
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=63352%2C64769%2C117569&b=PGBuBfbfKY6mt9HjHbtMtY9qCJS9TDDAU6R3D%2Cjk8aEfGfx6VAuYHEH2t6txexsZSzT11bTdrg7%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=bk8aQfZfKqZRtYHbHzt8CqGxubSJTMMZHKqQP%2CxmDFQfAfAZzjsPHdHztDC3E3s7S6TKKps17xd%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=728&d=90&e=&g=fbdd7d044dd5f0856f103cfefc557fa0%2F969736781405137192&i=28908%2C27835%2C29981&j=24%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1678934103836&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jcw6wt12gjdeks4b4gnrapx75hyk3v2d86vdy5tvbgdpvh60v2asea1x2nb82337jt5vn768hhhj22eat1mg2768g4b470284a4hqq0hc0x1vdazce949zwwbczsw9r2hkaa1k6xwyfra77ht8w6vv9vt6fyngwjnrpts6pkp3b4g3c3y8h78sym3wvcm4gkn5g0r1rkkzn64xpxyj2rbcga6kycz9d05w58zk7pmcyfdzd9n7p8am028rbaky6mypzw90gapcqe3zvaa71mdyx%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC8NDHVoASZPHNA6zHx_APrJee-AGQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi00NjYzNzUzNDY3OTk5NTk0yAEJqQIA52cef7-xPuACAKgDAaoEgAJP0K-bFVbdti8XsUr0ZV5Yr66sXCp57Dtpc6TqSzxMVHTg1VLEHk0ETeXxmK4mnTOycMA1pLE3fnnPd-TroSxasfGhGrDgs8RXwt3xpd_vjD6qH4QhYyMKB6me7mxmpFLn9ToUmv2zwU70xn6Zx_4IL_m7BlRr5zOcngVhO3sMU5Gnui52Gg6t2_AQbZr0GNdul7WHuyE2_K52bmzaF1a9BsPEf0U2Ff2touLkkrA8x_WEsBZqJr_w2kGuaVyOwofbowzsKMPqkOYOUPo1dIs2AU0p5OPx3JZjom6UxTZlM1_sQrzEiU1phUtz6s8qE59QtrecZk_Keq9nougYFgON4AQBgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2xgkY2wtJNXXK1WyWe-SzTrqvKdQ%2526client%253Dca-pub-4663753467999594%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e992acf8af7de27497c44cca7f3758d64d10946bebd1b17319287c0d8f83b29c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:35:03 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1579170
cf-polished
origFmt=png, origSize=15890
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6208
cf-bgj
imgq:85,h2pri
last-modified
Thu, 16 Jul 2020 06:05:30 GMT
server
cloudflare
etag
"be722651a81e6407bdfd83394a59e232"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QdhGCnnEHckPAgfzhUOM25uWDqiMNNe%2BOFJpYHSCoGMxJbQnCaTe3cqb6%2BzWDbsReEzimIynm2ITYF4D43%2FGchH3rX5WHRCm%2BNHsGFdCqY1FmHtDuFS9NsL%2F2qH%2BLU0yL13BbkIhrKBKZKsx"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7a8999c578289213-FRA
expires
Fri, 17 Mar 2023 02:35:03 GMT
1676B5A8D805B79544F31FDF318F71919051388884DEE860E61C018B9F1A57100F3300CCE67F3E220C3E5A469FED99CE509B2A1EDD13F0FB6C8277D894DDF6BE
assets.ad4m.at/product_image/ Frame 1213 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/1676B5A8D805B79544F31FDF318F71919051388884DEE860E61C018B9F1A57100F3300CCE67F3E220C3E5A469FED99CE509B2A1EDD13F0FB6C8277D894DDF6BE
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=63352%2C64769%2C117569&b=PGBuBfbfKY6mt9HjHbtMtY9qCJS9TDDAU6R3D%2Cjk8aEfGfx6VAuYHEH2t6txexsZSzT11bTdrg7%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=bk8aQfZfKqZRtYHbHzt8CqGxubSJTMMZHKqQP%2CxmDFQfAfAZzjsPHdHztDC3E3s7S6TKKps17xd%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=728&d=90&e=&g=fbdd7d044dd5f0856f103cfefc557fa0%2F969736781405137192&i=28908%2C27835%2C29981&j=24%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1678934103836&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jcw6wt12gjdeks4b4gnrapx75hyk3v2d86vdy5tvbgdpvh60v2asea1x2nb82337jt5vn768hhhj22eat1mg2768g4b470284a4hqq0hc0x1vdazce949zwwbczsw9r2hkaa1k6xwyfra77ht8w6vv9vt6fyngwjnrpts6pkp3b4g3c3y8h78sym3wvcm4gkn5g0r1rkkzn64xpxyj2rbcga6kycz9d05w58zk7pmcyfdzd9n7p8am028rbaky6mypzw90gapcqe3zvaa71mdyx%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC8NDHVoASZPHNA6zHx_APrJee-AGQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi00NjYzNzUzNDY3OTk5NTk0yAEJqQIA52cef7-xPuACAKgDAaoEgAJP0K-bFVbdti8XsUr0ZV5Yr66sXCp57Dtpc6TqSzxMVHTg1VLEHk0ETeXxmK4mnTOycMA1pLE3fnnPd-TroSxasfGhGrDgs8RXwt3xpd_vjD6qH4QhYyMKB6me7mxmpFLn9ToUmv2zwU70xn6Zx_4IL_m7BlRr5zOcngVhO3sMU5Gnui52Gg6t2_AQbZr0GNdul7WHuyE2_K52bmzaF1a9BsPEf0U2Ff2touLkkrA8x_WEsBZqJr_w2kGuaVyOwofbowzsKMPqkOYOUPo1dIs2AU0p5OPx3JZjom6UxTZlM1_sQrzEiU1phUtz6s8qE59QtrecZk_Keq9nougYFgON4AQBgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2xgkY2wtJNXXK1WyWe-SzTrqvKdQ%2526client%253Dca-pub-4663753467999594%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
028565858aca93c3b487996eb5af450fa2671990023c0a38f485a16513d26013

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:35:03 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
980102
cf-polished
qual=85, origFmt=jpeg, origSize=25987
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
8886
cf-bgj
imgq:85,h2pri
last-modified
Thu, 17 Dec 2020 12:29:34 GMT
server
cloudflare
etag
"d40ef49dd0a29ca0e7601d1b405d4d78"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xRf3VWJYcMC%2BKrzdrMFIXGUPM%2B0ujHUG0TT7kVCb4di28C1b8jP74HwIpdybyx2Hx0OaipstYeTUfWnydjPOXH0hin%2Fz4ZF23WD1l0qTaR85sPg4zmUevtW6kkYVq0H%2F33hWErPYNUfTHkA6"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7a8999c578299213-FRA
expires
Fri, 17 Mar 2023 02:35:03 GMT
cshow.php
www.awin1.com/ Frame 1213 		43 B
704 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=2629118&v=19228&q=388274&r=412871&pv=1&pref3=oneidjk8aEfGfx6VAuYHEH2t6txexsZSzT11bTdrg7oneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=63352%2C64769%2C117569&b=PGBuBfbfKY6mt9HjHbtMtY9qCJS9TDDAU6R3D%2Cjk8aEfGfx6VAuYHEH2t6txexsZSzT11bTdrg7%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=bk8aQfZfKqZRtYHbHzt8CqGxubSJTMMZHKqQP%2CxmDFQfAfAZzjsPHdHztDC3E3s7S6TKKps17xd%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=728&d=90&e=&g=fbdd7d044dd5f0856f103cfefc557fa0%2F969736781405137192&i=28908%2C27835%2C29981&j=24%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1678934103836&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jcw6wt12gjdeks4b4gnrapx75hyk3v2d86vdy5tvbgdpvh60v2asea1x2nb82337jt5vn768hhhj22eat1mg2768g4b470284a4hqq0hc0x1vdazce949zwwbczsw9r2hkaa1k6xwyfra77ht8w6vv9vt6fyngwjnrpts6pkp3b4g3c3y8h78sym3wvcm4gkn5g0r1rkkzn64xpxyj2rbcga6kycz9d05w58zk7pmcyfdzd9n7p8am028rbaky6mypzw90gapcqe3zvaa71mdyx%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC8NDHVoASZPHNA6zHx_APrJee-AGQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi00NjYzNzUzNDY3OTk5NTk0yAEJqQIA52cef7-xPuACAKgDAaoEgAJP0K-bFVbdti8XsUr0ZV5Yr66sXCp57Dtpc6TqSzxMVHTg1VLEHk0ETeXxmK4mnTOycMA1pLE3fnnPd-TroSxasfGhGrDgs8RXwt3xpd_vjD6qH4QhYyMKB6me7mxmpFLn9ToUmv2zwU70xn6Zx_4IL_m7BlRr5zOcngVhO3sMU5Gnui52Gg6t2_AQbZr0GNdul7WHuyE2_K52bmzaF1a9BsPEf0U2Ff2touLkkrA8x_WEsBZqJr_w2kGuaVyOwofbowzsKMPqkOYOUPo1dIs2AU0p5OPx3JZjom6UxTZlM1_sQrzEiU1phUtz6s8qE59QtrecZk_Keq9nougYFgON4AQBgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2xgkY2wtJNXXK1WyWe-SzTrqvKdQ%2526client%253Dca-pub-4663753467999594%2526adurl%253D&y=1&s=&z=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.19.44.80 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-44-80.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 16 Mar 2023 02:35:03 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
Content-Type
image/gif
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
43
Expires
0
A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266
assets.ad4m.at/logo/ Frame 1213 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=63352%2C64769%2C117569&b=PGBuBfbfKY6mt9HjHbtMtY9qCJS9TDDAU6R3D%2Cjk8aEfGfx6VAuYHEH2t6txexsZSzT11bTdrg7%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=bk8aQfZfKqZRtYHbHzt8CqGxubSJTMMZHKqQP%2CxmDFQfAfAZzjsPHdHztDC3E3s7S6TKKps17xd%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=728&d=90&e=&g=fbdd7d044dd5f0856f103cfefc557fa0%2F969736781405137192&i=28908%2C27835%2C29981&j=24%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1678934103836&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jcw6wt12gjdeks4b4gnrapx75hyk3v2d86vdy5tvbgdpvh60v2asea1x2nb82337jt5vn768hhhj22eat1mg2768g4b470284a4hqq0hc0x1vdazce949zwwbczsw9r2hkaa1k6xwyfra77ht8w6vv9vt6fyngwjnrpts6pkp3b4g3c3y8h78sym3wvcm4gkn5g0r1rkkzn64xpxyj2rbcga6kycz9d05w58zk7pmcyfdzd9n7p8am028rbaky6mypzw90gapcqe3zvaa71mdyx%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC8NDHVoASZPHNA6zHx_APrJee-AGQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi00NjYzNzUzNDY3OTk5NTk0yAEJqQIA52cef7-xPuACAKgDAaoEgAJP0K-bFVbdti8XsUr0ZV5Yr66sXCp57Dtpc6TqSzxMVHTg1VLEHk0ETeXxmK4mnTOycMA1pLE3fnnPd-TroSxasfGhGrDgs8RXwt3xpd_vjD6qH4QhYyMKB6me7mxmpFLn9ToUmv2zwU70xn6Zx_4IL_m7BlRr5zOcngVhO3sMU5Gnui52Gg6t2_AQbZr0GNdul7WHuyE2_K52bmzaF1a9BsPEf0U2Ff2touLkkrA8x_WEsBZqJr_w2kGuaVyOwofbowzsKMPqkOYOUPo1dIs2AU0p5OPx3JZjom6UxTZlM1_sQrzEiU1phUtz6s8qE59QtrecZk_Keq9nougYFgON4AQBgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2xgkY2wtJNXXK1WyWe-SzTrqvKdQ%2526client%253Dca-pub-4663753467999594%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af7a66542220ecfb2b8fa0286b60ffa95c1c8047df094654a90e1ff75f848ef5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:35:03 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2275235
cf-polished
origFmt=png, origSize=9357
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2330
cf-bgj
imgq:85,h2pri
last-modified
Thu, 08 Apr 2021 14:26:03 GMT
server
cloudflare
etag
"8cc161b392f5744da5319a4da549b763"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X1nkX6xJmGnxAHcXFsb%2BB%2BWKyAFrTWhz6m60gb%2BuR3GI2Tj%2BTfksX6py%2F1wW%2Fg3Q2pSRY69F0AI2fkS6GfM%2BFT1Wa4XAv%2F9QOiSFA14eO5jLI8htSCJPI3hkGCFWy0YMiwnsnInfSp1viko%2F"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7a8999c5782a9213-FRA
expires
Fri, 17 Mar 2023 02:35:03 GMT
B0EFBB0208E9EF8D30A7C89B72C086F1DD36F5D7A5F0A9551729DDFC67E85BCDECDB196EB4EAB3FEC6BC55A4A1442682559F8312D8959CED1C6B0F52B22CF45C
assets.ad4m.at/product_image/ Frame 1213 		339 KB
340 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/B0EFBB0208E9EF8D30A7C89B72C086F1DD36F5D7A5F0A9551729DDFC67E85BCDECDB196EB4EAB3FEC6BC55A4A1442682559F8312D8959CED1C6B0F52B22CF45C
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=63352%2C64769%2C117569&b=PGBuBfbfKY6mt9HjHbtMtY9qCJS9TDDAU6R3D%2Cjk8aEfGfx6VAuYHEH2t6txexsZSzT11bTdrg7%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=bk8aQfZfKqZRtYHbHzt8CqGxubSJTMMZHKqQP%2CxmDFQfAfAZzjsPHdHztDC3E3s7S6TKKps17xd%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=728&d=90&e=&g=fbdd7d044dd5f0856f103cfefc557fa0%2F969736781405137192&i=28908%2C27835%2C29981&j=24%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1678934103836&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jcw6wt12gjdeks4b4gnrapx75hyk3v2d86vdy5tvbgdpvh60v2asea1x2nb82337jt5vn768hhhj22eat1mg2768g4b470284a4hqq0hc0x1vdazce949zwwbczsw9r2hkaa1k6xwyfra77ht8w6vv9vt6fyngwjnrpts6pkp3b4g3c3y8h78sym3wvcm4gkn5g0r1rkkzn64xpxyj2rbcga6kycz9d05w58zk7pmcyfdzd9n7p8am028rbaky6mypzw90gapcqe3zvaa71mdyx%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC8NDHVoASZPHNA6zHx_APrJee-AGQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi00NjYzNzUzNDY3OTk5NTk0yAEJqQIA52cef7-xPuACAKgDAaoEgAJP0K-bFVbdti8XsUr0ZV5Yr66sXCp57Dtpc6TqSzxMVHTg1VLEHk0ETeXxmK4mnTOycMA1pLE3fnnPd-TroSxasfGhGrDgs8RXwt3xpd_vjD6qH4QhYyMKB6me7mxmpFLn9ToUmv2zwU70xn6Zx_4IL_m7BlRr5zOcngVhO3sMU5Gnui52Gg6t2_AQbZr0GNdul7WHuyE2_K52bmzaF1a9BsPEf0U2Ff2touLkkrA8x_WEsBZqJr_w2kGuaVyOwofbowzsKMPqkOYOUPo1dIs2AU0p5OPx3JZjom6UxTZlM1_sQrzEiU1phUtz6s8qE59QtrecZk_Keq9nougYFgON4AQBgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2xgkY2wtJNXXK1WyWe-SzTrqvKdQ%2526client%253Dca-pub-4663753467999594%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
42e8de9192dee3b3ee8a7529c5883dac20b868000168362d9f287125c95e18a8

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:35:03 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1578735
cf-polished
origFmt=png, origSize=563367
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
347098
cf-bgj
imgq:85,h2pri
last-modified
Fri, 09 Apr 2021 07:22:09 GMT
server
cloudflare
etag
"ff5ac113643d20bec15acfffe32cb75e"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8mQ4wMwWjtj05fuzERtagoDbAVr5HTfTXvSODNw96YrpsjvzE21P%2Ff%2B%2Bp%2Bowbi4NhSvTdPrdVACv7J%2B%2Fu27zr3KARPCWALX%2FwPuZ8HmkJCZzGsQSwMgrGmGISB8A7jXsN5guXoS5NbnBq2gI"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7a8999c5782b9213-FRA
expires
Fri, 17 Mar 2023 02:35:03 GMT
cshow.php
www.awin1.com/ Frame 1213 		43 B
704 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=2904924&v=20044&q=415363&r=412871&pv=1&pref3=oneidJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eYoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=63352%2C64769%2C117569&b=PGBuBfbfKY6mt9HjHbtMtY9qCJS9TDDAU6R3D%2Cjk8aEfGfx6VAuYHEH2t6txexsZSzT11bTdrg7%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=bk8aQfZfKqZRtYHbHzt8CqGxubSJTMMZHKqQP%2CxmDFQfAfAZzjsPHdHztDC3E3s7S6TKKps17xd%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=728&d=90&e=&g=fbdd7d044dd5f0856f103cfefc557fa0%2F969736781405137192&i=28908%2C27835%2C29981&j=24%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1678934103836&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jcw6wt12gjdeks4b4gnrapx75hyk3v2d86vdy5tvbgdpvh60v2asea1x2nb82337jt5vn768hhhj22eat1mg2768g4b470284a4hqq0hc0x1vdazce949zwwbczsw9r2hkaa1k6xwyfra77ht8w6vv9vt6fyngwjnrpts6pkp3b4g3c3y8h78sym3wvcm4gkn5g0r1rkkzn64xpxyj2rbcga6kycz9d05w58zk7pmcyfdzd9n7p8am028rbaky6mypzw90gapcqe3zvaa71mdyx%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC8NDHVoASZPHNA6zHx_APrJee-AGQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi00NjYzNzUzNDY3OTk5NTk0yAEJqQIA52cef7-xPuACAKgDAaoEgAJP0K-bFVbdti8XsUr0ZV5Yr66sXCp57Dtpc6TqSzxMVHTg1VLEHk0ETeXxmK4mnTOycMA1pLE3fnnPd-TroSxasfGhGrDgs8RXwt3xpd_vjD6qH4QhYyMKB6me7mxmpFLn9ToUmv2zwU70xn6Zx_4IL_m7BlRr5zOcngVhO3sMU5Gnui52Gg6t2_AQbZr0GNdul7WHuyE2_K52bmzaF1a9BsPEf0U2Ff2touLkkrA8x_WEsBZqJr_w2kGuaVyOwofbowzsKMPqkOYOUPo1dIs2AU0p5OPx3JZjom6UxTZlM1_sQrzEiU1phUtz6s8qE59QtrecZk_Keq9nougYFgON4AQBgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2xgkY2wtJNXXK1WyWe-SzTrqvKdQ%2526client%253Dca-pub-4663753467999594%2526adurl%253D&y=1&s=&z=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.19.44.80 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-44-80.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 16 Mar 2023 02:35:03 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
Content-Type
image/gif
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
43
Expires
0
default.css
as.ad4m.at/ad/style/0.1.35/one-ad/ Frame 285F 		94 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.35/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19458%2C188429%2C197862&b=Z28fwfBf6wRUmHDHDt3tJJZC6SXTQQefY5jB%2CmD8hefGfWJ6jsmHZHZtztJGjTKSwTeezuGgw2%2C3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3&f=9kMaMfmfxEVFKHBH2tzCrr9U9SmTzzmSrbBX%2C791CqfzfjD9JarHXHgtECVdXS4S1TQQ2f2kBW%2CWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W&c=728&d=90&e=&g=64369f81fb561724c4f54962039ede43%2F2990747796723692709&i=20774%2C21596%2C71725&j=14%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1678934103843&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kfqz9v6skd2jye7dyyy3cd7q1kmnh209sppdnst3gm7bnwpnky0jh6y3qh3nhhpfmqtvwy21zke5wekbxa5v0hbw979w9r1epa3w2trnj8swj3h2evk2xzxvy1bhfn2xytkzcyrz3hj1ejsmw6s680xxx4sqpmk0tp7ymjc3256kwjcew18ddfhvq87bm6wf25bnk2m6bxp7p5qjs1t7c6t9v5csqr8graetcnq954wvkcsxk3z4qzv04aqff2y75txzqnzfvr87hx26eyqwt37%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC2rg2VoASZOnUK8Lj7gPklKugB5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2NjM3NTM0Njc5OTk1OTTIAQmpAmUyKe-Vw7E-4AIAqAMBqgSAAk_QXHnjBdlqGlDUc9kBs-Y4gHWeWKh7fFdn5sqqbJ3bcFYlNXUNokN4EEeM3fwfErcBVzFXq7ujR7O7vOyvP7OGGg0-nLRi6_1UTL6wCJuYYUikIPL5a3dUhPTrACFTWWW78m4VXYyOoXJ7Z9dYzfrXkxwDzYIfInFVaJKwY3sRS2GWoWVk3hrq9azKf6V8Lj66Fty8LvoReiAneCS3r5GEWT3yP5kOS_-tqySh3X3wMHiMXJn2CoDzfvM8jBFex20M0qtbGBW7AKDevBAD9KWm15-G_2BEl-nyBHEMs_wuBmjjmmRS9uhSZRBUftMT5fvqv_Wmd4IsdivU8AeMVAbgBAGABrnqssHX0466vgGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_29pSuQS7WbIJCBaoJJQ9HIiAJecw%2526client%253Dca-pub-4663753467999594%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
926a4ca073c39c40cabffbf1b0371803f245f084cdb9177fc7b3f9d81c0e394d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/rar?a=19458%2C188429%2C197862&b=Z28fwfBf6wRUmHDHDt3tJJZC6SXTQQefY5jB%2CmD8hefGfWJ6jsmHZHZtztJGjTKSwTeezuGgw2%2C3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3&f=9kMaMfmfxEVFKHBH2tzCrr9U9SmTzzmSrbBX%2C791CqfzfjD9JarHXHgtECVdXS4S1TQQ2f2kBW%2CWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W&c=728&d=90&e=&g=64369f81fb561724c4f54962039ede43%2F2990747796723692709&i=20774%2C21596%2C71725&j=14%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1678934103843&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kfqz9v6skd2jye7dyyy3cd7q1kmnh209sppdnst3gm7bnwpnky0jh6y3qh3nhhpfmqtvwy21zke5wekbxa5v0hbw979w9r1epa3w2trnj8swj3h2evk2xzxvy1bhfn2xytkzcyrz3hj1ejsmw6s680xxx4sqpmk0tp7ymjc3256kwjcew18ddfhvq87bm6wf25bnk2m6bxp7p5qjs1t7c6t9v5csqr8graetcnq954wvkcsxk3z4qzv04aqff2y75txzqnzfvr87hx26eyqwt37%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC2rg2VoASZOnUK8Lj7gPklKugB5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2NjM3NTM0Njc5OTk1OTTIAQmpAmUyKe-Vw7E-4AIAqAMBqgSAAk_QXHnjBdlqGlDUc9kBs-Y4gHWeWKh7fFdn5sqqbJ3bcFYlNXUNokN4EEeM3fwfErcBVzFXq7ujR7O7vOyvP7OGGg0-nLRi6_1UTL6wCJuYYUikIPL5a3dUhPTrACFTWWW78m4VXYyOoXJ7Z9dYzfrXkxwDzYIfInFVaJKwY3sRS2GWoWVk3hrq9azKf6V8Lj66Fty8LvoReiAneCS3r5GEWT3yP5kOS_-tqySh3X3wMHiMXJn2CoDzfvM8jBFex20M0qtbGBW7AKDevBAD9KWm15-G_2BEl-nyBHEMs_wuBmjjmmRS9uhSZRBUftMT5fvqv_Wmd4IsdivU8AeMVAbgBAGABrnqssHX0466vgGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_29pSuQS7WbIJCBaoJJQ9HIiAJecw%2526client%253Dca-pub-4663753467999594%2526adurl%253D&y=1&s=&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:35:03 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime
1677666448
age
57691
cf-polished
origSize=96968
x-guploader-uploadid
ADPycduxnnyMRJTFaD4Dg7Hd8aRn6xTYu1PRy7TXWWh0GjCBxwAMZMkehaNAf-UCycuwqnGLPQWuj1EZCp5aL6ZRZOMYGSoR-sy7
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 01 Mar 2023 10:28:06 GMT
server
cloudflare
etag
W/"6110dc3a24c902508647a582294bcc25"
vary
Accept-Encoding
x-goog-generation
1677666486645030
content-type
text/css
x-goog-hash
crc32c=6qzuyQ==, md5=YRDcOiTJAlCGR6WCKUvMJQ==
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DlTCzxd8847zQ98EU2yBG0LhGM23hmwNCfvLqVWwl25S757s5B%2F9JjwB4qX3M%2Fx2uJbQGqDcgypBXXfMSIGEy7AchlDwa8fMhmS1BPPRi0eIJC0YR0r8kSZIBV8mUYM35G%2FL49BtllE%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
96968
cf-ray
7a8999c578229213-FRA
expires
Thu, 16 Mar 2023 03:35:03 GMT
D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
assets.ad4m.at/logo/ Frame 285F 		53 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19458%2C188429%2C197862&b=Z28fwfBf6wRUmHDHDt3tJJZC6SXTQQefY5jB%2CmD8hefGfWJ6jsmHZHZtztJGjTKSwTeezuGgw2%2C3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3&f=9kMaMfmfxEVFKHBH2tzCrr9U9SmTzzmSrbBX%2C791CqfzfjD9JarHXHgtECVdXS4S1TQQ2f2kBW%2CWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W&c=728&d=90&e=&g=64369f81fb561724c4f54962039ede43%2F2990747796723692709&i=20774%2C21596%2C71725&j=14%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1678934103843&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kfqz9v6skd2jye7dyyy3cd7q1kmnh209sppdnst3gm7bnwpnky0jh6y3qh3nhhpfmqtvwy21zke5wekbxa5v0hbw979w9r1epa3w2trnj8swj3h2evk2xzxvy1bhfn2xytkzcyrz3hj1ejsmw6s680xxx4sqpmk0tp7ymjc3256kwjcew18ddfhvq87bm6wf25bnk2m6bxp7p5qjs1t7c6t9v5csqr8graetcnq954wvkcsxk3z4qzv04aqff2y75txzqnzfvr87hx26eyqwt37%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC2rg2VoASZOnUK8Lj7gPklKugB5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2NjM3NTM0Njc5OTk1OTTIAQmpAmUyKe-Vw7E-4AIAqAMBqgSAAk_QXHnjBdlqGlDUc9kBs-Y4gHWeWKh7fFdn5sqqbJ3bcFYlNXUNokN4EEeM3fwfErcBVzFXq7ujR7O7vOyvP7OGGg0-nLRi6_1UTL6wCJuYYUikIPL5a3dUhPTrACFTWWW78m4VXYyOoXJ7Z9dYzfrXkxwDzYIfInFVaJKwY3sRS2GWoWVk3hrq9azKf6V8Lj66Fty8LvoReiAneCS3r5GEWT3yP5kOS_-tqySh3X3wMHiMXJn2CoDzfvM8jBFex20M0qtbGBW7AKDevBAD9KWm15-G_2BEl-nyBHEMs_wuBmjjmmRS9uhSZRBUftMT5fvqv_Wmd4IsdivU8AeMVAbgBAGABrnqssHX0466vgGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_29pSuQS7WbIJCBaoJJQ9HIiAJecw%2526client%253Dca-pub-4663753467999594%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7cdf71044448cb736733f5163fff96081d51ba4101567d61d22ee5998a7a399

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:35:03 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1579089
cf-polished
origFmt=png, origSize=115129
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
54564
cf-bgj
imgq:85,h2pri
last-modified
Tue, 09 Feb 2021 15:11:24 GMT
server
cloudflare
etag
"0a277d59efca0369a6983645e273659e"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LKZV0FvPnzI4HyvHcD8D0cZE6Pj3yjKqBwfifyFUfwZm1Fi1fFdk9oeL6E4K1Ea6JyV3qC2Y04CETLT8vqRh86RV9yWDu0oPgX8%2FsYItaA1Crt9bGvql11Vw1p2jBTC0iBL36i5Rf1PHtKIS"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7a8999c578239213-FRA
expires
Fri, 17 Mar 2023 02:35:03 GMT
1D53E9CF3821E81F5644C8C6FD10FC3C1E53F2F21748B14D50333BD8E08058E50BE70BEE9D071C4FD38992D3B57467DAA70308BF0B8E9E5A740263D0F5C9EE6D
assets.ad4m.at/product_image/ Frame 285F 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/1D53E9CF3821E81F5644C8C6FD10FC3C1E53F2F21748B14D50333BD8E08058E50BE70BEE9D071C4FD38992D3B57467DAA70308BF0B8E9E5A740263D0F5C9EE6D
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19458%2C188429%2C197862&b=Z28fwfBf6wRUmHDHDt3tJJZC6SXTQQefY5jB%2CmD8hefGfWJ6jsmHZHZtztJGjTKSwTeezuGgw2%2C3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3&f=9kMaMfmfxEVFKHBH2tzCrr9U9SmTzzmSrbBX%2C791CqfzfjD9JarHXHgtECVdXS4S1TQQ2f2kBW%2CWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W&c=728&d=90&e=&g=64369f81fb561724c4f54962039ede43%2F2990747796723692709&i=20774%2C21596%2C71725&j=14%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1678934103843&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kfqz9v6skd2jye7dyyy3cd7q1kmnh209sppdnst3gm7bnwpnky0jh6y3qh3nhhpfmqtvwy21zke5wekbxa5v0hbw979w9r1epa3w2trnj8swj3h2evk2xzxvy1bhfn2xytkzcyrz3hj1ejsmw6s680xxx4sqpmk0tp7ymjc3256kwjcew18ddfhvq87bm6wf25bnk2m6bxp7p5qjs1t7c6t9v5csqr8graetcnq954wvkcsxk3z4qzv04aqff2y75txzqnzfvr87hx26eyqwt37%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC2rg2VoASZOnUK8Lj7gPklKugB5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2NjM3NTM0Njc5OTk1OTTIAQmpAmUyKe-Vw7E-4AIAqAMBqgSAAk_QXHnjBdlqGlDUc9kBs-Y4gHWeWKh7fFdn5sqqbJ3bcFYlNXUNokN4EEeM3fwfErcBVzFXq7ujR7O7vOyvP7OGGg0-nLRi6_1UTL6wCJuYYUikIPL5a3dUhPTrACFTWWW78m4VXYyOoXJ7Z9dYzfrXkxwDzYIfInFVaJKwY3sRS2GWoWVk3hrq9azKf6V8Lj66Fty8LvoReiAneCS3r5GEWT3yP5kOS_-tqySh3X3wMHiMXJn2CoDzfvM8jBFex20M0qtbGBW7AKDevBAD9KWm15-G_2BEl-nyBHEMs_wuBmjjmmRS9uhSZRBUftMT5fvqv_Wmd4IsdivU8AeMVAbgBAGABrnqssHX0466vgGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_29pSuQS7WbIJCBaoJJQ9HIiAJecw%2526client%253Dca-pub-4663753467999594%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea39dba2b498dfe4e18255e241acf246f9229c8deb54e5b2530cadb51a25bd58

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:35:03 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
374042
cf-polished
qual=85, origFmt=jpeg, origSize=60655
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
21982
cf-bgj
imgq:85,h2pri
last-modified
Fri, 11 Dec 2020 13:58:13 GMT
server
cloudflare
etag
"39d52f1648dac315ebcc9c4fa4ed5728"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cBkIZAzFn5wbAwy0BtXlbzUzhS%2FW5zrpHXuglCLNx4nfv83biymq9BN879j3SK9cJhjBOwlsJfBvvuVNrXdt9mMXVipWgnUPZ1mzzq%2FI4Fu2Qz2AT%2FrfX9vp6Oh1la8%2FmCfpDnYarmKcuqVt"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7a8999c588309213-FRA
expires
Fri, 17 Mar 2023 02:35:03 GMT
/
partner.o2online.de/a/ Frame 285F
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_t...
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CJic9_a03_0CFQR44AodYDUGpA;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=...
  • https://www.telefonica-partner.de/tpv.php?t=112793V1226132702M&subid=viewoneidZ28fwfBf6wRUmHDHDt3tJJZC6SXTQQefY5jBoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://www.lead-alliance.net/tpv.php?t=112793V1226132702M&subid=viewoneidZ28fwfBf6wRUmHDHDt3tJJZC6SXTQQefY5jBoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=112793&s_id=2023031603350482889743889X112793V1226132702MSviewoneidZ28fwfBf6wRUmHDHDt3tJJZC6SXTQQefY5jBoneid__suite...
49 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=112793&s_id=2023031603350482889743889X112793V1226132702MSviewoneidZ28fwfBf6wRUmHDHDt3tJJZC6SXTQQefY5jBoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&cons=0&spid=2023031603350482889743889X112793V1226132702MSviewoneidZ28fwfBf6wRUmHDHDt3tJJZC6SXTQQefY5jBoneid__suite_Netmix_Reach121_BESTPERFORMER&wfid=112793&partnerid=12218
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19458%2C188429%2C197862&b=Z28fwfBf6wRUmHDHDt3tJJZC6SXTQQefY5jB%2CmD8hefGfWJ6jsmHZHZtztJGjTKSwTeezuGgw2%2C3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3&f=9kMaMfmfxEVFKHBH2tzCrr9U9SmTzzmSrbBX%2C791CqfzfjD9JarHXHgtECVdXS4S1TQQ2f2kBW%2CWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W&c=728&d=90&e=&g=64369f81fb561724c4f54962039ede43%2F2990747796723692709&i=20774%2C21596%2C71725&j=14%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1678934103843&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kfqz9v6skd2jye7dyyy3cd7q1kmnh209sppdnst3gm7bnwpnky0jh6y3qh3nhhpfmqtvwy21zke5wekbxa5v0hbw979w9r1epa3w2trnj8swj3h2evk2xzxvy1bhfn2xytkzcyrz3hj1ejsmw6s680xxx4sqpmk0tp7ymjc3256kwjcew18ddfhvq87bm6wf25bnk2m6bxp7p5qjs1t7c6t9v5csqr8graetcnq954wvkcsxk3z4qzv04aqff2y75txzqnzfvr87hx26eyqwt37%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC2rg2VoASZOnUK8Lj7gPklKugB5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2NjM3NTM0Njc5OTk1OTTIAQmpAmUyKe-Vw7E-4AIAqAMBqgSAAk_QXHnjBdlqGlDUc9kBs-Y4gHWeWKh7fFdn5sqqbJ3bcFYlNXUNokN4EEeM3fwfErcBVzFXq7ujR7O7vOyvP7OGGg0-nLRi6_1UTL6wCJuYYUikIPL5a3dUhPTrACFTWWW78m4VXYyOoXJ7Z9dYzfrXkxwDzYIfInFVaJKwY3sRS2GWoWVk3hrq9azKf6V8Lj66Fty8LvoReiAneCS3r5GEWT3yP5kOS_-tqySh3X3wMHiMXJn2CoDzfvM8jBFex20M0qtbGBW7AKDevBAD9KWm15-G_2BEl-nyBHEMs_wuBmjjmmRS9uhSZRBUftMT5fvqv_Wmd4IsdivU8AeMVAbgBAGABrnqssHX0466vgGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_29pSuQS7WbIJCBaoJJQ9HIiAJecw%2526client%253Dca-pub-4663753467999594%2526adurl%253D&y=1&s=&z=0
Protocol
HTTP/1.1
Server
167.233.13.224 Hallbergmoos, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.224.13.233.167.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Thu, 16 Mar 2023 02:35:04 GMT
X-NODEIP
88.99.63.132
Server
nginx/1.18.0 (Ubuntu)
RM-PrivacyPolicy
https://www.nonstoppartner.net/
Content-Type
image/gif
P3P
policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection
keep-alive
Keep-Alive
timeout=10
Content-Length
49

Redirect headers

location
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=112793&s_id=2023031603350482889743889X112793V1226132702MSviewoneidZ28fwfBf6wRUmHDHDt3tJJZC6SXTQQefY5jBoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&cons=0&spid=2023031603350482889743889X112793V1226132702MSviewoneidZ28fwfBf6wRUmHDHDt3tJJZC6SXTQQefY5jBoneid__suite_Netmix_Reach121_BESTPERFORMER&wfid=112793&partnerid=12218
date
Thu, 16 Mar 2023 02:35:04 GMT
x-content-type-options
nosniff
server
nginx
x-xss-protection
1; mode=block
content-type
text/html; charset=UTF-8
762E992A001272DDC355514B76DC4960DDF6238B0F54854C0B29BE64A7E78BA5693E54C1A602322E523834805FE15471ECC3FEB06D9A02796A930A4085F71F84
assets.ad4m.at/logo/ Frame 285F 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/762E992A001272DDC355514B76DC4960DDF6238B0F54854C0B29BE64A7E78BA5693E54C1A602322E523834805FE15471ECC3FEB06D9A02796A930A4085F71F84
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19458%2C188429%2C197862&b=Z28fwfBf6wRUmHDHDt3tJJZC6SXTQQefY5jB%2CmD8hefGfWJ6jsmHZHZtztJGjTKSwTeezuGgw2%2C3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3&f=9kMaMfmfxEVFKHBH2tzCrr9U9SmTzzmSrbBX%2C791CqfzfjD9JarHXHgtECVdXS4S1TQQ2f2kBW%2CWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W&c=728&d=90&e=&g=64369f81fb561724c4f54962039ede43%2F2990747796723692709&i=20774%2C21596%2C71725&j=14%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1678934103843&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kfqz9v6skd2jye7dyyy3cd7q1kmnh209sppdnst3gm7bnwpnky0jh6y3qh3nhhpfmqtvwy21zke5wekbxa5v0hbw979w9r1epa3w2trnj8swj3h2evk2xzxvy1bhfn2xytkzcyrz3hj1ejsmw6s680xxx4sqpmk0tp7ymjc3256kwjcew18ddfhvq87bm6wf25bnk2m6bxp7p5qjs1t7c6t9v5csqr8graetcnq954wvkcsxk3z4qzv04aqff2y75txzqnzfvr87hx26eyqwt37%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC2rg2VoASZOnUK8Lj7gPklKugB5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2NjM3NTM0Njc5OTk1OTTIAQmpAmUyKe-Vw7E-4AIAqAMBqgSAAk_QXHnjBdlqGlDUc9kBs-Y4gHWeWKh7fFdn5sqqbJ3bcFYlNXUNokN4EEeM3fwfErcBVzFXq7ujR7O7vOyvP7OGGg0-nLRi6_1UTL6wCJuYYUikIPL5a3dUhPTrACFTWWW78m4VXYyOoXJ7Z9dYzfrXkxwDzYIfInFVaJKwY3sRS2GWoWVk3hrq9azKf6V8Lj66Fty8LvoReiAneCS3r5GEWT3yP5kOS_-tqySh3X3wMHiMXJn2CoDzfvM8jBFex20M0qtbGBW7AKDevBAD9KWm15-G_2BEl-nyBHEMs_wuBmjjmmRS9uhSZRBUftMT5fvqv_Wmd4IsdivU8AeMVAbgBAGABrnqssHX0466vgGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_29pSuQS7WbIJCBaoJJQ9HIiAJecw%2526client%253Dca-pub-4663753467999594%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ffae8fb9199235cf70171d14a964159b4eda2da695a258c2586de98e3cb27bb2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:35:03 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2099214
cf-polished
origFmt=png, origSize=65187
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44710
cf-bgj
imgq:85,h2pri
last-modified
Tue, 17 Jan 2023 14:45:52 GMT
server
cloudflare
etag
"99941d3864a6d6ef01023c96e0475815"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OT3csQMkq%2B0Vm0pnT3MtelTALg9J1LKq1hcNWCkdWoAaxTgy9QsXmwK91Mf01NFvlxLCy0YTahD9ogp%2Fu8LzIhyO6WwSUSQmyFK5RLTBpTjQ7olHEz%2FjuEDSkgEP9vW0YlkisgYQ3W%2B3hpxK"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7a8999c588319213-FRA
expires
Fri, 17 Mar 2023 02:35:03 GMT
EC9093D4AF3799CF781B1E590A25D192F3BFBB8EF4C33117758FB5ADF524B34A287AF80FDD08D80A46541DEAE1FFA692B6F4CA688E7C199182253AEB01A2863C
assets.ad4m.at/product_image/ Frame 285F 		222 KB
222 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/EC9093D4AF3799CF781B1E590A25D192F3BFBB8EF4C33117758FB5ADF524B34A287AF80FDD08D80A46541DEAE1FFA692B6F4CA688E7C199182253AEB01A2863C
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19458%2C188429%2C197862&b=Z28fwfBf6wRUmHDHDt3tJJZC6SXTQQefY5jB%2CmD8hefGfWJ6jsmHZHZtztJGjTKSwTeezuGgw2%2C3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3&f=9kMaMfmfxEVFKHBH2tzCrr9U9SmTzzmSrbBX%2C791CqfzfjD9JarHXHgtECVdXS4S1TQQ2f2kBW%2CWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W&c=728&d=90&e=&g=64369f81fb561724c4f54962039ede43%2F2990747796723692709&i=20774%2C21596%2C71725&j=14%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1678934103843&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kfqz9v6skd2jye7dyyy3cd7q1kmnh209sppdnst3gm7bnwpnky0jh6y3qh3nhhpfmqtvwy21zke5wekbxa5v0hbw979w9r1epa3w2trnj8swj3h2evk2xzxvy1bhfn2xytkzcyrz3hj1ejsmw6s680xxx4sqpmk0tp7ymjc3256kwjcew18ddfhvq87bm6wf25bnk2m6bxp7p5qjs1t7c6t9v5csqr8graetcnq954wvkcsxk3z4qzv04aqff2y75txzqnzfvr87hx26eyqwt37%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC2rg2VoASZOnUK8Lj7gPklKugB5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2NjM3NTM0Njc5OTk1OTTIAQmpAmUyKe-Vw7E-4AIAqAMBqgSAAk_QXHnjBdlqGlDUc9kBs-Y4gHWeWKh7fFdn5sqqbJ3bcFYlNXUNokN4EEeM3fwfErcBVzFXq7ujR7O7vOyvP7OGGg0-nLRi6_1UTL6wCJuYYUikIPL5a3dUhPTrACFTWWW78m4VXYyOoXJ7Z9dYzfrXkxwDzYIfInFVaJKwY3sRS2GWoWVk3hrq9azKf6V8Lj66Fty8LvoReiAneCS3r5GEWT3yP5kOS_-tqySh3X3wMHiMXJn2CoDzfvM8jBFex20M0qtbGBW7AKDevBAD9KWm15-G_2BEl-nyBHEMs_wuBmjjmmRS9uhSZRBUftMT5fvqv_Wmd4IsdivU8AeMVAbgBAGABrnqssHX0466vgGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_29pSuQS7WbIJCBaoJJQ9HIiAJecw%2526client%253Dca-pub-4663753467999594%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9bfc7d34cd8bc7df36a984d6f3da50799752e33c48bbf07a4a1ee959b51476d0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:35:03 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
540586
cf-polished
origFmt=png, origSize=342797
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
226950
cf-bgj
imgq:85,h2pri
last-modified
Wed, 15 Jun 2022 14:01:11 GMT
server
cloudflare
etag
"82c7de0f42ff55fdd0acc07731664031"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w70O9R7qicXXGjfq3YStp2Vi87ss3mQm9%2BIy%2Bg4429fnInfnd2KatS%2FaHw4bTzJ1h0w4Qh8XG6um6i%2BnHmEOXYNcTevYT2BwKuvciT%2B7NyjY6Y47KEd6c4b%2Bw9iyvNOpLk%2F3%2BkspIj7dCw6g"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7a8999c588329213-FRA
expires
Fri, 17 Mar 2023 02:35:03 GMT
ztpv.php
www.conrad.de/ Frame 285F
Redirect Chain
  • https://www.awin1.com/cshow.php?s=2470172&v=11354&q=377133&r=412871&pv=1&pref3=oneidmD8hefGfWJ6jsmHZHZtztJGjTKSwTeezuGgw2oneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://www.conrad.de/ztpv.php?awc=11354_412871_1678934103_28301a00-c3a3-11ed-b00f-2238801674a3&insert=AW&&gdpr=0&gdpr_consent=
0
197 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.conrad.de/ztpv.php?awc=11354_412871_1678934103_28301a00-c3a3-11ed-b00f-2238801674a3&insert=AW&&gdpr=0&gdpr_consent=
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19458%2C188429%2C197862&b=Z28fwfBf6wRUmHDHDt3tJJZC6SXTQQefY5jB%2CmD8hefGfWJ6jsmHZHZtztJGjTKSwTeezuGgw2%2C3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3&f=9kMaMfmfxEVFKHBH2tzCrr9U9SmTzzmSrbBX%2C791CqfzfjD9JarHXHgtECVdXS4S1TQQ2f2kBW%2CWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W&c=728&d=90&e=&g=64369f81fb561724c4f54962039ede43%2F2990747796723692709&i=20774%2C21596%2C71725&j=14%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1678934103843&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kfqz9v6skd2jye7dyyy3cd7q1kmnh209sppdnst3gm7bnwpnky0jh6y3qh3nhhpfmqtvwy21zke5wekbxa5v0hbw979w9r1epa3w2trnj8swj3h2evk2xzxvy1bhfn2xytkzcyrz3hj1ejsmw6s680xxx4sqpmk0tp7ymjc3256kwjcew18ddfhvq87bm6wf25bnk2m6bxp7p5qjs1t7c6t9v5csqr8graetcnq954wvkcsxk3z4qzv04aqff2y75txzqnzfvr87hx26eyqwt37%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC2rg2VoASZOnUK8Lj7gPklKugB5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2NjM3NTM0Njc5OTk1OTTIAQmpAmUyKe-Vw7E-4AIAqAMBqgSAAk_QXHnjBdlqGlDUc9kBs-Y4gHWeWKh7fFdn5sqqbJ3bcFYlNXUNokN4EEeM3fwfErcBVzFXq7ujR7O7vOyvP7OGGg0-nLRi6_1UTL6wCJuYYUikIPL5a3dUhPTrACFTWWW78m4VXYyOoXJ7Z9dYzfrXkxwDzYIfInFVaJKwY3sRS2GWoWVk3hrq9azKf6V8Lj66Fty8LvoReiAneCS3r5GEWT3yP5kOS_-tqySh3X3wMHiMXJn2CoDzfvM8jBFex20M0qtbGBW7AKDevBAD9KWm15-G_2BEl-nyBHEMs_wuBmjjmmRS9uhSZRBUftMT5fvqv_Wmd4IsdivU8AeMVAbgBAGABrnqssHX0466vgGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_29pSuQS7WbIJCBaoJJQ9HIiAJecw%2526client%253Dca-pub-4663753467999594%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Server
2606:4700::6812:7f05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:35:04 GMT
strict-transport-security
max-age=15552000
cf-ccp-worker
HTLPHandler-v1
server
cloudflare
vary
Accept-Encoding
cache-control
no-cache
cf-ray
7a8999c6b86abbef-FRA
content-length
0
expires
-1

Redirect headers

Date
Thu, 16 Mar 2023 02:35:03 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location
https://www.conrad.de/ztpv.php?awc=11354_412871_1678934103_28301a00-c3a3-11ed-b00f-2238801674a3&insert=AW&&gdpr=0&gdpr_consent=
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
0
B6C55515525C2192B97E1253116BAA5C685DD07AF79BB6C9C4097CAEDCCAF04D1DC2B7B5FD417FB88EA0B39E23DED47A8BBF448407373E4FBED422FA6A33EF14
assets.ad4m.at/logo/ Frame 285F 		47 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/B6C55515525C2192B97E1253116BAA5C685DD07AF79BB6C9C4097CAEDCCAF04D1DC2B7B5FD417FB88EA0B39E23DED47A8BBF448407373E4FBED422FA6A33EF14
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19458%2C188429%2C197862&b=Z28fwfBf6wRUmHDHDt3tJJZC6SXTQQefY5jB%2CmD8hefGfWJ6jsmHZHZtztJGjTKSwTeezuGgw2%2C3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3&f=9kMaMfmfxEVFKHBH2tzCrr9U9SmTzzmSrbBX%2C791CqfzfjD9JarHXHgtECVdXS4S1TQQ2f2kBW%2CWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W&c=728&d=90&e=&g=64369f81fb561724c4f54962039ede43%2F2990747796723692709&i=20774%2C21596%2C71725&j=14%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1678934103843&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kfqz9v6skd2jye7dyyy3cd7q1kmnh209sppdnst3gm7bnwpnky0jh6y3qh3nhhpfmqtvwy21zke5wekbxa5v0hbw979w9r1epa3w2trnj8swj3h2evk2xzxvy1bhfn2xytkzcyrz3hj1ejsmw6s680xxx4sqpmk0tp7ymjc3256kwjcew18ddfhvq87bm6wf25bnk2m6bxp7p5qjs1t7c6t9v5csqr8graetcnq954wvkcsxk3z4qzv04aqff2y75txzqnzfvr87hx26eyqwt37%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC2rg2VoASZOnUK8Lj7gPklKugB5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2NjM3NTM0Njc5OTk1OTTIAQmpAmUyKe-Vw7E-4AIAqAMBqgSAAk_QXHnjBdlqGlDUc9kBs-Y4gHWeWKh7fFdn5sqqbJ3bcFYlNXUNokN4EEeM3fwfErcBVzFXq7ujR7O7vOyvP7OGGg0-nLRi6_1UTL6wCJuYYUikIPL5a3dUhPTrACFTWWW78m4VXYyOoXJ7Z9dYzfrXkxwDzYIfInFVaJKwY3sRS2GWoWVk3hrq9azKf6V8Lj66Fty8LvoReiAneCS3r5GEWT3yP5kOS_-tqySh3X3wMHiMXJn2CoDzfvM8jBFex20M0qtbGBW7AKDevBAD9KWm15-G_2BEl-nyBHEMs_wuBmjjmmRS9uhSZRBUftMT5fvqv_Wmd4IsdivU8AeMVAbgBAGABrnqssHX0466vgGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_29pSuQS7WbIJCBaoJJQ9HIiAJecw%2526client%253Dca-pub-4663753467999594%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d605bd2ec6ee95ecf8d2966ef89588ff8894e4d9c88ae95c82a59d71ab753d40

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:35:03 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
785390
cf-polished
origSize=53992, status=vary_header_present
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
48382
cf-bgj
imgq:85,h2pri
last-modified
Wed, 29 Jun 2022 14:47:26 GMT
server
cloudflare
etag
"e460905652d65e6a54a57da046f52d6c"
vary
X-Goog-Allowed-Resources, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pYgzGJxiiokWlufYIZIGmGqCpeDcLjG3m5jgIXzM9dQKflL7PoB6ZyAp69OPeghpW3f%2FrNaXMEZDHZkIMbq2S%2BbMJlOAp45rjWI%2Fq%2Fz8W%2FI2T7gaekzu6IbRfahHNSgXbYjgs9uFV%2B7AD%2B81"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7a8999c588349213-FRA
expires
Fri, 17 Mar 2023 02:35:03 GMT
A36DAD0D440985CF6ABFA23492945CE5BC6D94350A66B19418CB771AFE823AD9B48ADE8E2F007546F0A50A710172EEFC2CAC1468E38852CE2028C22592AAFB75
assets.ad4m.at/product_image/ Frame 285F 		54 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/A36DAD0D440985CF6ABFA23492945CE5BC6D94350A66B19418CB771AFE823AD9B48ADE8E2F007546F0A50A710172EEFC2CAC1468E38852CE2028C22592AAFB75
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19458%2C188429%2C197862&b=Z28fwfBf6wRUmHDHDt3tJJZC6SXTQQefY5jB%2CmD8hefGfWJ6jsmHZHZtztJGjTKSwTeezuGgw2%2C3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3&f=9kMaMfmfxEVFKHBH2tzCrr9U9SmTzzmSrbBX%2C791CqfzfjD9JarHXHgtECVdXS4S1TQQ2f2kBW%2CWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W&c=728&d=90&e=&g=64369f81fb561724c4f54962039ede43%2F2990747796723692709&i=20774%2C21596%2C71725&j=14%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1678934103843&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kfqz9v6skd2jye7dyyy3cd7q1kmnh209sppdnst3gm7bnwpnky0jh6y3qh3nhhpfmqtvwy21zke5wekbxa5v0hbw979w9r1epa3w2trnj8swj3h2evk2xzxvy1bhfn2xytkzcyrz3hj1ejsmw6s680xxx4sqpmk0tp7ymjc3256kwjcew18ddfhvq87bm6wf25bnk2m6bxp7p5qjs1t7c6t9v5csqr8graetcnq954wvkcsxk3z4qzv04aqff2y75txzqnzfvr87hx26eyqwt37%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC2rg2VoASZOnUK8Lj7gPklKugB5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2NjM3NTM0Njc5OTk1OTTIAQmpAmUyKe-Vw7E-4AIAqAMBqgSAAk_QXHnjBdlqGlDUc9kBs-Y4gHWeWKh7fFdn5sqqbJ3bcFYlNXUNokN4EEeM3fwfErcBVzFXq7ujR7O7vOyvP7OGGg0-nLRi6_1UTL6wCJuYYUikIPL5a3dUhPTrACFTWWW78m4VXYyOoXJ7Z9dYzfrXkxwDzYIfInFVaJKwY3sRS2GWoWVk3hrq9azKf6V8Lj66Fty8LvoReiAneCS3r5GEWT3yP5kOS_-tqySh3X3wMHiMXJn2CoDzfvM8jBFex20M0qtbGBW7AKDevBAD9KWm15-G_2BEl-nyBHEMs_wuBmjjmmRS9uhSZRBUftMT5fvqv_Wmd4IsdivU8AeMVAbgBAGABrnqssHX0466vgGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_29pSuQS7WbIJCBaoJJQ9HIiAJecw%2526client%253Dca-pub-4663753467999594%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
861e4cd27539274eedfdd65212a140a4c7ccea88e004d23f5234e4db48bc73ae

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:35:03 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2411696
cf-polished
origFmt=png, origSize=105738
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
55786
cf-bgj
imgq:85,h2pri
last-modified
Mon, 04 Jul 2022 08:55:40 GMT
server
cloudflare
etag
"147be38db57f89c69c9e65b05983ff0e"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RpC9KIBv8Erc98SiH%2FH6IiRNGVl%2Bnf2ADPvj7W1Agt%2FZ68%2FCOm%2Fs6zG8cYA6k6yyB6srXG3ff7iSw%2BUO5SKpD6FcdCabA0JxHfAcCEWtmJojaawb%2FTxLLxL1plh55amh1%2B5s3%2BePwBzHZYua"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7a8999c588359213-FRA
expires
Fri, 17 Mar 2023 02:35:03 GMT
link.html
track.webgains.com/ Frame 285F 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=3641431&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1hf7bc114e5245zsh16ks8kea2zk0hw022snzk3tm611avey2bc281yq86av6rx35yq87pkpyg7rem7n015gzt5wz9n7h7n1gn4d951v54scfkze4xmrmr0j3xpe734zrnys2qcg7p05q3mca69rha3n0hqxna9yaay2tngjr9xk4gsp9d5r6hz8xjbfc5cp6tw07kyvxhjqcq2bmz225f0h4jhtyyefpht7sf2bxaehkr1ac8rqynpgvmkpvsa1hke0%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1kfqz9v6skd2jye7dyyy3cd7q1kmnh209sppdnst3gm7bnwpnky0jh6y3qh3nhhpfmqtvwy21zke5wekbxa5v0hbw979w9r1epa3w2trnj8swj3h2evk2xzxvy1bhfn2xytkzcyrz3hj1ejsmw6s680xxx4sqpmk0tp7ymjc3256kwjcew18ddfhvq87bm6wf25bnk2m6bxp7p5qjs1t7c6t9v5csqr8graetcnq954wvkcsxk3z4qzv04aqff2y75txzqnzfvr87hx26eyqwt37%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC2rg2VoASZOnUK8Lj7gPklKugB5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2NjM3NTM0Njc5OTk1OTTIAQmpAmUyKe-Vw7E-4AIAqAMBqgSAAk_QXHnjBdlqGlDUc9kBs-Y4gHWeWKh7fFdn5sqqbJ3bcFYlNXUNokN4EEeM3fwfErcBVzFXq7ujR7O7vOyvP7OGGg0-nLRi6_1UTL6wCJuYYUikIPL5a3dUhPTrACFTWWW78m4VXYyOoXJ7Z9dYzfrXkxwDzYIfInFVaJKwY3sRS2GWoWVk3hrq9azKf6V8Lj66Fty8LvoReiAneCS3r5GEWT3yP5kOS_-tqySh3X3wMHiMXJn2CoDzfvM8jBFex20M0qtbGBW7AKDevBAD9KWm15-G_2BEl-nyBHEMs_wuBmjjmmRS9uhSZRBUftMT5fvqv_Wmd4IsdivU8AeMVAbgBAGABrnqssHX0466vgGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_29pSuQS7WbIJCBaoJJQ9HIiAJecw%252526client%25253Dca-pub-4663753467999594%252526adurl%25253D&clickref=oneidWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8Woneid__suite_Netmix_Reach121_BESTPERFORMER&viewref=oneid3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3oneid__suite_Netmix_Reach121_BESTPERFORMER
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19458%2C188429%2C197862&b=Z28fwfBf6wRUmHDHDt3tJJZC6SXTQQefY5jB%2CmD8hefGfWJ6jsmHZHZtztJGjTKSwTeezuGgw2%2C3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3&f=9kMaMfmfxEVFKHBH2tzCrr9U9SmTzzmSrbBX%2C791CqfzfjD9JarHXHgtECVdXS4S1TQQ2f2kBW%2CWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W&c=728&d=90&e=&g=64369f81fb561724c4f54962039ede43%2F2990747796723692709&i=20774%2C21596%2C71725&j=14%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1678934103843&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kfqz9v6skd2jye7dyyy3cd7q1kmnh209sppdnst3gm7bnwpnky0jh6y3qh3nhhpfmqtvwy21zke5wekbxa5v0hbw979w9r1epa3w2trnj8swj3h2evk2xzxvy1bhfn2xytkzcyrz3hj1ejsmw6s680xxx4sqpmk0tp7ymjc3256kwjcew18ddfhvq87bm6wf25bnk2m6bxp7p5qjs1t7c6t9v5csqr8graetcnq954wvkcsxk3z4qzv04aqff2y75txzqnzfvr87hx26eyqwt37%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC2rg2VoASZOnUK8Lj7gPklKugB5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2NjM3NTM0Njc5OTk1OTTIAQmpAmUyKe-Vw7E-4AIAqAMBqgSAAk_QXHnjBdlqGlDUc9kBs-Y4gHWeWKh7fFdn5sqqbJ3bcFYlNXUNokN4EEeM3fwfErcBVzFXq7ujR7O7vOyvP7OGGg0-nLRi6_1UTL6wCJuYYUikIPL5a3dUhPTrACFTWWW78m4VXYyOoXJ7Z9dYzfrXkxwDzYIfInFVaJKwY3sRS2GWoWVk3hrq9azKf6V8Lj66Fty8LvoReiAneCS3r5GEWT3yP5kOS_-tqySh3X3wMHiMXJn2CoDzfvM8jBFex20M0qtbGBW7AKDevBAD9KWm15-G_2BEl-nyBHEMs_wuBmjjmmRS9uhSZRBUftMT5fvqv_Wmd4IsdivU8AeMVAbgBAGABrnqssHX0466vgGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_29pSuQS7WbIJCBaoJJQ9HIiAJecw%2526client%253Dca-pub-4663753467999594%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.132.110.241 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-132-110-241.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
7f5f3c5d80a15e11faf275503721ba8cc1360f03eb0e8f11bf2153aed3e1def3

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:35:04 GMT
last-modified
Thu, 16 Mar 2023 02:35:03 GMT
server
nginx
x-powered-by
PHP/7.4.26
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=60
access-control-allow-headers
Authorization
expires
Thu, 16 Mar 2023 02:36:03 GMT
htlp.html
trck.trendtours.de/trck/htlp/ Frame 5F17 		0
707 B 		Document
General
Check archive.org
Download Go to
Full URL
https://trck.trendtours.de/trck/htlp/htlp.html?utm_medium=affiliate&host=trendtours.de&pvid=641280582dc1a65b330c2175&gdpr=0&gdpr_consent=
Requested by
Host: trck.trendtours.de
URL: https://trck.trendtours.de/trck/epv/963fb8e2eec080164ced0d8b1bcc4e5d?subid=oneidPGBuBfbfKY6mt9HjHbtMtY9qCJS9TDDAU6R3Doneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.83.212.112 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Range, Content-Disposition, Content-Type, Authorization
access-control-allow-methods
GET,PUT,POST,DELETE,OPTIONS
access-control-allow-origin
*
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 16 Mar 2023 02:35:04 GMT
server
nginx
vary
Accept-Encoding
x-https-header
1
tt_trendtours%20allgemein_uppr_Native-Ads_V2_627x627.jpg
ht.uppr.de/campaign_168_Trendtours/20210212_nativeAds/ Frame 1213 		206 KB
206 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ht.uppr.de/campaign_168_Trendtours/20210212_nativeAds/tt_trendtours%20allgemein_uppr_Native-Ads_V2_627x627.jpg
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=63352%2C64769%2C117569&b=PGBuBfbfKY6mt9HjHbtMtY9qCJS9TDDAU6R3D%2Cjk8aEfGfx6VAuYHEH2t6txexsZSzT11bTdrg7%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=bk8aQfZfKqZRtYHbHzt8CqGxubSJTMMZHKqQP%2CxmDFQfAfAZzjsPHdHztDC3E3s7S6TKKps17xd%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=728&d=90&e=&g=fbdd7d044dd5f0856f103cfefc557fa0%2F969736781405137192&i=28908%2C27835%2C29981&j=24%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1678934103836&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jcw6wt12gjdeks4b4gnrapx75hyk3v2d86vdy5tvbgdpvh60v2asea1x2nb82337jt5vn768hhhj22eat1mg2768g4b470284a4hqq0hc0x1vdazce949zwwbczsw9r2hkaa1k6xwyfra77ht8w6vv9vt6fyngwjnrpts6pkp3b4g3c3y8h78sym3wvcm4gkn5g0r1rkkzn64xpxyj2rbcga6kycz9d05w58zk7pmcyfdzd9n7p8am028rbaky6mypzw90gapcqe3zvaa71mdyx%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC8NDHVoASZPHNA6zHx_APrJee-AGQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi00NjYzNzUzNDY3OTk5NTk0yAEJqQIA52cef7-xPuACAKgDAaoEgAJP0K-bFVbdti8XsUr0ZV5Yr66sXCp57Dtpc6TqSzxMVHTg1VLEHk0ETeXxmK4mnTOycMA1pLE3fnnPd-TroSxasfGhGrDgs8RXwt3xpd_vjD6qH4QhYyMKB6me7mxmpFLn9ToUmv2zwU70xn6Zx_4IL_m7BlRr5zOcngVhO3sMU5Gnui52Gg6t2_AQbZr0GNdul7WHuyE2_K52bmzaF1a9BsPEf0U2Ff2touLkkrA8x_WEsBZqJr_w2kGuaVyOwofbowzsKMPqkOYOUPo1dIs2AU0p5OPx3JZjom6UxTZlM1_sQrzEiU1phUtz6s8qE59QtrecZk_Keq9nougYFgON4AQBgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2xgkY2wtJNXXK1WyWe-SzTrqvKdQ%2526client%253Dca-pub-4663753467999594%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.37.204.178 -, , ASN (),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
870f41518e409f62cb8fb5b51f8daf678dea6b3da96c4e9952327ee5ed2cdeab

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:35:04 GMT
last-modified
Fri, 12 Feb 2021 14:26:14 GMT
server
nginx/1.10.3 (Ubuntu)
accept-ranges
bytes
etag
"60269006-33610"
content-length
210448
content-type
image/jpeg
pvClk.min.js
analytics.webgains.io/ Frame 285F 		85 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.webgains.io/pvClk.min.js
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=3641431&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1hf7bc114e5245zsh16ks8kea2zk0hw022snzk3tm611avey2bc281yq86av6rx35yq87pkpyg7rem7n015gzt5wz9n7h7n1gn4d951v54scfkze4xmrmr0j3xpe734zrnys2qcg7p05q3mca69rha3n0hqxna9yaay2tngjr9xk4gsp9d5r6hz8xjbfc5cp6tw07kyvxhjqcq2bmz225f0h4jhtyyefpht7sf2bxaehkr1ac8rqynpgvmkpvsa1hke0%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1kfqz9v6skd2jye7dyyy3cd7q1kmnh209sppdnst3gm7bnwpnky0jh6y3qh3nhhpfmqtvwy21zke5wekbxa5v0hbw979w9r1epa3w2trnj8swj3h2evk2xzxvy1bhfn2xytkzcyrz3hj1ejsmw6s680xxx4sqpmk0tp7ymjc3256kwjcew18ddfhvq87bm6wf25bnk2m6bxp7p5qjs1t7c6t9v5csqr8graetcnq954wvkcsxk3z4qzv04aqff2y75txzqnzfvr87hx26eyqwt37%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC2rg2VoASZOnUK8Lj7gPklKugB5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2NjM3NTM0Njc5OTk1OTTIAQmpAmUyKe-Vw7E-4AIAqAMBqgSAAk_QXHnjBdlqGlDUc9kBs-Y4gHWeWKh7fFdn5sqqbJ3bcFYlNXUNokN4EEeM3fwfErcBVzFXq7ujR7O7vOyvP7OGGg0-nLRi6_1UTL6wCJuYYUikIPL5a3dUhPTrACFTWWW78m4VXYyOoXJ7Z9dYzfrXkxwDzYIfInFVaJKwY3sRS2GWoWVk3hrq9azKf6V8Lj66Fty8LvoReiAneCS3r5GEWT3yP5kOS_-tqySh3X3wMHiMXJn2CoDzfvM8jBFex20M0qtbGBW7AKDevBAD9KWm15-G_2BEl-nyBHEMs_wuBmjjmmRS9uhSZRBUftMT5fvqv_Wmd4IsdivU8AeMVAbgBAGABrnqssHX0466vgGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_29pSuQS7WbIJCBaoJJQ9HIiAJecw%252526client%25253Dca-pub-4663753467999594%252526adurl%25253D&clickref=oneidWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8Woneid__suite_Netmix_Reach121_BESTPERFORMER&viewref=oneid3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3oneid__suite_Netmix_Reach121_BESTPERFORMER
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-120.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
00c5621a3f56c052959f8f0591b65e893f132b49b1447fde20767966cacbfbfe

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 15 Mar 2023 17:26:36 GMT
content-encoding
gzip
via
1.1 da392114e7046bd9720a70f40c796f62.cloudfront.net (CloudFront)
last-modified
Wed, 08 Mar 2023 12:12:35 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P4
age
32909
etag
W/"876c293e6c37046ecb0c11ce2e276942"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
x-amz-cf-id
Gz5Z2qkrbjbgFd2-R-Doci0egroB4Qq-5RLx1HYP5D5uIvmB8O5j2w==
1619604937_fPkEZHu3MNy3GC7XuV3lA1s9E5XlSAcF.png
cdn.track.production.webgains.team/286305/ Frame 285F 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.track.production.webgains.team/286305/1619604937_fPkEZHu3MNy3GC7XuV3lA1s9E5XlSAcF.png?Expires=1678934404&Signature=VBslONvMt~sIWe32bIx10LMX3QcVQhNKFCuGSTtaKIYXy0raSdKx0lqASuVxORImZsk2kqb4oUA8KmqmaTcBQ8NhyszPJSI0NxKjEwdSPrqsvP7YnyzEqm8SqZIzeJeh~6EtJgnwqwKsRCsUAN9XtLLv7bqGUuBTKLBWYbuovZJGScmpAg0RIinS8PZ0JZK8g1n75roaPuz7aYhDRs4kai6VxTdKIthkL2DqUoMIT98IIHVrZTaJbFY9v97IdAr100XT8OtilZzNNWv7MNIZq013-d9WVoa7ySij19QF3md9~nTdI16HX0HljoPtk9~7FFJAptVmMvYmM0UpI4sL3g__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19458%2C188429%2C197862&b=Z28fwfBf6wRUmHDHDt3tJJZC6SXTQQefY5jB%2CmD8hefGfWJ6jsmHZHZtztJGjTKSwTeezuGgw2%2C3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3&f=9kMaMfmfxEVFKHBH2tzCrr9U9SmTzzmSrbBX%2C791CqfzfjD9JarHXHgtECVdXS4S1TQQ2f2kBW%2CWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W&c=728&d=90&e=&g=64369f81fb561724c4f54962039ede43%2F2990747796723692709&i=20774%2C21596%2C71725&j=14%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1678934103843&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kfqz9v6skd2jye7dyyy3cd7q1kmnh209sppdnst3gm7bnwpnky0jh6y3qh3nhhpfmqtvwy21zke5wekbxa5v0hbw979w9r1epa3w2trnj8swj3h2evk2xzxvy1bhfn2xytkzcyrz3hj1ejsmw6s680xxx4sqpmk0tp7ymjc3256kwjcew18ddfhvq87bm6wf25bnk2m6bxp7p5qjs1t7c6t9v5csqr8graetcnq954wvkcsxk3z4qzv04aqff2y75txzqnzfvr87hx26eyqwt37%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC2rg2VoASZOnUK8Lj7gPklKugB5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2NjM3NTM0Njc5OTk1OTTIAQmpAmUyKe-Vw7E-4AIAqAMBqgSAAk_QXHnjBdlqGlDUc9kBs-Y4gHWeWKh7fFdn5sqqbJ3bcFYlNXUNokN4EEeM3fwfErcBVzFXq7ujR7O7vOyvP7OGGg0-nLRi6_1UTL6wCJuYYUikIPL5a3dUhPTrACFTWWW78m4VXYyOoXJ7Z9dYzfrXkxwDzYIfInFVaJKwY3sRS2GWoWVk3hrq9azKf6V8Lj66Fty8LvoReiAneCS3r5GEWT3yP5kOS_-tqySh3X3wMHiMXJn2CoDzfvM8jBFex20M0qtbGBW7AKDevBAD9KWm15-G_2BEl-nyBHEMs_wuBmjjmmRS9uhSZRBUftMT5fvqv_Wmd4IsdivU8AeMVAbgBAGABrnqssHX0466vgGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_29pSuQS7WbIJCBaoJJQ9HIiAJecw%2526client%253Dca-pub-4663753467999594%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-94.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
60bf02832688d14251ec1c7b8acfda233a91f927f26c7202bdaba781a1f0fcdf

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id
null
date
Wed, 15 Mar 2023 21:11:44 GMT
via
1.1 c6b364b1181abfafd7a69f210841edca.cloudfront.net (CloudFront)
last-modified
Fri, 06 May 2022 10:41:35 GMT
server
AmazonS3
x-amz-cf-pop
FRA6-C1
age
19401
etag
"d4e8f970f24f6d19b53aa92b1907c1ef"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
15054
x-amz-cf-id
8gsPK33mvhSjT9PbW8YG8rpowZlHVFBHu_u2nyatxhwoKmLl-R4jnA==
bid
aax-dtb-cf.amazon-adsystem.com/e/dtb/ 		23 B
461 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fistoe.com.br%2F&pid=1AhrxPUGrEWYS&cb=0&ws=1600x1200&v=23.313.1233&t=2000&slots=%5B%7B%22sd%22%3A%22denakop-auto-under-78903931-df8b-4e65-92cb-76d810d6490e%22%2C%22s%22%3A%5B%22970x90%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F21715141650%2C22452847%2Fistoe.com.br%2Fdesktop_under%22%7D%5D&schain=1.0%2C1!denakop.com%2C0%2C1%2C%2C%2C!google.com%2Cpub-8170966538152543%2C1%2C%2C%2C!adtech.com%2C11627%2C1%2C%2C%2C!contextweb.com%2C560821%2C1%2C%2C%2C!appnexus.com%2C2081%2C1%2C%2C%2C!appnexus.com%2C10528%2C1%2C%2C%2C!indexexchange.com%2C175407%2C1%2C%2C%2C!openx.com%2C537143344%2C1%2C%2C%2C!pubmatic.com%2C156078%2C1%2C%2C%2C!contextweb.com%2C558299%2C1%2C%2C%2C!aol.com%2C57545%2C1%2C%2C%2C!yahoo.com%2C57545%2C1%2C%2C%2C!rubiconproject.com%2C23648%2C1%2C%2C%2C!rubiconproject.com%2C23650%2C1%2C%2C%2C!smartahperver.com%2C4014%2C1%2C%2C%2C!contextweb.com%2C560288%2C1%2C%2C%2C!pubmatic.com%2C156439%2C1%2C%2C%2C!pubmatic.com%2C154037%2C1%2C%2C%2C!pubmatic.com%2C156030%2C1%2C%2C%2C!rubiconproject.com%2C16114%2C1%2C%2C%2C!rubiconproject.com%2C13132%2C1%2C%2C%2C!openx.com%2C537149888%2C1%2C%2C%2C!sovrn.com%2C257611%2C1%2C%2C%2C!appnexus.com%2C3703%2C1%2C%2C%2C!groundtruth.com%2C107%2C1%2C%2C%2C!districtm.io%2C101760%2C1%2C%2C%2C!appnexus.com%2C9763%2C1%2C%2C%2C!onetag.com%2C7586ca4ec84e073%2C1%2C%2C%2C!advertising.com%2C28246%2C1%2C%2C%2C!rubiconproject.com%2C11006%2C1%2C%2C%2C!google.com%2Cpub-3769010358500643%2C1%2C%2C%2C!freewheel.tv%2C20393%2C1%2C%2C%2C!freewheel.tv%2C24377%2C1%2C%2C%2C!yahoo.com%2C58905%2C1%2C%2C%2C!aol.com%2C58905%2C1%2C%2C%2C!appnexus.com%2C13099%2C1%2C%2C%2C!smartadserver.com%2C4111%2C1%2C%2C%2C!teads.tv%2C24983%2C1%2C%2C%2C&pubid=2bb0a508-595f-49a8-87af-9e3915fc9884&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.4.150 -, , ASN (),
Reverse DNS
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://istoe.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:35:04 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 bf5c0a6262f04cc4b9a69ef8d737ea96.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P6
x-amz-rid
28419DKAMDWTRW68GAJY
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://istoe.com.br
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
5rquZDRHUw8DLmECYnbRtqi9SbrYjFkSTz9OEqve27_NjvoWdWF03A==
fastlane.json
fastlane.rubiconproject.com/a/api/ 		260 B
806 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23648&site_id=401834&zone_id=2250872&size_id=2&alt_size_ids=55&rp_schain=1.0,1!denakop.com,10076,1,,,!google.com,pub-8170966538152543,1,,,!adtech.com,11627,1,,,!contextweb.com,560821,1,,,!appnexus.com,2081,1,,,!appnexus.com,10528,1,,,!indexexchange.com,175407,1,,,!openx.com,537143344,1,,,!pubmatic.com,156078,1,,,!contextweb.com,558299,1,,,!aol.com,57545,1,,,!yahoo.com,57545,1,,,!rubiconproject.com,23648,1,,,!rubiconproject.com,23650,1,,,!smartahperver.com,4014,1,,,!contextweb.com,560288,1,,,!pubmatic.com,156439,1,,,!pubmatic.com,154037,1,,,!pubmatic.com,156030,1,,,!rubiconproject.com,16114,1,,,!rubiconproject.com,13132,1,,,!openx.com,537149888,1,,,!sovrn.com,257611,1,,,!appnexus.com,3703,1,,,!groundtruth.com,107,1,,,!districtm.io,101760,1,,,!appnexus.com,9763,1,,,!onetag.com,7586ca4ec84e073,1,,,!advertising.com,28246,1,,,!rubiconproject.com,11006,1,,,!google.com,pub-3769010358500643,1,,,!freewheel.tv,20393,1,,,!freewheel.tv,24377,1,,,!yahoo.com,58905,1,,,!aol.com,58905,1,,,!appnexus.com,13099,1,,,!smartadserver.com,4111,1,,,!teads.tv,24983,1,,,&rf=https%3A%2F%2Fistoe.com.br%2F&tk_flint=pbjs_lite_v7.11.0&x_source.tid=39d4f636-b912-4dcf-917a-aa3620a35fc9&l_pb_bid_id=2b6061c557faea&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.823518751984041
Requested by
Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 -, , ASN (),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
f689c53303487e477b2e0c0bc80b336c0094a20e11fd0fb3b00f4e71ff3c4585

Request headers

Referer
https://istoe.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 16 Mar 2023 02:35:04 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://istoe.com.br
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
260
expires
Wed, 17 Sep 1975 21:32:10 GMT
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 -, , ASN (),
Reverse DNS
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://istoe.com.br
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://istoe.com.br
access-control-max-age
600
age
0
content-length
0
date
Thu, 16 Mar 2023 02:35:04 GMT
server
ATS/9.1.10.25
hb
cpm.denakop.com/ 		0
259 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cpm.denakop.com/hb?zone=166141&v=1.6
Requested by
Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.245.57.72 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://istoe.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 16 Mar 2023 02:35:04 GMT
Server
nginx
Age
0
Access-Control-Allow-Origin
https://istoe.com.br
Cache-Control
no-store
Access-Control-Allow-Credentials
true
Connection
close
Content-Length
0
prebid
ib.adnxs.com/ut/v3/ 		14 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.123 -, , ASN (),
Reverse DNS
Software
nginx/1.23.2 /
Resource Hash
d19ea8f9fb0eb0b8ad41811928a26d26ffeeeadca248301dd2e3b76a49a3e7d7
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://istoe.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 16 Mar 2023 02:35:04 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
185.213.155.141; 185.213.155.141; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
952a6be4-91c8-4304-8811-08aa004c9d6e
Server
nginx/1.23.2
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://istoe.com.br
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		144 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.123 -, , ASN (),
Reverse DNS
Software
nginx/1.23.2 /
Resource Hash
b4d8b61135c53ee5505a64a70a48ec1336af6c4d67210303aca6a276a4e51560
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://istoe.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 16 Mar 2023 02:35:04 GMT
AN-X-Request-Uuid
c9ca2487-a174-4164-b751-ca028307a003
Server
nginx/1.23.2
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://istoe.com.br
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
185.213.155.141; 185.213.155.141; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
144
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid-request
onetag-sys.com/ 		15 B
359 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://istoe.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://istoe.com.br
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
bids
prebid-us.creativecdn.com/bidder/prebid/ 		0
175 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-us.creativecdn.com/bidder/prebid/bids
Requested by
Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.10.30 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://istoe.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://istoe.com.br
date
Thu, 16 Mar 2023 02:35:04 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
v1
prg.smartadserver.com/prebid/ 		171 B
559 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.123 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://istoe.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 16 Mar 2023 02:35:04 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://istoe.com.br
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
339 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 -, , ASN (),
Reverse DNS
Software
ATS/9.1.10.25 /
Resource Hash
17299800996e699fa53028dd39875b99b727113f3aff24a50bc15798d946da7d

Request headers

Referer
https://istoe.com.br/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 16 Mar 2023 02:35:04 GMT
content-encoding
gzip
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://istoe.com.br
access-control-allow-credentials
true
content-length
84
tracking-event
api.webgains.io/ Frame A7D1 		16 B
232 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.41.33.70 -, , ASN (),
Reverse DNS
Software
nginx / PHP/8.1.14
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 16 Mar 2023 02:35:04 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/8.1.14
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
tracking-event
api.webgains.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.41.33.70 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-headers
Authorization, Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
*
date
Thu, 16 Mar 2023 02:35:04 GMT
server
nginx
collect
p.clarity.ms/ 		0
292 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://p.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/eus2-sc/s/0.7.2/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.122.63.128 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://istoe.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://istoe.com.br
Date
Thu, 16 Mar 2023 02:35:04 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
api.gif
tags.denakop.com/ 		0
0
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=istoe.com.br
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031301.js?cb=31073052
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://istoe.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:35:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=istoe.com.br
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031301.js?cb=31073052
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://istoe.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 02:35:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
tags.denakop.com
URL
https://tags.denakop.com/api.gif?a=10076&d=desktop&b=Chrome&o=Windows&v=4.18.8&sw=1600&sh=1200&ac=a&p=https%3A%2F%2Fistoe.com.br%2F&t=1678934104605&cb=0.1039278953332381&aa=under
Domain
securepubads.g.doubleclick.net
URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3102037318906712&correlator=3026057470738423&eid=31072989%2C31073052%2C31073061&output=ldjh&gdfp_req=1&vrg=2023031301&ptt=17&impl=fif&iu_parts=21715141650%3A22452847%2Cistoe.com.br%2Cdesktop_under&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=970x90%7C728x90&ifi=12&adks=92207098&sfv=1-0-40&prev_scp=dk_refresh%3Dtrue%26index%3D1%26hostname%3Distoe%2Ccom%2Cbr%2Cistoe.com.br%26pathname%3D%252F%26placement_name%3Dunder%26secom%3D1%26tier%3D1%26amznbid%3D2%26amznp%3D2%26hb_format%3Dbanner%26hb_size%3D728x90%26hb_adid%3D1746727d2f0b8cb%26hb_bidder%3Dappnexus&sc=1&cookie=ID%3Dc9a49f4596803e05%3AT%3D1678934099%3AS%3DALNI_MYL7ODz25yoPElhMuATvvHLMvbugA&gpic=UID%3D00000bc694c01f6c%3AT%3D1678934099%3ART%3D1678934099%3AS%3DALNI_Ma3GpGjFYrwaLNlVHVN0QnF6k2bfg&abxe=1&dt=1678934104612&lmt=1678934104&dlt=1678934096045&idt=1402&adxs=0&adys=0&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=c&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fistoe.com.br%2F&frm=20&vis=1&psz=1600x16363&msz=970x-1&fws=516&ohw=1600&ga_vid=1307452278.1678934097&ga_sid=1678934100&ga_hid=1946241729&ga_fc=true

Verdicts & Comments Add Verdict or Comment

249 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 boolean| credentialless function| w3tc_load_js function| $ function| jQuery function| clarity number| width number| banner_width number| padding_d_width number| padding_e_width number| area_do_site boolean| show_ads_lateral object| slot_side_direita object| slot_side_esquerda function| gtag object| dataLayer object| _comscore string| GoogleAnalyticsObject function| ga object| _taboola object| _newsroom object| PDFObject object| wpp_params object| WordPressPopularPosts function| janelaSecundaria undefined| RefreshID object| bootstrap number| w3tc_lazyload object| lazyLoadOptions function| _toConsumableArray function| _nonIterableSpread function| _iterableToArray function| _arrayWithoutHoles function| _extends function| _typeof function| LazyLoad object| _ilabsPushConfig object| IlabsPush number| newsroomStartsLoadingTime object| tbNewsroom object| TRC object| _tblConsole string| pm_pgtp undefined| msg object| COMSCORE object| ns_p object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| getFunctionFromString object| preloadImages object| googletag object| ggeac object| google_js_reporting_queue function| __trcCopyProps function| __trcFromError function| __trcClientTimestamp function| __trcLog function| __trcError function| __trcDebug function| __trcInfo function| __trcWarn function| __trcWarnUsingBeacon function| __trcDOMWalker function| __trcJSONify function| __trcUnJSONify function| __trcTrim function| __trcGetElementsByClass function| __trcToArray function| __trcObjectCreate function| PageManager function| addHashParam number| trc_debug_level string| trc_article_id object| TRCImpl number| taboola_view_id object| google_tag_manager function| onYouTubeIframeAPIReady object| PushnewsSubscription object| Cookies function| uuidv4 object| vttjs function| WebVTT function| videojs boolean| _tb_dis string| pm_ppy string| _pmep string| _pmep_geo string| _pmpmk boolean| _pmasync boolean| _pmoptimization boolean| _pmoptimizationmanipulation boolean| _pmhp boolean| _pmsb object| pmk object| pmglb object| pmfa object| pmad object| pmdebug_c object| _pmenv object| _pma undefined| _tb_d undefined| _tb_rand object| _pm_ecd string| _tb_vpx function| _pmloadfile function| pmws_request_done function| _tb_getUrlParameter undefined| google_measure_js_timing function| inject_ads function| createScript function| timeout function| inject_vejatambem function| TBClickToPlayVideo function| TBClickToPlayVideoElem function| TBVideoElem function| TBVideoEvents function| TBOptimizationAutoPlayInfoFromXPathAndURL object| _pmk function| TBWidgetVideoPlayer function| TBGenericVideoModule function| TBOtherPlayer function| TBVideoMetaData function| TBVideo function| TBVideoDetectionYoutubeAPI function| TBOptimizationTouchAndClickEventTracker function| TBWidgetStorage object| PMFileLoader object| PMPage object| PMTemplate function| PMTracking function| PMUniversalGA function| PMMdotLabs function| PMComScore function| PMPublisher function| TBOptimization function| PMGlobal function| pmws_getlocation_done object| pmdebug object| pmws object| oi object| _pm_mcg string| nam object| placementData object| cmTag object| _cm_wfCounters string| lastWfUrl object| regeneratorRuntime function| webpackHotUpdate function| startCMTagMain string| category function| shuffle object| entertainment object| arrToUse object| playlist string| vpaidId function| OvaMediaPlayer object| tbopt object| tempwin string| wsHost object| s object| x object| _qevents function| e function| h object| win number| __WS_BOOT function| quantserve function| __qc object| ezt object| _qoptions object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| GoogleGcLKhOms object| __wsconf function| ws_fpVal object| s0 object| s1 object| s2 object| s3 object| swfobject string| IbtRealTimeSJType function| loadOrtcFactory function| OrtcFactory function| OrtcError function| ortcIsValidUrl function| ortcIsValidInput function| ortcIsValidBoolean function| ortcIsFunction function| ortcIsString function| ortcIsArray function| ortcStrToArray function| IbtRealTimeSJ function| SockJS object| google_image_requests function| EventEmitter object| __WSAPI string| mappingUrl boolean| __WSLoaded number| connectionMetadataMaxSize object| ws_zones number| _rl_cn string| _rl_ptc object| _rl_ids object| _rely object| __ducp_data__ object| platform function| log function| logDebug boolean| NODEBUG object| duToken object| forms undefined| ducp_mapforms object| du object| t2 function| scriptHasBeenDefined object| _w object| _d string| eventMethod function| eventer string| messageEvent object| _idx string| _ducp string| SOCKET_SERVER

96 Cookies

Domain/Path Name / Value
.istoe.com.br/ Name: _gid
Value: GA1.3.1495439294.1678934097
.istoe.com.br/ Name: _gat
Value: 1
.istoe.com.br/ Name: _gat_rede
Value: 1
www.clarity.ms/ Name: CLID
Value: 5c14e7b517f344eea293ea71ecbace84.20230316.20240315
.istoe.com.br/ Name: _ga_6VP0875DQD
Value: GS1.1.1678934096.1.0.1678934096.0.0.0
.istoe.com.br/ Name: _ga
Value: GA1.1.1307452278.1678934097
istoe.com.br/ Name: nvRefUUID
Value: 2951747d-9d43-4561-8c90-a13622701503
istoe.com.br/ Name: nvUUID
Value: 2951747d-9d43-4561-8c90-a13622701503
.istoe.com.br/ Name: _clck
Value: 1emlzo7|1|f9y|0
.istoe.com.br/ Name: _ga_LNVZMYDN5E
Value: GS1.1.1678934097.1.0.1678934097.0.0.0
istoe.com.br/ Name: _tb_sess_r
Value:
istoe.com.br/ Name: _tb_t_ppg
Value: https%3A//istoe.com.br/
istoe.com.br/ Name: trc_cookie_storage
Value: taboola%2520global%253Auser-id%3Dc647f624-debf-4148-ba73-3d112299c401-tuctb0c05d0
.istoe.com.br/ Name: _clsk
Value: 10prx8i|1678934097877|1|0|p.clarity.ms/collect
.yahoo.com/ Name: A3
Value: d=AQABBFGAEmQCEHbnk0JQ-wlcFuu1ajVDhIUFEgEBAQHRE2QcZAAAAAAA_eMAAA&S=AQAAAgUf4zyAe7hF6QOK5_5K-GM
.myvisualiq.net/ Name: tuuid
Value: 2e2c77ea-f981-460c-ab19-e859a1852eda
.myvisualiq.net/ Name: c
Value: 1678934098
.myvisualiq.net/ Name: tuuid_lu
Value: 1678934098
.bing.com/ Name: MUID
Value: 095BE670DD7B69680811F4A6DC1068EB
.c.bing.com/ Name: MR
Value: 0
.c.bing.com/ Name: SRM_B
Value: 095BE670DD7B69680811F4A6DC1068EB
.c.clarity.ms/ Name: SM
Value: C
.clarity.ms/ Name: MUID
Value: 095BE670DD7B69680811F4A6DC1068EB
.c.clarity.ms/ Name: MR
Value: 0
.c.clarity.ms/ Name: ANONCHK
Value: 0
.quantserve.com/ Name: mc
Value: 64128053-dc3f7-5c03b-32017
.istoe.com.br/ Name: __qca
Value: P0-1265558578-1678934099680
.bidswitch.net/ Name: tuuid
Value: eb5a15d1-2b9b-4697-99d2-a0f6b0af0b0c
.bidswitch.net/ Name: c
Value: 1678934100
.bidswitch.net/ Name: tuuid_lu
Value: 1678934100
.adnxs.com/ Name: uuid2
Value: 3657491859309942484
.3lift.com/ Name: tluid
Value: 128422395306321318279
.webspectator.com/ Name: ___ws_gid
Value: 6BBC6A4BF298085C
.istoe.com.br/ Name: ___ws_ses
Value: 6BBC6A4BF298085C.1
.istoe.com.br/ Name: ___ws-sr
Value:
.istoe.com.br/ Name: ___ws_vis
Value: 6BBC6A4BF298085C.1678934100524
.istoe.com.br/ Name: ___ws_ses_sec
Value: 4771:1678934100524
.istoe.com.br/ Name: ___ws_vis_sec
Value: 4771:1678934100524
.pubmatic.com/ Name: KTPCACOOKIE
Value: YES
.simpli.fi/ Name: suid
Value: D8ACA06350D24CF5A364B7DEDB2460F0
.travelaudience.com/ Name: _tracker
Value: %7B%22UUID%22%3A%2218081517-4840-4C64-A76F-12219C7D2388%22%7D
.adform.net/ Name: C
Value: 1
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 4763FEEB-BBC8-4BEB-8D48-C1F9EEFB1915
.adform.net/ Name: uid
Value: 12973233968663271
istoe.com.br/ Name: ___ws_d_st
Value: {}
istoe.com.br/ Name: ws-refr
Value: https://istoe.com.br/
.quantserve.com/ Name: d
Value: EHMBCQHDKIEA
ads.travelaudience.com/ Name: _tracker
Value: %7B%22UUID%22%3A%2218081517-4840-4C64-A76F-12219C7D2388%22%7D
.lijit.com/ Name: ljt_reader
Value: GUVbuGZHvBNjuENaQKekY4O-
istoe.com.br/ Name: _ducp
Value: eyJfZHVjcCI6ImI4OTM3YzZhLWU2ZmMtNDI3Ni1hOTc0LTczNjU2ZDUwMmEzNyIsIl9kdWNwcHQiOiIifQ==
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZBKAVQAAAd9UzABG
.casalemedia.com/ Name: CMID
Value: ZBKAVfho4sdd9xtVFr86WwAA
.casalemedia.com/ Name: CMPS
Value: 5273
.casalemedia.com/ Name: CMPRO
Value: 5273
.retargetly.com/ Name: _rlid
Value: 925d32e2-f5b2-4194-978f-0a1081db4ee1
www.dataunion.com.br/ Name: _ducp
Value: eyJfZHVjcCI6ImI4OTM3YzZhLWU2ZmMtNDI3Ni1hOTc0LTczNjU2ZDUwMmEzNyIsIl9kdXVwZGF0ZSI6ZmFsc2UsIl9kdXVwZCI6ZmFsc2V9
.awin1.com/ Name: awpv20044
Value: 412871|1678934101|26b7aad1-c3a3-11ed-b6bf-22318f8574b4
.adfarm1.adition.com/ Name: UserID1
Value: 7210967055943596185
www.conrad.de/ Name: CEAffHA
Value: YD
.www.conrad.de/ Name: __cf_bm
Value: AYlPsqlzBb_Y5Nej7GswPPUSkR9AxUI45sLuyI43q1M-1678934101-0-AS7hOitXeYU+TOidXfiDxc12P2gGA8rSkDoQuUOVe5dyDEQ/oYltfalO6+2EPY92ES4LHgflhI3RWLnchkS4eqw=
.w55c.net/ Name: wfivefivec
Value: 2J72JfMf1PCDsh5
.w55c.net/ Name: matchgoogle
Value: 5
.tapad.com/ Name: TapAd_TS
Value: 1678934101684
.tapad.com/ Name: TapAd_DID
Value: b4e5b885-f9a9-4e00-a35c-df4d55ba7b79
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:
.mgid.com/ Name: __cf_bm
Value: LeiHWPz5W7k91hOshH3i0nLcNYu6EPTTLA.pgGPvXyk-1678934101-0-AQrtFyiOTKp64CUIL3/DjSSzBMNF/ldKxtEo96yFS+TikBESpukQDphX5aV4PfnB6HPldW5ppN70kNYBoq9EhNg=
.analytics.yahoo.com/ Name: IDSYNC
Value: "195y~2aje:18yx~2aje:19ai~2aje"
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: pbw
Value: %24b%3d16999%3b%24o%3d11100
.o2online.de/ Name: nscQ485
Value: V
.smartadserver.com/ Name: pid
Value: 7734040373042207648
.mathtag.com/ Name: uuid
Value: 5aad6412-8056-4c00-b421-3afef93234ab
.mathtag.com/ Name: mt_mop
Value: 4:1678934102
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-3b994b2c-63b0-47b3-9d51-5bae167327eb-003%22%7D
.mathtag.com/ Name: mt_misc
Value: mt_bt:1
.de17a.com/ Name: guid
Value: 1.7523179502931775215
.awin1.com/ Name: awpv11354
Value: 412871|1678934101|26efd1d0-c3a3-11ed-9d45-2261c3620022
.awin1.com/ Name: AWSESS
Value: 377133:2470172
.innovid.com/ Name: uuid
Value: 827af230-9874-4eb5-a483-b5407c4d534d-20230315 22:35:01
www.conrad.de/ Name: HTLP_timestamp
Value: 1678934101937
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-3b994b2c-63b0-47b3-9d51-5bae167327eb-003%22%7D
.o2online.de/ Name: nscT485
Value: v01MTQyMTExMzExMTExMTExMTEwMTQyMTMyMDAwMDAwMDA2MTY3ODkzNDEwMnZsZWExZGUyMDIzMDMxNjAzMzUwMTgyODg5NzQzNzc1WDEyMDIxMVYxMjI2MTMyNzAyTVN2aWV3b25laWQxUVl0YmZLZlh6WHM5SGRIOXRBdDIycmgyU0tUR0c4U3g3WFFvbmVpZF9fc3VpdGVfTmV0bWl4X1JlYWNoMTIxX0JFU1RQRVJGT1JNRVIxMjAyMTE
.o2online.de/ Name: webShopPV
Value: ?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_120211_-HTLP&utm_term=AFF_la_120211_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=2023031603350182889743775X120211V1226132702MSviewoneid1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQoneid__suite_Netmix_Reach121_BESTPERFORMER&wfid=120211&affiliateId=v01MTQyMTExMzExMTExMTExMTEwMTQyMTMyMDAwMDAwMDA2MTY3ODkzNDEwMnZsZWExZGUyMDIzMDMxNjAzMzUwMTgyODg5NzQzNzc1WDEyMDIxMVYxMjI2MTMyNzAyT
.retargetly.com/ Name: _rlmp1
Value: 2||1678934102&&9||1678934102&&10||1678934102&&11|CAESEPytLPQPPCWE_mW5ksAlaDM|1678934102&&13||1678934102&&14||1678934102&&22||1678934102&&23||1678934102&&24||1678934102&&27||1678934102&&39||1678934102&&51||1678934102&&63||1678934102&&70||1678934102&&72||1678934102&&74||1678934102
istoe.com.br/ Name: ortcsession-w5tlOg-s
Value: 1c8dc243102a295a
.doubleclick.net/ Name: IDE
Value: AHWqTUmsFRcS9ygHudBNFeuPJ8m_T5NaNH-5Aovfx3GKIsbx0qxrX5SsC8gQGGeV6V4
.ctnsnet.com/ Name: gid_CAESEGTzDEZTDv90a38cJwFw8nI
Value: 1
.ctnsnet.com/ Name: cid_07210da06c7644ca97c14464daf8292d
Value: 1
rt.idx.lat/ Name: _idx3p
Value: {"ridx":"9ad1b0bb2ed79283ca85d05340b5da01094e8fd26bccd5c82ec7f146518fb702"}
.istoe.com.br/ Name: __gads
Value: ID=c9a49f4596803e05:T=1678934099:S=ALNI_MYL7ODz25yoPElhMuATvvHLMvbugA
.istoe.com.br/ Name: __gpi
Value: UID=00000bc694c01f6c:T=1678934099:RT=1678934099:S=ALNI_Ma3GpGjFYrwaLNlVHVN0QnF6k2bfg
istoe.com.br/ Name: ortcsession-w5tlOg
Value: 1c8dc243102a295a
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_1vFwmtoZm5haWxiaGBkZGgIAFGAd2QQAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNjU0NjY2sjQ1MjE3NDCzNLQ0NhfiM9T1zErLzc8vNTb1K4gAANlMDBAlAAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNjU0NjY2sjQ1MjE3NDCzNLQ0NhfiM9T1zErLzc8vNTb1K4gAANlMDBAlAAAA
.tribalfusion.com/ Name: ANON_ID
Value: a3nu7qM0ing9PBmSUP9I75GCvZdPV0YlKtNCGE6WHwp3P7R2DrcYQjL28pBZaMgKC3KJ5A2QcqcFn9pWZbk0gpgbfPO7PNYid1OrP4bcQDM

4 Console Messages

Source Level URL
Text
other warning URL: https://3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html(Line 15)
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.
network error URL: https://id.rlcdn.com/466606.gif?cparams=google_push%3DAa02lx8Qz6i-8PI6vAISfejaEDfj-A4srJbHb6QF5H1Rqa95dtmwbIKNEH_0A8HJYyzzgoThK_A5qv5LNAssGmj4uLnU-n7ARio&google_gid=CAESEMQ6JMWPMmsMSAqUmMKkOYc&google_cver=1
Message:
Failed to load resource: the server responded with a status of 451 ()
network error URL: https://bcp.crwdcntrl.net/map/c=11530/tp=RTRG/tpid=925d32e2-f5b2-4194-978f-0a1081db4ee1
Message:
Failed to load resource: the server responded with a status of 404 ()
javascript warning URL: https://istoe.com.br/
Message:
The resource https://istoe.com.br/wp-content/plugins/w3-total-cache/pub/js/lazyload.min.js?x65938 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3e369a5eaa319901d300537b3af51b37.safeframe.googlesyndication.com
a.tribalfusion.com
aax-dtb-cf.amazon-adsystem.com
ad.doubleclick.net
ad4m.at
ads.eu.criteo.com
ads.travelaudience.com
adservice.google.com
adservice.google.de
ag.innovid.com
ajax.googleapis.com
am-match.taboola.com
am-trc-events.taboola.com
am-vid-events.taboola.com
am-wf.taboola.com
analytics.webgains.io
ap.lijit.com
api.retargetly.com
api.webgains.io
app.retargetly.com
as.ad4m.at
assets.ad4m.at
b.smrk.io
banner.congstar.de
bcp.crwdcntrl.net
c.amazon-adsystem.com
c.bing.com
c.clarity.ms
c1.adform.net
c2.taboola.com
c2shb.pubgw.yahoo.com
cat.nl3.eu.criteo.com
cdn.jsdelivr.net
cdn.pn.vg
cdn.taboola.com
cdn.track.production.webgains.team
cdnjs.cloudflare.com
cds.taboola.com
cm.g.doubleclick.net
cm.mgid.com
cms.analytics.yahoo.com
cms.quantserve.com
cpm.denakop.com
csm.eu.criteo.net
d5p.de17a.com
dclk-match.dotomi.com
dsp.adfarm1.adition.com
eb2.3lift.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
gcm.ctnsnet.com
gum.criteo.com
ht.uppr.de
ib.adnxs.com
id.rlcdn.com
image6.pubmatic.com
imageproxy.eu.criteo.net
imprammp.taboola.com
istoe.com.br
match.adsrvr.org
msgws.webspectator.com
nr-events.taboola.com
onetag-sys.com
osp-assets.pn.vg
p.clarity.ms
p.rfihub.com
pagead2.googlesyndication.com
partner.o2online.de
pb.media01.eu
pips.taboola.com
pix.eu.criteo.net
pixel-sync.sitescout.com
pixel.mathtag.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.tapad.com
pm.w55c.net
ppwgfd.aladin-shishashop.de
pr-bh.ybp.yahoo.com
prebid-us.creativecdn.com
prg.smartadserver.com
prod-rtb.ad4mat.net
pv.medialead.de
pvx.freenet-mobilfunk.de
region1.google-analytics.com
resources-rt.idx.lat
retargetly-match.dotomi.com
rt.idx.lat
rtb.fr.eu.criteo.com
rtb.nl3.eu.criteo.com
rtb.openx.net
rules.quantcount.com
s.ad.smaato.net
s.tribalfusion.com
sb.scorecardresearch.com
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
ssum-sec.casalemedia.com
static-de.ad4mat.net
static.criteo.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.mathtag.com
sync.smartadserver.com
sync.taboola.com
sync.targeting.unrulymedia.com
sync.teads.tv
t.myvisualiq.net
taboola-supply-partners.tremorhub.com
tags.bluekai.com
tags.denakop.com
token.rubiconproject.com
tpc.googlesyndication.com
tps.doubleverify.com
track.webgains.com
trc.taboola.com
trck.trendtours.de
um.simpli.fi
ups.analytics.yahoo.com
vidstat.taboola.com
vidstatb.taboola.com
webservices.webspectator.com
wf.taboola.com
wfpscripts.webspectator.com
widget.perfectmarket.com
www.awin1.com
www.clarity.ms
www.conrad.de
www.dataunion.com.br
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.lead-alliance.net
www.telefonica-partner.de
x.bidswitch.net
securepubads.g.doubleclick.net
tags.denakop.com
104.109.78.125
104.111.217.14
104.111.217.42
108.138.4.150
13.224.195.78
13.32.99.105
13.41.33.70
141.226.224.32
141.226.228.48
142.250.186.166
145.239.193.130
151.101.1.44
151.101.2.49
151.101.65.44
167.233.13.224
172.217.18.98
178.250.1.6
18.132.110.241
18.157.107.92
18.66.147.120
185.184.10.30
185.29.132.241
185.64.189.115
185.80.39.216
185.86.138.123
185.86.139.102
187.72.39.252
193.0.160.130
2.18.233.201
2.19.44.80
20.122.63.128
2001:4860:4802:34::36
212.82.100.182
213.155.156.164
213.19.147.45
216.52.2.30
2600:1901:0:76b9::
2600:1f18:612b:4280:a5fb:d412:b74d:aafb
2600:9000:211e:c400:1b:5138:8a40:93a1
2600:9000:223c:be00:6:44e3:f8c0:93a1
2602:803:c003:200::21
2606:4700:10::6816:118d
2606:4700:10::6816:4acb
2606:4700:1::6813:874e
2606:4700:20::681a:bd1
2606:4700:20::ac43:444e
2606:4700:20::ac43:4a81
2606:4700:4400::6812:20ce
2606:4700::6810:5514
2606:4700::6811:180e
2606:4700::6812:160e
2606:4700::6812:18ad
2606:4700::6812:7f05
2606:4700:e0::ac40:6c22
2620:116:800d:21:de2e:c7b3:55c0:d5a0
2620:1ec:4e:1::45
2620:1ec:c11::200
2a00:1450:4001:800::2002
2a00:1450:4001:802::200e
2a00:1450:4001:806::2001
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2003
2a00:1450:4001:810::2001
2a00:1450:4001:810::2002
2a00:1450:4001:811::2003
2a00:1450:4001:827::2008
2a00:1450:4001:828::2002
2a00:1450:4001:828::200a
2a00:1450:4001:829::2004
2a00:1450:4001:82a::2002
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::200a
2a00:1450:400c:c0c::9d
2a02:2638:3::10
2a02:2638:3::12
2a02:2638:3::9
2a02:2638::1c
2a02:2638::2
2a02:2638::21
2a02:2638::3
2a02:2638::c
2a02:fa8:8806:16::1370
2a05:d018:d29:3601:84c0:cef:b29e:4061
2a05:d01c:1d8:8102:54e2:82c3:807e:8ba
3.75.62.37
34.111.113.62
34.149.12.213
34.192.67.210
34.234.139.177
35.186.193.173
35.187.21.229
35.190.0.66
35.201.85.150
35.204.74.118
35.227.252.103
35.244.174.68
37.157.2.234
37.252.171.149
37.252.172.123
40.121.178.25
51.83.212.112
51.89.9.254
52.0.154.92
52.1.252.251
52.223.40.198
52.28.203.152
52.49.217.141
52.59.122.232
54.183.1.6
54.37.204.178
68.219.88.97
69.173.144.165
76.223.111.18
77.245.57.72
84.200.5.215
85.114.159.93
87.118.116.9
88.198.250.30
98.98.134.241
99.86.4.94
0009480b1873bd79f5081f2a3c029af6f0a7f03c5902fae0bb7e757610ee736e
00c5621a3f56c052959f8f0591b65e893f132b49b1447fde20767966cacbfbfe
01caf20e667c8e300960582162f912d9405e9895c32cff1a9ee95511fd509a2c
028565858aca93c3b487996eb5af450fa2671990023c0a38f485a16513d26013
0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66
053a545a2651da3eb3900d00bf4d2a71cd6963612e64bfac036ba55554b2672b
05dd96763d6ab50bed3a089eb3392d895c60fcca638ae1ff8dcdeb14d5a23179
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
071e56fe3f3967f8312341ae975d3e716a31d2fb1dea8b8a12adbcb644ea0baf
07ec4e6a98caaba912fb93b8d0546b8a91c4a1c456afc59bbbfa45653b7a82b9
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
09fe7be89711f0dc0ba47ab8a1a1865df7b660a1f1359d29c4c3445683d2f61f
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b3fc7c6e9295f03e0a46e2abbb4f10fdf3e47e11717a252346a336a4bdc42f2
0b7a2e22390448cbf35083cdb344b2badf44642e8e79e4fcdcf5437bb39b0635
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0cc01b5dd09d3920395c31c328b85ac5793e09f44da34a267d2c7e178bf5ca3a
0d89ab019fdc4db07a89ba39546aa0ef86110eb0478c636a033e8ac5e5fb6acb
0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94
0e162d427904ff2a6ab71a99d3ba1dad74557f27fc763cade590a9e2894507aa
0e266d76801a31dc011efef36a2cdc3eb4b4c218a9f8f259c2252c71311d9316
0e4eb7f40c46d814caf5748fc98e27ca8be758f1c82ecb7c1cfc9a61e06a74e1
0e5993455d9c1d2babbfcbd2c9936b267fe88b5d597769a2aff8b7ce7f249b6d
0e7570b4fbe6a40102d4187d13a43ad7435b1567fa5e7a8752570ebda68b58a3
10f2c22d2623cf0907fe0aefb6b4a3f6541cf26dcc2384f30368ae84efff23d3
1285418564ad994095d4818a7f67d208215b4674b1c2c3ced46fe691eb6f3cf1
12af7975664854ca36da674714083fa05297940fce71e42dabf688e2eb19a0f1
130424464126de3f030995d9c9e4cab9dd45ed63918f4fd2bcd7216048487834
14d84079758cedde0bb45369cb6f7e7d25cc3b287605e00d42805514fdd0b83c
159b24f26e27f72c02e2b510a8f9f5d7127f018ada04b763349bb1cdf84721b2
1684a43a0a3c5b12b78fe86419fc262b1c950d45bab5009758b1273eb5c60986
1693c45f95e0ff8cac55b57471d5a05cbd0c15a6c6df89f7cb78710ea7897f52
17299800996e699fa53028dd39875b99b727113f3aff24a50bc15798d946da7d
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
18e97c6cf4c5689618ee5d8697b8220e83afdb3d61e6eb286dde3f4f6ceb59c0
18f670c55099b0297f8ddcd2643c875e7e110735c243132be3024987a570a1a2
19be29aaf096f554b37f197efd1bf8b00396ab03bf7ee5294a979f24858b1bf0
1a54a1907a6443e3c81608130bfed4546eb0ce5d0c8897e1d7a3b43d89ecc367
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432
1c6f59568daa92440b86989c65cd80e534bdb6790431dbf46ed34e6bad60b652
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
1d86773fa9226aecf40acf8b28020c27460f6f425b2d09a03371e31438fec0a5
1ef9eb1233bfaa6a0827c89f3f5a427c446f84033d172144e8a6abee84d5e39f
1f52c5bc0af7b23f7551662bab58f752ab673b009c02f698a9551754205e3b02
1fbcc160f737bcd31d3edd8068ccc84a19ebcc11217571d31a78e3936e921898
1fe885f298481ea960ea9ea519b5a57a9338534d53c668d807a4077713391e8d
231515acac534354a11000685ba5e093bdf4b6d6bd3ca7455b6bb5a7502c570c
25ff32c841b0ac53eadf452556acbf0a39003b22e76ed8999dc3f0e6b626bf44
263b4fb33d72825df3bc3233191adc056b33d24b65f6ef874650d28b3c85fe9f
26b9853d4c1f427ff83cc49649e43ba00c51c0e9ce8c6315e081a07e5b2072e7
27bd01c8e79dcd85fd696e9d10581f0414f22dc14eb57d48cd8e2d129d275e42
28db2f4e432c31ae09610efd9306a554f8016753b25d6f1c5851387f7ae26da7
29e1d8c14a236e4b772ce93822d138e3e3d462c7b6905468cc195f132a996fa0
2b717dac1235911b8c75e72b4a069871eea2c13244d0097a5202cb12053bd061
2c7bbddc37a3f2283e54f6e7032fde6792042b05b9b0d745103414890bdb38a0
2c7c9de844651cf98bef2eddd7dbdd5655297e226a2e1c43d2db4750eb4d3166
2d5e67a38c9a11424cac19ce192c9fd124a6d74e64d3791a01561dbd3e39c0b4
2d9ca545ec9e7aa79774bbefcd55d2017f02871a4b6d44d7da78f7848cf660cb
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e2d56cece389641b16dea99088a149ade31ad4dd2a3864f501c729dac4543e0
2e8fac6fa9527aaae83a3fc6200472418e1aa0cf42d9ed4422683e8e0192a861
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2fa2ef9406bdb147fd9fb4a7c9b56b5dea19c564eafd4a23042c75e1a3525c60
2ffc90107fd9e6fd40f14e6f57c207e365bad069ab471396cb2cd01f0d9e8da7
307ac4e6b6a2621ed8e34bee06198a23b1ea0deedd0f9a3b156527afc777763d
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31edea158d5cbb71e8151feb75b806d1dc6a54f249137f3a46cbe082cdaf2fe6
32691b1ddb86afce3ca38147476525191fae65f4a47c2adb775604d83a6157b3
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
32daaa0657957a007d7d94f46bba205842696c8b949ce3cf57f7d00d801763c0
32ee8c1cb9d1e4a6064e6d1b3d53b8069a8774646fe08e7d970c562896976153
3331a0486cb3e8a75c8c2fdf02bf80fd8fe2b811dfe5c7b4aa892d38bfcf604a
33e641b70f94e67b49344aab4b9cf588c390e616c40f002eb3cc485e3c4dfc26
3456dcd3eb25196e68e2822cca66a20c2f123bedf5986f159be674e4c40a05cb
350f98951fa87bbd8b395a96d265fa9e4bbce056f193065edf8f71cbd56bcfe1
38cf0f0a1ddbfe3571789926232369a2e69394522990c08511ff1b12ec62b6e1
39ae6b1a1ba72fc9d48b1848e9bc88f4b9da10688232ccca39d85b878db7af32
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618
3a3ace891cf7e0135ad8d40c8c235e14f302551c725c7ecfa865aa413ccb0116
3a48ba6d11055a2a6f840befa14e603650d8ca3d752e16daccd828d3869fb791
3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
409ec418f4bcc227d937d02a45075786a6a6ab2f5aa3cc9dbc6f41cbdd76f35e
418c1cc5e3fe5dab64df68fee91403c4af6a0b5ee68f12c2717956b216b08b8b
41b9b9d488e3a57902a671111dd089363c2f7d3a41ec3177f196abbb7cbac078
426d76224de25de48c22820280fb851e7d9ebc04bfc915b4aec6dfc21821ea37
42e8de9192dee3b3ee8a7529c5883dac20b868000168362d9f287125c95e18a8
439eecbc5ee271e848b2b07d57dc67b391c9f8740f8ca25cf03c7471a2ccdce1
4443eccbe460b086b56483fdbfdaafca2c11c369a796a56c097997b15c160660
450f3ba4e47ee174bd9692b396f264b907d37d2528f53911760f3d0edb785f7e
45e86c861e11ddebad2e2fb03c9ce1da22888214925a48ba3701bf7cad4a7cb1
46167936be0033190267bdf9bec4c9c6045bc5a256ca6c3ab6e465f47b13b012
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46a1b42078127593fb34049ba9f365868d00f467d6e063dd5dc22c875b493abb
490e13f989c599b1ec48f135c287703eae89692cf7d573ca82ae339c52d1fffc
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4a2a801c9c80fdddf923fc6b0c364467a102da2ca6a46afaffca59819f030539
4b0acb5b956e0838f74b55d4693710c5f2f5fb43d6ad98609eb2882ad7df92eb
4b2c328c46e103a5d90c398c1c868b9b1029dda79e1ff1d66d3e99832bc937ac
4bf862f3586f612ddb5751eb35d4e67ea6719bd5049fd103a606f303a025ca1e
4d35e3fa390ee51c342095e08a8836cb29c856ed6837fc5a27696370888f7af3
4df7f50e2efa61e014bfc0784e2d893f4710b245adbd2f43d53c6dc7f9da9f3f
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e902c64b724e110bbb3a8840f46d79f8569949376c73edf7955dbf388159cc5
4eb4d1d5bedb6805642bcdd713d83f53d23909bcb267fb84b2e48f8115e43019
509a5e08a83663773a51eb656b46edc477ffa4a3f687c50d39e2d906e24e6742
524cd3c4415a6c441a525b4aec6d7e9e646a772b1d4a1b0f4542af8afc1eedf5
53f294492662b2285c7ba665b7e1fa88407de3db2ba4bb7587e597842a59a531
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57dbdc175f1f58bbe80ddf65275146a94122010b12be777ae640d0bc41bcbf0f
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5b81c0c3df92018c2a4d26515401d970c93aa91904e690bacb0d924a055b1534
5c21c555767cc7534fbeeb7cffcbdabe1427c714fe961addf92a50c2242bdb7d
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab
5e07088d53a0fe6c0c369b0de23e504097a7a729bed293a44eadd882e3d34879
5e0b1c39c8a80b6444c8e453a9b61b1c9d8abfacf35264ca442b5c0f614682ca
60bf02832688d14251ec1c7b8acfda233a91f927f26c7202bdaba781a1f0fcdf
60dc19da06b0a7e96d376a3b26d529581d8b146408e070c4af5a54ba73730946
611b06da99c3705cbe326e1e3b508a060123625ac8f5452a9e4ff45893bc4ca1
6169b737eda8164703eb60af8bbd410b54f46f10a9ddc68e5ca254be5735b0b7
61bc145fd9ca1411c9df0257cfe7f00dc3512468758629964b32282796e66809
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
630df8ae8d5be96dda129241cd610d157523fb2d1dc1023b99ce9d0e63f5661f
64933d456b5e4866153b8f365d1e41f11406f378c864c3aaa373a970707069b8
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
6a371ac14501ffac6be8d3d91412836f48b19ba6ea5fb246df8f516abf1c8545
6a7f4c8a9af17cac4c92d0fad28e07cc781825be9dd19da205c028b2a49e634a
6b4088267ae7d06f74cc5aa358d34e827f98555a0bba794f28d5dd1c11ae5ad7
6b6319ce3b4b545b569d62b375fb96994ebb64265dc6c0331f8b312c45b5bf94
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c361ebb1e9689b81da1aeaa9b98be9213b44f5eb91fcb03c334e9adc74f568f
6dd9bc6ee0533fd57234b394dd8f94f20dc6c859363d5eea185a0b4991215861
6ea5c941a4ef5e05a75f50fa3306f69e6fa1f8b6a181b28f70dee20ed7de985a
6ffa18de6a57d80459476d5bb52bbb417c61e77d2f92b1328431b4e27cb83141
719377058580946e16f93fe38889e85f67fbdb94420006ba52787a3765e9d34a
72473fce79bb30e1f8563e9aeb6c3b1d57916eaeb8d3196ec67db3dcd650e378
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
73db2a2a4d0933294f7188230306bea80ad011455f5f3a34127d33cbb43eb1c9
73e0c7f304816b1d77d0fbd325454d51414e2fbb612da76cd4fc307ecbdec85d
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
75e0fe33a139622cde1d4bacdef52e609e623b514c56b113c69568fa16c23a12
767def4400888535d13656a65f72f6d4643aad075e9de6b74e6f346ebc7b9522
7af2743ea3709bf7a042f15fe8fe9e56b8fac5cbfac0f4163488d6fe124d0fa7
7e42ab12a1f9f4fae98ca66922274bd751c9793ad0afe0361dad4a1026e5dc70
7e4e0a17a11f8e0006e161e4a387358f2919f2d6868829f07484808d483998df
7e781a3deda03367b8136f6ac04fb0d189629c209c0a22473ce5951e3effa31b
7f5f3c5d80a15e11faf275503721ba8cc1360f03eb0e8f11bf2153aed3e1def3
805c41178b1d12c73f2148a882a353c8a09d35a4c28e063d650f76192cadea84
8070057bdc406fec3f7b52344d540a184f0736adbba929eca535f863a09bf5fa
808fa4968ab2f62af60da7665b566ac9b0693629d28bbee1c9e21394f40b1baf
80a6c8fd3fd83054bdd51a596217f806cec456cd5b176ec5e44a407201a82d2a
80e7bfe2aaa1b8be1ff5792cf190eb4b9e7d922240eea9ccc0a835b2bbde9f56
813845d3f42bbe1f946fbc0aaaf89d4fe7d0af303303612991ca095edae89300
817c9dba862a4f671cc1be8f5fa2140573624a385aba91f57886879f024b2534
835e2796b1d55eb0719b1b32f9e6cbe3e1a05282aae3e0f8bf09698c4459d4b3
84bf33dd9b7a3abb832df0242421046af95f5df2f7b09c252845e0d32954efe7
84df21d422039e1a24bdf909c7537c0a335cebed9b250f3134f360ea1ff208d1
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
84e5aa85594b35c4b60787f4a97e2e1eb369dacbe23d8154f61f60bb0343d465
861e4cd27539274eedfdd65212a140a4c7ccea88e004d23f5234e4db48bc73ae
8677971b119ccdb82af697ff0e08f218490d15116f221d44301f1cc8797e67d4
870f41518e409f62cb8fb5b51f8daf678dea6b3da96c4e9952327ee5ed2cdeab
8884b30509550a89db99d440457a129e6495d5414a2a761ca6b7c2443d220e81
89c4b9ec6341e4f66063430dc2c5956e1363d681eefdb6235654ce51150f3787
8a1c97585f425281e30abeb95848a24b4c1f4cdaf9b8d48cf277506eaaa14822
8b099db3da1b8df039a52f312d3c11cadb45738036cbcb1d27bd693c698a585c
8b836d785672ba3162f8f75ea2542794afc5a8d86b875f6531aedd36ea2aaddb
8d06096e18b07b7e8f8ae4e5ee75d62d857b039bcb4e2eec077526815170bc74
8d7089253dca29c9cd8d9deb7ec69b0a3d445f88f6a26478c719be1f90adcb01
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e49b984d20b3e7cb3f2c4a08805dc3f66bb8a58ec08c365d0cf955dd57c77c7
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8efa0eab429a14422a4ac296450bac0e25c5df201ff1cb8702428de7db12e38d
8f529e54c362dfb6b4d2ac0c2ea7e9e669d9a082b76e08c29a770b18ed54b58b
926a4ca073c39c40cabffbf1b0371803f245f084cdb9177fc7b3f9d81c0e394d
93012b8dc685e142ea8dc9087b1b5a27502188ea81dd095ade39738710f44df1
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068
9793fc03a50f4e6cdd1d91743c7c18f33bf8ac521cb84f7e3d0fe24672ad72e3
99900bf577463f5efda7b945e5c39a3a2a9b5b73ac7738103b8044f8fb947b3b
99b523edd72385876c466fc061393829b08dec3aa544963373b22a08fb97784f
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a3d1f5824ad4bd991a67acab64088920e43d25545ca6b4cb78736dc35b696a3
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9bf2adc3ae5ecf1c7fa745647da2c3329af91b190f09595892ab898b9aecfb1d
9bfc7d34cd8bc7df36a984d6f3da50799752e33c48bbf07a4a1ee959b51476d0
9c76b3793e27d16ff6f28246b56c13f12afd0fe4d82d86fb76c94bf0b6065634
9d02c3facc410ee6a9dceade80ce0bc710f6037df881453124d3f5c83a6241b5
9d21039999ba2383e87ae4b094dfb7e598e9b4cf8b78eaeabebd8d31485bd923
9e28d81fc3b74855453de9484728dc93e842efaaccab3225a9b0cc8f5dca66eb
9ea93bfd5dce538d0a8fc2b3fbafd7070f9c7758709a0d770e8228dee35719ce
a00a64df8993a9d7aa7262eed9a569c9f6d07ca1a5629d06bded50c7a8b8b16f
a0362f2908903573e95d7a313896bd8cdf45a678449b2492a1dd865799c65918
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0c1247d011ef6b72df5b51079773f6083bb91bc6794ad930048c02bee33a102
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a2b9eefee68fa18c6be3c3bbe11d769b5affc01b84ea94c7ec68ae4ffacd858a
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a2e9332785e83ede4291026bcbe624afbca87ef7d8beb0b66dacc3b438b2af00
a2fda8e31661220ed47964003f8283abbc0ffaa73ced84863b87aa6019065929
a317dc9c672dc6acbccd304c472be4ddb4a9801ff79832787a90aef5c3e9bfa4
a4089d5c56ae6a3a4ceed8e65e475872081884cfc137a2542d156997466f8c09
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5e34069049c0537d4f9e88f2af7b9cf4ec04fed90365f2ef2e8dbd2ed8fc784
a6a2bbb25e35a3caadefa56c84d28b9ef2b2a4bd2c69b6d745a0a77e78a0806c
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a85b1179ca4ed7dc5ea897d1b565a69ccae8d2aad29dff7bb874da7d94538bff
a9161954861bb1fd7d5044d99f9ce04137b3836979ce8c5c75d224642f57c3f9
a9a11e4590d75f3922d0e91405b5f94a6a7ea6ddb2f4baa9bd5392a2d1f30944
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aa3a0e111bb06caa53324a3d992b432fadfcb6ece52b9615c7e2800107f00550
aaac4a435c2ad3240cb7d250a9bd3395261f4529a6f429d1d27628d030caa91b
ac7893b03956fae168dea35abf52a62ebd93953e78d024d74dcd05a3aef9c518
acfaaf62bff0119246c65258ed4eddfff3758441c562b3726627e377d6939118
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
aed8e3888fc7201072fc8d5d05ffd6aa4ee86ceae974c6f755963a5077548472
af7a66542220ecfb2b8fa0286b60ffa95c1c8047df094654a90e1ff75f848ef5
af92a6ad63702d33b96422d43168bba36aed82c30ede0824bc4e84ce03119fc6
afc207386e69748f65e917a95513ca8ef20068a3dc11c87b393733030d80f3d3
b003afa15165c632feeec754e2df29e83ed92ccae2fc38187f170ed1bc388ec0
b0e7c51efb5ebb742702847e186b12ff1317faac11a5392c5093b15231fe2b39
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1940fa752525b29f1c1f709644e86ac309221bf851fd91bae1400650ad2653a
b2dc460864a60ac3ce89c4c6fab1c62ef9171ac1365cc47aa8aca95ecb06f0cf
b3391b26fd634859b900670bddcdd8ef22a819e3581da050f15f48c85a15ba5c
b3ca383bfd0311461fda7e11a505cbf41d2797e9ad047b235755e20aabcf005f
b3ec1618d3e929668626e7cc9f6c958f654c4dccfe32bd1f517833cc000feeab
b474932f970242e4c0f4d2c4f7caf944b9820583f6c3f23043b82bad1d6cb414
b4d8b61135c53ee5505a64a70a48ec1336af6c4d67210303aca6a276a4e51560
b50e47cb27a315b852f291b6e3c63d64397154965b7cf3971d1ac17cfdc477c4
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
b6137519b23512fb824399e27cab378499f19343851a2bc4b1f226a8790211b9
b639deaa2722cec90d6103c6e70b21d8836db3e2a6c5a5fe1624c9c73eb4dd6d
b67a79863d8bc6569738b0c35ae9343be7115445225ed500a8ab238787037607
b7aad2d168e74941373b0e6e18c7d95ed205dfdd5421d729212459e148b3514f
b8a33e6d9efb16579b8911406f121339d265625aa2aa3d614edf090cf9be4548
bb508102b59a34d9277dc9348b9d82d9a67b44cfa56531608ee4e98d9dcb850b
bb7d39384f8a58e23c5e8c78b974aabb9cd28238d451301a12b43c321783fe6c
bc451e9c012385a447dc5f65ccdf0f5c3e06932bdf734f8842c184439b2ce7d6
bcce350016351558ba10c39c15813b3f57d79bd01072dd7a064745175a208994
bda78dc14119f22570204d0b36b92a55815f37baa2b6354a2c087917dbc485ed
bfab5f6878bb0ee77692b700618e82c6482108ce0df3fd540608496376d735c2
bfcc2d7f1d2055e5c9f72ab50835c8887752c5f46886a7b67f6921aca800adac
c08ad2189cec61068fe509a653f1460af130be0d646938a52bf9c8271278ec6f
c0a7b78b741975a40bcc99c4b89e39855248aa76b3c8d639c8dc39245ebe1441
c155a4d20eeb8f36e9772923363493852b846d2138a814ac6a5394fb09ba1b0d
c2f0f360264e24fa97330d99cb63e4ec313fbcf66727a2626ad94688ad0110fb
c39ed6e15eb51f3097df21d42271403d73ef0a064ee86bf4602023042a04b987
c6759d555b51663bb43d537e4ee1b67a6286af8beba8780baa00147ec5e77f63
c703ef4f6731be9421772c5ffbf073435cb7e77e24ad44f39c43baaf8b8d0106
c70c3bb5e862f7c86db4e91ec2b56a8bc629572836f14bac8c42171503ab2c34
c75c9e749da12f7783eaccace3576f58ffd66b5d4deed0d43b8bd84d493f17a5
c8ad0173a955e0b12df19dd9d9cc64cabf6eafeadc0346177586eef4aa6c8b0c
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
cb888f6df29d8510bf5c763e29473bbd7946d5b55dde846474b239e493a9a82d
cc78fd70080002caf2043cdb48109d0b6e234a8adf6171b05a2ff05e98b95b11
ccc2819d34ec2b6caa5270cbb37f0906078e4773ffe19dc2fa7cc858f79555a4
d19ea8f9fb0eb0b8ad41811928a26d26ffeeeadca248301dd2e3b76a49a3e7d7
d605bd2ec6ee95ecf8d2966ef89588ff8894e4d9c88ae95c82a59d71ab753d40
da3a4546a0e448401be0bb03316a63462b069f64ed89fd23add5547f030aa4ec
dbfd118ad6c8f1a956742866e7095a877ed1537e0d7d9260fb8258bb0de25758
ddd2742a2731662ccdca36a6e38d16e73dfc076a3e4dd688aa339e52b4e16383
deb68e16777fefa7c5ab4cefd475b2b9e9afaae5d243535a8eccc89c7fa3c17b
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e19d3bfb9acd7e4b17f931546a8502f703675e65dc8be6d63dd18774c15b416b
e2e8930ff9454192c7ceff3e0e3bcb1172023f1099ed5c8b102e92e14053e34a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e42df85ef9ea62befa0291770dc731af6998c672b61cd1e0ff1478f47e103a41
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e634cdea6fc8a42921753f7da1799c4719b763400d8891a778bdcc519e43c919
e72da6c6070859082c40ba44a3a4f6d69a53bc018e0c07ca54a56d764f6f8760
e781bd0844de5068c24c438cd1061193bc919b7b599c840bf25085c0d08de787
e944aa2add7d89134400d6d51b9b0954ad0e988edd934eccff8907ab90e1c853
e992acf8af7de27497c44cca7f3758d64d10946bebd1b17319287c0d8f83b29c
ea0d57dcc546fffa9e2bbde3d288e070bc7e03faf2de62646a9e8e48b329c3ec
ea39dba2b498dfe4e18255e241acf246f9229c8deb54e5b2530cadb51a25bd58
ea53bf8be4bfe99219a2233ca10a947ca0fd13fa9f05680beaf5358b23c2baa1
eab654b386bb47c394b35f37115c3d2948a65054fade065ccf5ab7f31c4f05f0
ebb2026eba76b777cd1cc6d694a4609324304eeb1129a9fe0fb5a616590cc3ee
ec335cbc056796d69797fd1ef82fc0abd9159579add0bf72e3f54fc0acba786b
eea55ab2129cd954d1f59aac29484031103868d031c15c394de8e184ef45ed03
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0507345ec7cad5933030ea147ef0017ee6d685f5c0f3c5e6ea097ac1c71d039
f07619f52ec7903a7fe5c9725c9b742a44376c677bb67b3f58f0e5b0368d03d8
f312cea10a700755cc0c5a7a471689e0f7ca9f8a0c09db43350838b499b79106
f43a06d94a8643f863e607ce1e7e28ca31192278a7db3dd5a87a84e543aaba11
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f689c53303487e477b2e0c0bc80b336c0094a20e11fd0fb3b00f4e71ff3c4585
f68f087d59e516b8ef9af7b4c43bda59cf7d34c4ca1e834efad0307fa345e5b9
f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194
f7cdf71044448cb736733f5163fff96081d51ba4101567d61d22ee5998a7a399
f813e0face82cbe92c8a92ec562d1f6551f34bb20eae1aedbed177b45d2700ca
f944d47130e3c7b1dc36ae05c0a9a7524f65dee70d086511cac57fa3e5078914
f9b5c9d3e5dab98fc01cc66c4e229df6d9b1e5b63a118c4d80dd76d42adaead2
fa3793a5e6df811a91f9ff6c0750934f41712b5330a6756aa37f573ad1d78df1
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921
fbf08c4d01639c653424ded1023e1d5f1f5010cdaa29d192d10090c9479715d4
fc595a01fcb32a59f727cea14c299998e7dbff8fc27d5b590b048cd5211aff41
fcd9c6914994e93cb40df3a8d7b1fe98ae2d07dde566f9a2a6468f503f54e8ef
fce31aed37d06eadb51d5f1836f7ceef2d2a0a5dc6dd5147b46cd29d625bcf32
fe25eb0a048eb74b47dedffa76327d1e2d34fbcaca8be2a780f2b35173a8c666
ffae8fb9199235cf70171d14a964159b4eda2da695a258c2586de98e3cb27bb2