urlscan.io logo urlscan.io
SecurityTrails logo

colunadofla.com Open in urlscan Pro
190.89.238.20  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://colunadofla.com.br/
Effective URL: https://colunadofla.com/
Submission: On January 22 via manual from BR — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 104 IPs in 12 countries across 73 domains to perform 642 HTTP transactions. The main IP is 190.89.238.20, located in Brazil and belongs to Under Servicos de Internet Ltda, BR. The main domain is colunadofla.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on August 25th 2023. Valid for: a year.
This is the only time colunadofla.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 52.67.30.58 16509 (AMAZON-02)
44 190.89.238.20 28209 (Under Ser...)
14 2a00:1450:400... 15169 (GOOGLE)
3 2606:4700:10:... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
4 2001:4860:480... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 18 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 172.67.14.13 13335 (CLOUDFLAR...)
4 2606:4700::68... 13335 (CLOUDFLAR...)
2 190.89.238.88 28209 (Under Ser...)
4 116.203.19.36 24940 (HETZNER-AS)
1 2600:9000:25a... 16509 (AMAZON-02)
2 2620:1ec:46::45 8075 (MICROSOFT...)
1 7 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
4 20.114.189.70 8075 (MICROSOFT...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
9 2a00:1450:400... 15169 (GOOGLE)
4 35.201.123.184 396982 (GOOGLE-CL...)
10 142.250.185.129 15169 (GOOGLE)
5 10 185.89.210.90 29990 (ASN-APPNEX)
9 185.86.138.123 201081 (SMARTADSE...)
8 2602:803:c003... 26667 (RUBICONPR...)
2 51.75.86.98 16276 (OVH)
1 185.184.10.30 203690 (RTB-HOUSE...)
1 2 68.219.88.97 8075 (MICROSOFT...)
1 1 2620:1ec:c11:... 8068 (MICROSOFT...)
74 2a00:1450:400... 15169 (GOOGLE)
1 3.5.234.115 16509 (AMAZON-02)
2 18.165.183.30 16509 (AMAZON-02)
10 34.102.185.99 396982 (GOOGLE-CL...)
23 2a00:1450:400... 15169 (GOOGLE)
63 2a00:1450:400... 15169 (GOOGLE)
65 2a00:1450:400... 15169 (GOOGLE)
18 32 172.217.16.194 15169 (GOOGLE)
6 14 104.18.36.155 13335 (CLOUDFLAR...)
1 18.165.183.57 16509 (AMAZON-02)
9 142.250.184.198 15169 (GOOGLE)
4 2606:4700::68... 13335 (CLOUDFLAR...)
20 34.117.222.118 396982 (GOOGLE-CL...)
3 6 54.73.100.143 16509 (AMAZON-02)
4 142.250.186.130 15169 (GOOGLE)
1 54.207.143.148 16509 (AMAZON-02)
5 2600:9000:245... 16509 (AMAZON-02)
24 2600:1f18:1ac... 14618 (AMAZON-AES)
1 72.246.169.24 16625 (AKAMAI-AS)
8 2a00:1450:400... 15169 (GOOGLE)
1 4 35.244.159.8 396982 (GOOGLE-CL...)
2 2.16.97.41 16625 (AKAMAI-AS)
1 66.102.1.154 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
3 2800:3f0:4004... 15169 (GOOGLE)
1 2a03:2880:f17... 32934 (FACEBOOK)
3 23.35.237.86 16625 (AKAMAI-AS)
1 146.75.122.132 54113 (FASTLY)
3 213.227.153.220 60781 (LEASEWEB-...)
1 213.227.153.225 60781 (LEASEWEB-...)
10 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
2 2a02:2638:3::c 44788 (ASN-CRITE...)
2 184.30.22.30 16625 (AKAMAI-AS)
2 69.173.144.138 26667 (RUBICONPR...)
1 3.71.149.231 16509 (AMAZON-02)
4 138.201.63.149 24940 (HETZNER-AS)
1 4 78.46.111.106 24940 (HETZNER-AS)
9 22 2607:ae80:4::26 26558 (FREEWHEEL)
2 5.196.111.72 16276 (OVH)
1 2a0b:4d07:101::1 44239 (PROINITY ...)
3 91.121.248.44 16276 (OVH)
1 2 2a01:4f8:d0a:... 24940 (HETZNER-AS)
1 49.12.22.42 24940 (HETZNER-AS)
1 13.42.201.144 16509 (AMAZON-02)
1 13.224.103.16 16509 (AMAZON-02)
1 18.165.183.76 16509 (AMAZON-02)
1 2 216.58.212.166 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 18.134.214.132 16509 (AMAZON-02)
3 2a06:98c1:312... ()
2 3 2620:1ec:bdf::45 ()
5 142.250.185.130 ()
1 104.18.28.137 ()
1 3.133.85.98 ()
1 2a02:6ea0:c70... ()
1 35.214.149.91 ()
1 2620:116:800d... ()
1 34.96.105.8 ()
2 3 37.157.3.26 ()
2 2 64.202.112.127 ()
1 1 54.156.106.93 ()
2 142.250.186.98 ()
2 2a06:98c1:312... ()
1 172.64.150.27 ()
2 212.36.83.215 ()
1 69.20.43.192 ()
1 212.36.83.246 ()
5 3.75.149.24 ()
1 2 2a05:d018:191... ()
1 23.35.236.201 ()
2 54.77.210.46 ()
2 2a02:26f0:350... ()
1 85.184.96.28 ()
1 1 18.134.84.23 ()
1 3 52.209.222.107 ()
2 52.46.155.104 ()
642 104
1    52.67.30.58 (São Paulo, Brazil)

ASN16509 (AMAZON-02, US)
PTR: br193.serverdo.in
colunadofla.com.br
44    190.89.238.20 (Brazil)

ASN28209 (Under Servicos de Internet Ltda, BR)
PTR: br86.serverdo.in
colunadofla.com
14    2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    2606:4700:10::6816:47c5 (United States)

ASN13335 (CLOUDFLARENET, US)
static.addtoany.com
2    2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
4    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
region1.google-analytics.com
2    2a00:1450:400c:c0b::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
4    2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
18    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
3    2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
1    172.67.14.13 (United States)

ASN13335 (CLOUDFLARENET, US)
www.sofascore.com
4    2606:4700::6812:d73b (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.onesignal.com
onesignal.com
2    190.89.238.88 (Brazil)

ASN28209 (Under Servicos de Internet Ltda, BR)
PTR: br204.serverdo.in
tags.juicebarads.com
4    116.203.19.36 (Tettnang, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.36.19.203.116.clients.your-server.de
ad.webads.media
1    2600:9000:25a2:5a00:1:825a:8300:93a1 (United States)

ASN16509 (AMAZON-02, US)
scripts.nsn-server.xyz
2    2620:1ec:46::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.clarity.ms
7    2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.pt
1    2606:4700::6812:d63b (United States)

ASN13335 (CLOUDFLARENET, US)
onesignal.com
4    20.114.189.70 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
t.clarity.ms
1    2606:4700::6812:170e (United States)

ASN13335 (CLOUDFLARENET, US)
tags.denakop.com
9    2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fundingchoicesmessages.google.com
4    35.201.123.184 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 184.123.201.35.bc.googleusercontent.com
tags.t.tailtarget.com
d.tailtarget.com
10    142.250.185.129 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f1.1e100.net
48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com
10    185.89.210.90 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
9    185.86.138.123 (France)

ASN201081 (SMARTADSERVER, FR)
prg.smartadserver.com
8    2602:803:c003:200::45 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
2    51.75.86.98 (France)

ASN16276 (OVH, FR)
PTR: ip98.ip-51-75-86.eu
onetag-sys.com
1    185.184.10.30 (Poland)

ASN203690 (RTB-HOUSE-ASH, PL)
PTR: ip-185-184-10-30.rtbhouse.net
prebid-us.creativecdn.com
2    68.219.88.97 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.clarity.ms
1    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
74    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
www.googletagservices.com
1    3.5.234.115 (São Paulo, Brazil)

ASN16509 (AMAZON-02, US)
PTR: s3-sa-east-1-r-w.amazonaws.com
rtads.s3.sa-east-1.amazonaws.com
2    18.165.183.30 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-165-183-30.zrh55.r.cloudfront.net
sb.scorecardresearch.com
10    34.102.185.99 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 99.185.102.34.bc.googleusercontent.com
tt-9964-3.seg.t.tailtarget.com
b.t.tailtarget.com
tt-11382-4.seg.t.tailtarget.com
t.tailtarget.com
cm.t.tailtarget.com
23    2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
63    2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
65    2a00:1450:4001:830::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
32    172.217.16.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s65-in-f2.1e100.net
cm.g.doubleclick.net
pubads.g.doubleclick.net
14    104.18.36.155 (None, )

ASN13335 (CLOUDFLARENET, US)
dsum-sec.casalemedia.com
1    18.165.183.57 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-165-183-57.zrh55.r.cloudfront.net
attentionxyz.com
9    142.250.184.198 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f6.1e100.net
ad.doubleclick.net
4    2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
20    34.117.222.118 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 118.222.117.34.bc.googleusercontent.com
api.attentionxyz.com
6    54.73.100.143 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-73-100-143.eu-west-1.compute.amazonaws.com
fw.adsafeprotected.com
4    142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net
googleads4.g.doubleclick.net
1    54.207.143.148 (São Paulo, Brazil)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-207-143-148.sa-east-1.compute.amazonaws.com
4funevyslk.execute-api.sa-east-1.amazonaws.com
5    2600:9000:2450:e000:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.adsafeprotected.com
24    2600:1f18:1aca:4280:7d2:94c5:1ce1:2c8f (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
dt.adsafeprotected.com
1    72.246.169.24 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a72-246-169-24.deploy.static.akamaitechnologies.com
tags.bluekai.com
8    2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
4    35.244.159.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.159.244.35.bc.googleusercontent.com
us-u.openx.net
vidoomy-d.openx.net
2    2.16.97.41 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-16-97-41.deploy.static.akamaitechnologies.com
sync.teads.tv
1    66.102.1.154 (Las Vegas, United States)

ASN15169 (GOOGLE, US)
PTR: wb-in-f154.1e100.net
bid.g.doubleclick.net
5    2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    2800:3f0:4004:802::2003 (Argentina)

ASN15169 (GOOGLE, US)
csi.gstatic.com
1    2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
3    23.35.237.86 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-86.deploy.static.akamaitechnologies.com
libs.outbrain.com
widgets.outbrain.com
1    146.75.122.132 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
zem.outbrainimg.com
3    213.227.153.220 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: v182.ce13.ams-01.nl.leaseweb.net
b1t-eudc1.zemanta.com
1    213.227.153.225 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
b1-eudc1.zemanta.com
10    2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
6    2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a02:2638:3::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
2    184.30.22.30 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-22-30.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
2    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
pixel.rubiconproject.com
1    3.71.149.231 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
4    138.201.63.149 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.149.63.201.138.clients.your-server.de
hal9000.redintelligence.net
4    78.46.111.106 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.106.111.46.78.clients.your-server.de
hal900027.redintelligence.net
22    2607:ae80:4::26 (United States)

ASN26558 (FREEWHEEL, US)
ads.stickyadstv.com
2    5.196.111.72 (Lille, France)

ASN16276 (OVH, FR)
PTR: ip72.ip-5-196-111.eu
rtb-csync.smartadserver.com
1    2a0b:4d07:101::1 (Switzerland)

ASN44239 (PROINITY PROINITY, CH)
adv.office-partner.de
3    91.121.248.44 (France)

ASN16276 (OVH, FR)
PTR: ip44.ip-91-121-248.eu
pv.medialead.de
2    2a01:4f8:d0a:2321::2 (Nuremberg, Germany)

ASN24940 (HETZNER-AS, DE)
cdn.retailads.net
1    49.12.22.42 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: lb-3.futalis.de
futalis.de
1    13.42.201.144 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-42-201-144.eu-west-2.compute.amazonaws.com
track.webgains.com
1    13.224.103.16 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-103-16.zrh50.r.cloudfront.net
analytics.webgains.io
1    18.165.183.76 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-165-183-76.zrh55.r.cloudfront.net
cdn.track.production.webgains.team
2    216.58.212.166 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s01-in-f6.1e100.net
5994599.fls.doubleclick.net
1    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
2    18.134.214.132 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-134-214-132.eu-west-2.compute.amazonaws.com
api.webgains.io
3    2a06:98c1:3121::3 (None, )

ASN- ()
info.nsmedia-advertising.com
c.nsmedia-advertising.com
3    2620:1ec:bdf::45 (None, )

ASN- ()
b1.trickyrock.com
5    142.250.185.130 (None, )

ASN- ()
ade.googlesyndication.com
1    104.18.28.137 (None, )

ASN- ()
www.bwin.de
1    3.133.85.98 (None, )

ASN- ()
ads.vidoomy.com
1    2a02:6ea0:c700::18 (None, )

ASN- ()
vpaid.vidoomy.com
1    35.214.149.91 (None, )

ASN- ()
x.bidswitch.net
1    2620:116:800d:21:7eb1:3826:be7e:d981 (None, )

ASN- ()
cms.quantserve.com
1    34.96.105.8 (None, )

ASN- ()
tr.blismedia.com
3    37.157.3.26 (None, )

ASN- ()
c1.adform.net
adx.adform.net
2    64.202.112.127 (None, )

ASN- ()
b1sync.zemanta.com
1    54.156.106.93 (None, )

ASN- ()
sync.srv.stackadapt.com
2    142.250.186.98 (None, )

ASN- ()
www.googleadservices.com
2    2a06:98c1:3120::3 (None, )

ASN- ()
c.nsmedia-advertising.com
1    172.64.150.27 (None, )

ASN- ()
stake.com
2    212.36.83.215 (None, )

ASN- ()
ad.vidoomy.com
1    69.20.43.192 (None, )

ASN- ()
v.lkqd.net
1    212.36.83.246 (None, )

ASN- ()
a.vidoomy.com
5    3.75.149.24 (None, )

ASN- ()
optimized-by.rubiconproject.com
2    2a05:d018:1914:d700:cc0:d4c3:f0a9:6185 (None, )

ASN- ()
4cywq-eqnre.ads.tremorhub.com
1    23.35.236.201 (None, )

ASN- ()
vpaid.pubmatic.com
2    54.77.210.46 (None, )

ASN- ()
vid.springserve.com
2    2a02:26f0:3500:11::215:14d8 (None, )

ASN- ()
cdn.stickyadstv.com
1    85.184.96.28 (None, )

ASN- ()
www.unibet.com
1    18.134.84.23 (None, )

ASN- ()
1f2e7.v.fwmrm.net
3    52.209.222.107 (None, )

ASN- ()
match.prod.bidr.io
2    52.46.155.104 (None, )

ASN- ()
s.amazon-adsystem.com
Apex Domain
Subdomains		 Transfer
143 googlesyndication.com
48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 110
tpc.googlesyndication.com — Cisco Umbrella Rank: 157
ade.googlesyndication.com
1005 KB
91 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 79
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 209
googleads.g.doubleclick.net — Cisco Umbrella Rank: 38
cm.g.doubleclick.net — Cisco Umbrella Rank: 260
ad.doubleclick.net — Cisco Umbrella Rank: 163
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 594
pubads.g.doubleclick.net — Cisco Umbrella Rank: 415
bid.g.doubleclick.net — Cisco Umbrella Rank: 917
5994599.fls.doubleclick.net — Cisco Umbrella Rank: 126874
632 KB
65 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 336
1 MB
44 colunadofla.com
colunadofla.com
2 MB
35 adsafeprotected.com
fw.adsafeprotected.com — Cisco Umbrella Rank: 1004
static.adsafeprotected.com — Cisco Umbrella Rank: 721
dt.adsafeprotected.com — Cisco Umbrella Rank: 719
320 KB
24 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 562
cdn.stickyadstv.com
241 KB
21 attentionxyz.com
attentionxyz.com — Cisco Umbrella Rank: 11040
api.attentionxyz.com — Cisco Umbrella Rank: 11463
135 KB
20 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 2616
www.google.com — Cisco Umbrella Rank: 2
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1143
adservice.google.com — Cisco Umbrella Rank: 98
70 KB
17 gstatic.com
www.gstatic.com
csi.gstatic.com
fonts.gstatic.com
156 KB
17 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 520
eus.rubiconproject.com — Cisco Umbrella Rank: 579
token.rubiconproject.com — Cisco Umbrella Rank: 477
pixel.rubiconproject.com
optimized-by.rubiconproject.com
19 KB
14 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 622
10 KB
14 tailtarget.com
tags.t.tailtarget.com — Cisco Umbrella Rank: 77191
d.tailtarget.com — Cisco Umbrella Rank: 85710
tt-9964-3.seg.t.tailtarget.com — Cisco Umbrella Rank: 276136
b.t.tailtarget.com — Cisco Umbrella Rank: 67257
tt-11382-4.seg.t.tailtarget.com — Cisco Umbrella Rank: 325408
t.tailtarget.com — Cisco Umbrella Rank: 22918
cm.t.tailtarget.com — Cisco Umbrella Rank: 28285
45 KB
14 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 37
1 MB
11 smartadserver.com
prg.smartadserver.com — Cisco Umbrella Rank: 1533
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 669
3 KB
10 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 410
207 KB
10 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 253
9 KB
9 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 230
585 KB
8 redintelligence.net
hal9000.redintelligence.net — Cisco Umbrella Rank: 38309
hal900027.redintelligence.net — Cisco Umbrella Rank: 220470
57 KB
8 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 747
t.clarity.ms — Cisco Umbrella Rank: 6984
c.clarity.ms — Cisco Umbrella Rank: 1351
28 KB
8 googleapis.com
imasdk.googleapis.com — Cisco Umbrella Rank: 485
fonts.googleapis.com — Cisco Umbrella Rank: 28
505 KB
6 zemanta.com
b1t-eudc1.zemanta.com — Cisco Umbrella Rank: 20340
b1-eudc1.zemanta.com — Cisco Umbrella Rank: 25373
b1sync.zemanta.com
2 KB
5 vidoomy.com
ads.vidoomy.com
vpaid.vidoomy.com
ad.vidoomy.com
a.vidoomy.com
109 KB
5 nsmedia-advertising.com
info.nsmedia-advertising.com
c.nsmedia-advertising.com
3 KB
5 onesignal.com
cdn.onesignal.com — Cisco Umbrella Rank: 4149
onesignal.com — Cisco Umbrella Rank: 1446
83 KB
4 openx.net
us-u.openx.net — Cisco Umbrella Rank: 524
vidoomy-d.openx.net
494 B
4 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 225
56 KB
4 webads.media
ad.webads.media
4 KB
4 google.de
www.google.de — Cisco Umbrella Rank: 6518
778 B
3 bidr.io
match.prod.bidr.io
444 B
3 adform.net
c1.adform.net
adx.adform.net
2 KB
3 trickyrock.com
b1.trickyrock.com
3 KB
3 webgains.io
analytics.webgains.io — Cisco Umbrella Rank: 28599
api.webgains.io — Cisco Umbrella Rank: 69568
19 KB
3 medialead.de
pv.medialead.de — Cisco Umbrella Rank: 41332
652 B
3 outbrain.com
libs.outbrain.com — Cisco Umbrella Rank: 3362
widgets.outbrain.com — Cisco Umbrella Rank: 1933
9 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
region1.google-analytics.com — Cisco Umbrella Rank: 2029
21 KB
3 addtoany.com
static.addtoany.com — Cisco Umbrella Rank: 3925
28 KB
2 amazon-adsystem.com
s.amazon-adsystem.com
958 B
2 springserve.com
vid.springserve.com
3 KB
2 tremorhub.com
4cywq-eqnre.ads.tremorhub.com
981 B
2 googleadservices.com
www.googleadservices.com
2 retailads.net
cdn.retailads.net — Cisco Umbrella Rank: 193090
6 KB
2 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 423
374 B
2 teads.tv
sync.teads.tv — Cisco Umbrella Rank: 1376
326 B
2 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 177
3 KB
2 amazonaws.com
rtads.s3.sa-east-1.amazonaws.com
4funevyslk.execute-api.sa-east-1.amazonaws.com
22 KB
2 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 707
499 B
2 juicebarads.com
tags.juicebarads.com
129 KB
1 fwmrm.net
1f2e7.v.fwmrm.net
599 B
1 unibet.com
www.unibet.com
1 pubmatic.com
vpaid.pubmatic.com
865 B
1 lkqd.net
v.lkqd.net
1 KB
1 stake.com
stake.com
1 stackadapt.com
sync.srv.stackadapt.com
1 KB
1 blismedia.com
tr.blismedia.com
174 B
1 quantserve.com
cms.quantserve.com
463 B
1 bidswitch.net
x.bidswitch.net
235 B
1 bwin.de
www.bwin.de
1 webgains.team
cdn.track.production.webgains.team — Cisco Umbrella Rank: 69384
438 B
1 webgains.com
track.webgains.com — Cisco Umbrella Rank: 55633
2 KB
1 futalis.de
futalis.de — Cisco Umbrella Rank: 336285
401 B
1 office-partner.de
adv.office-partner.de — Cisco Umbrella Rank: 148117
923 B
1 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 358
125 B
1 outbrainimg.com
zem.outbrainimg.com — Cisco Umbrella Rank: 3835
14 KB
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 107
185 B
1 bluekai.com
tags.bluekai.com — Cisco Umbrella Rank: 727
574 B
1 bing.com
c.bing.com — Cisco Umbrella Rank: 247
764 B
1 creativecdn.com
prebid-us.creativecdn.com — Cisco Umbrella Rank: 8648
178 B
1 denakop.com
tags.denakop.com — Cisco Umbrella Rank: 207778
101 KB
1 google.pt
www.google.pt — Cisco Umbrella Rank: 13270
408 B
1 nsn-server.xyz
scripts.nsn-server.xyz — Cisco Umbrella Rank: 424539
163 KB
1 sofascore.com
www.sofascore.com — Cisco Umbrella Rank: 99536
1 colunadofla.com.br
colunadofla.com.br
245 B
0 spotxchange.com Failed
sync.search.spotxchange.com Failed
642 73
Domain Requested by
65 s0.2mdn.net colunadofla.com
s0.2mdn.net
imasdk.googleapis.com
48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com
65 pagead2.googlesyndication.com securepubads.g.doubleclick.net
colunadofla.com
48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com
tpc.googlesyndication.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
s0.2mdn.net
www.googletagservices.com
imasdk.googleapis.com
fw.adsafeprotected.com
63 tpc.googlesyndication.com securepubads.g.doubleclick.net
colunadofla.com
48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com
tpc.googlesyndication.com
s0.2mdn.net
googleads.g.doubleclick.net
imasdk.googleapis.com
www.gstatic.com
44 colunadofla.com colunadofla.com
29 cm.g.doubleclick.net 18 redirects googleads.g.doubleclick.net
48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com
24 dt.adsafeprotected.com 48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com
23 googleads.g.doubleclick.net www.googletagmanager.com
48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com
pagead2.googlesyndication.com
colunadofla.com
22 ads.stickyadstv.com 9 redirects googleads.g.doubleclick.net
vpaid.vidoomy.com
cdn.stickyadstv.com
20 api.attentionxyz.com attentionxyz.com
18 securepubads.g.doubleclick.net 1 redirects colunadofla.com
securepubads.g.doubleclick.net
14 dsum-sec.casalemedia.com 6 redirects googleads.g.doubleclick.net
14 www.googletagmanager.com colunadofla.com
www.googletagmanager.com
tags.juicebarads.com
tags.t.tailtarget.com
adv.office-partner.de
10 cdn.ampproject.org securepubads.g.doubleclick.net
10 ib.adnxs.com 5 redirects tags.denakop.com
googleads.g.doubleclick.net
10 48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com securepubads.g.doubleclick.net
9 ad.doubleclick.net colunadofla.com
48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com
9 www.googletagservices.com 48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com
colunadofla.com
9 prg.smartadserver.com tags.denakop.com
9 fundingchoicesmessages.google.com tags.juicebarads.com
8 www.gstatic.com colunadofla.com
48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com
8 fastlane.rubiconproject.com tags.denakop.com
7 www.google.com 1 redirects colunadofla.com
tpc.googlesyndication.com
6 fonts.gstatic.com fonts.googleapis.com
6 fw.adsafeprotected.com 3 redirects colunadofla.com
48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com
5 optimized-by.rubiconproject.com vpaid.vidoomy.com
5 ade.googlesyndication.com
5 fonts.googleapis.com 48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com
colunadofla.com
securepubads.g.doubleclick.net
hal900027.redintelligence.net
5 static.adsafeprotected.com 48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com
4 c.nsmedia-advertising.com scripts.nsn-server.xyz
4 hal900027.redintelligence.net 1 redirects 48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com
hal900027.redintelligence.net
4 hal9000.redintelligence.net 48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com
hal900027.redintelligence.net
4 googleads4.g.doubleclick.net colunadofla.com
4 cdnjs.cloudflare.com s0.2mdn.net
4 b.t.tailtarget.com d.tailtarget.com
4 t.clarity.ms www.clarity.ms
vpaid.vidoomy.com
4 ad.webads.media colunadofla.com
ad.webads.media
4 www.google.de colunadofla.com
3 match.prod.bidr.io 1 redirects
3 b1.trickyrock.com 2 redirects c.nsmedia-advertising.com
3 pv.medialead.de hal900027.redintelligence.net
3 b1t-eudc1.zemanta.com
3 csi.gstatic.com imasdk.googleapis.com
3 pubads.g.doubleclick.net imasdk.googleapis.com
3 onesignal.com cdn.onesignal.com
3 imasdk.googleapis.com colunadofla.com
tags.juicebarads.com
imasdk.googleapis.com
3 region1.analytics.google.com www.googletagmanager.com
3 static.addtoany.com colunadofla.com
static.addtoany.com
2 s.amazon-adsystem.com
2 cdn.stickyadstv.com vpaid.vidoomy.com
cdn.stickyadstv.com
2 vidoomy-d.openx.net 1 redirects
2 vid.springserve.com vpaid.vidoomy.com
2 4cywq-eqnre.ads.tremorhub.com 1 redirects
2 ad.vidoomy.com vpaid.vidoomy.com
2 www.googleadservices.com
2 b1sync.zemanta.com 2 redirects
2 c1.adform.net 2 redirects
2 api.webgains.io analytics.webgains.io
2 5994599.fls.doubleclick.net 1 redirects 48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com
2 cdn.retailads.net 1 redirects futalis.de
2 rtb-csync.smartadserver.com googleads.g.doubleclick.net
2 eus.rubiconproject.com tags.denakop.com
eus.rubiconproject.com
2 gum.criteo.com tags.denakop.com
2 libs.outbrain.com tpc.googlesyndication.com
libs.outbrain.com
2 sync.teads.tv googleads.g.doubleclick.net
2 us-u.openx.net googleads.g.doubleclick.net
2 t.tailtarget.com
2 tt-9964-3.seg.t.tailtarget.com d.tailtarget.com
2 sb.scorecardresearch.com colunadofla.com
2 d.tailtarget.com colunadofla.com
d.tailtarget.com
2 c.clarity.ms 1 redirects
2 onetag-sys.com tags.denakop.com
2 tags.t.tailtarget.com colunadofla.com
2 www.clarity.ms colunadofla.com
www.clarity.ms
2 tags.juicebarads.com colunadofla.com
tags.juicebarads.com
2 cdn.onesignal.com colunadofla.com
cdn.onesignal.com
2 stats.g.doubleclick.net www.googletagmanager.com
www.google-analytics.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
1 1f2e7.v.fwmrm.net 1 redirects
1 www.unibet.com c.nsmedia-advertising.com
1 vpaid.pubmatic.com vpaid.vidoomy.com
1 adx.adform.net vpaid.vidoomy.com
1 a.vidoomy.com vpaid.vidoomy.com
1 v.lkqd.net vpaid.vidoomy.com
1 stake.com c.nsmedia-advertising.com
1 sync.srv.stackadapt.com 1 redirects
1 tr.blismedia.com 48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com
1 cms.quantserve.com 48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com
1 pixel.rubiconproject.com
1 x.bidswitch.net
1 vpaid.vidoomy.com ads.vidoomy.com
1 ads.vidoomy.com tags.juicebarads.com
1 www.bwin.de c.nsmedia-advertising.com
1 info.nsmedia-advertising.com scripts.nsn-server.xyz
1 adservice.google.com 5994599.fls.doubleclick.net
1 cdn.track.production.webgains.team 48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com
1 analytics.webgains.io track.webgains.com
1 track.webgains.com colunadofla.com
1 futalis.de hal900027.redintelligence.net
1 adv.office-partner.de hal900027.redintelligence.net
1 ups.analytics.yahoo.com googleads.g.doubleclick.net
1 token.rubiconproject.com eus.rubiconproject.com
1 b1-eudc1.zemanta.com
1 widgets.outbrain.com
1 zem.outbrainimg.com
1 cm.t.tailtarget.com
1 www.facebook.com
1 bid.g.doubleclick.net 48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com
1 tags.bluekai.com 48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com
1 4funevyslk.execute-api.sa-east-1.amazonaws.com rtads.s3.sa-east-1.amazonaws.com
1 tt-11382-4.seg.t.tailtarget.com d.tailtarget.com
1 attentionxyz.com s0.2mdn.net
1 rtads.s3.sa-east-1.amazonaws.com colunadofla.com
1 c.bing.com 1 redirects
1 prebid-us.creativecdn.com tags.denakop.com
1 region1.google-analytics.com www.googletagmanager.com
1 tags.denakop.com tags.juicebarads.com
1 www.google.pt colunadofla.com
1 scripts.nsn-server.xyz www.googletagmanager.com
1 www.sofascore.com colunadofla.com
1 colunadofla.com.br 1 redirects
0 sync.search.spotxchange.com Failed googleads.g.doubleclick.net
642 121

This site contains links to these domains. Also see Links.

Domain
twitter.com
www.instagram.com
facebook.com
www.youtube.com
youtube.com
instagram.com
www.facebook.com
wa.me
Subject Issuer Validity Valid
www.colunadofla.com
Sectigo RSA Domain Validation Secure Server CA		 2023-08-25 -
2024-08-25		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
static.addtoany.com
E1		 2023-12-27 -
2024-03-26		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
www.google.de
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
sofascore.com
Cloudflare Inc ECC CA-3		 2023-07-24 -
2024-07-23		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-03 -
2024-05-02		 a year crt.sh
www.tags.juicebarads.com
Sectigo RSA Domain Validation Secure Server CA		 2023-08-10 -
2024-08-11		 a year crt.sh
ad.webads.media
R3		 2024-01-14 -
2024-04-13		 3 months crt.sh
scripts.nsn-server.xyz
Amazon RSA 2048 M01		 2023-06-14 -
2024-07-12		 a year crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1		 2023-12-07 -
2024-12-07		 a year crt.sh
www.google.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
*.google.pt
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
onesignal.com
E1		 2023-12-25 -
2024-03-24		 3 months crt.sh
a.clarity.ms
Microsoft Azure TLS Issuing CA 01		 2024-01-14 -
2024-06-27		 5 months crt.sh
denakop.com
Cloudflare Inc ECC CA-3		 2024-01-17 -
2024-12-31		 a year crt.sh
*.google.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
*.tailtarget.com
Sectigo RSA Domain Validation Secure Server CA		 2023-07-11 -
2024-08-09		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
*.smartadserver.com
DigiCert Global G3 TLS ECC SHA384 2020 CA1		 2024-01-17 -
2025-01-16		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-05 -
2024-04-03		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-28 -
2024-01-28		 a year crt.sh
*.creativecdn.com
RapidSSL TLS RSA CA G1		 2023-03-29 -
2024-04-28		 a year crt.sh
*.s3-sa-east-1.amazonaws.com
Amazon RSA 2048 M01		 2023-10-10 -
2024-07-06		 9 months crt.sh
*.scorecardresearch.com
Sectigo RSA Organization Validation Secure Server CA		 2023-12-11 -
2024-12-10		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
attentionxyz.com
Amazon RSA 2048 M02		 2023-04-18 -
2024-05-17		 a year crt.sh
api.attentionxyz.com
GTS CA 1D4		 2024-01-16 -
2024-04-15		 3 months crt.sh
fw.adsafeprotected.com
Amazon RSA 2048 M02		 2023-03-29 -
2024-04-27		 a year crt.sh
*.execute-api.sa-east-1.amazonaws.com
Amazon RSA 2048 M02		 2023-09-30 -
2024-10-28		 a year crt.sh
static.adsafeprotected.com
Amazon RSA 2048 M02		 2023-07-07 -
2024-08-04		 a year crt.sh
dt.adsafeprotected.com
Amazon RSA 2048 M02		 2023-05-09 -
2024-06-07		 a year crt.sh
odc-pixel-prod-01.oracle.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-12-11 -
2024-12-11		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2023-08-18 -
2024-08-18		 a year crt.sh
teads.tv
R3		 2024-01-22 -
2024-04-21		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-10-31 -
2024-01-29		 3 months crt.sh
*.outbrain.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-12-14 -
2024-12-14		 a year crt.sh
*.outbrainimg.com
R3		 2023-11-28 -
2024-02-26		 3 months crt.sh
*.zemanta.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-08-16 -
2024-09-05		 a year crt.sh
misc-sni.google.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-01 -
2024-03-01		 3 months crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-12-26 -
2024-06-19		 6 months crt.sh
redintelligence.net
R3		 2023-12-13 -
2024-03-12		 3 months crt.sh
adv.office-partner.de
R3		 2023-12-27 -
2024-03-26		 3 months crt.sh
pv.medialead.de
R3		 2023-12-04 -
2024-03-03		 3 months crt.sh
*.futalis.de
R3		 2023-12-12 -
2024-03-11		 3 months crt.sh
*.webgains.com
Amazon RSA 2048 M01		 2023-05-15 -
2024-06-13		 a year crt.sh
*.webgains.io
Amazon RSA 2048 M01		 2023-07-24 -
2024-08-22		 a year crt.sh
cdn.track.production.webgains.team
Amazon RSA 2048 M03		 2023-08-30 -
2024-09-27		 a year crt.sh
cdn.retailads.net
Encryption Everywhere DV TLS CA - G2		 2023-05-18 -
2024-05-17		 a year crt.sh
nsmedia-advertising.com
GTS CA 1P5		 2024-01-15 -
2024-04-14		 3 months crt.sh
affiliates.kindredplc.com
Trustwave Organization Validation SHA256 CA, Level 1		 2023-08-17 -
2024-08-16		 a year crt.sh
*.bwin.de
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-31 -
2024-08-27		 a year crt.sh
*.vidoomy.com
Sectigo RSA Domain Validation Secure Server CA		 2023-09-06 -
2024-10-06		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2023-03-23 -
2024-03-23		 a year crt.sh
quantserve.com
R3		 2023-12-27 -
2024-03-26		 3 months crt.sh
tr.blismedia.com
GTS CA 1D4		 2023-12-02 -
2024-03-01		 3 months crt.sh
www.googleadservices.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
stake.com
E1		 2023-11-28 -
2024-02-26		 3 months crt.sh
*.ads.stickyadstv.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-04-19 -
2024-05-19		 a year crt.sh
*.lkqd.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-10 -
2024-07-20		 a year crt.sh
track.adform.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-06 -
2024-09-19		 a year crt.sh
*.pubmatic.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-11-26 -
2024-11-26		 a year crt.sh
*.springserve.com
Amazon RSA 2048 M01		 2023-08-02 -
2024-08-30		 a year crt.sh
cdn.stickyadstv.com
R3		 2024-01-03 -
2024-04-02		 3 months crt.sh
unibet.com
R3		 2024-01-05 -
2024-04-04		 3 months crt.sh

This page contains 66 frames:

Primary Page: https://colunadofla.com/
Frame ID: B1BADCC84DA02D776F23901B774C28E3
Requests: 203 HTTP requests in this frame

Frame: https://ad.webads.media/deliver/pixel/6f5a0f84a967110
Frame ID: 2FF43AB0430666375DF6AD47C78C2FB5
Requests: 4 HTTP requests in this frame

Frame: https://static.addtoany.com/menu/sm.25.html
Frame ID: 9A2C999C220D354A7E9AA5E3D4B76A83
Requests: 1 HTTP requests in this frame

Frame: https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: AEE82A30BD850C68EB532FFFC7A18061
Requests: 1 HTTP requests in this frame

Frame: https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 4C61A2F328FF09EEEEA6FC59FE36D8C0
Requests: 25 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO-p_psDEOa-zKMDGOfqm4MCMAE&v=APEucNWoCOc-1Ypt0A8z2DVg8vgiUbqGl4CMidatCxAKgUXt1O2x9m0lYXQ0pXpa03CvTNWwEKHnUzSwNSRorBjmCzGvEmFHSQXIlYQd88nhzuC8IADaj6K5qa6T_lBkA0QWm3v39FusauE5f6LeGXek68BuNRKROkQcR1fUB7n2UFd3AaevjEHPu3pEhnxLNLgd50TymQyaL2BrkzSEShWC1-kvwSv6Gg
Frame ID: 582E567B4AEB979DDD9D097B9FE4F526
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 2FE0C9264CB484F408BB8AA900FB3BE2
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: EBAEA1FD749B14581B5F23A9FBF99BBD
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 55047D8C1FAF0A7263AD6A00588FED64
Requests: 2 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/8949344874281304064/index.html?ev=01_250
Frame ID: 8B435C1ADCE2354A5A94D5FC4D5B77CA
Requests: 24 HTTP requests in this frame

Frame: https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: E7D89ACFEBB369D7F012DCDE5ED3A65E
Requests: 29 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGPSu1YACMAE&v=APEucNW10CsB7QH798PUaD3kSWAw1_nBZg6soVSIhsscEfUI8e1vVcItBWybvRrokhjRoAgkLijJhDN_FBlOuImOWbcN7bIvBzJxTqyBpbhGPNBTeNFAc9QSn6cKRY_cF7sy-2R6UnZ_Yoo07WoS4NOT8hfOsruoK-hmYLvaJu3yE7xSSpbE2SjzBCOMB6U19Tka1LW9pROhUfRhiNRgYUQHfX9GkGmBqw
Frame ID: 5F1D6CC9CC637DC62D2F9F41991EEE64
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: E3A7078206FD22B797638AF7396EE87C
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/10322374245016296065/index.html?ev=01_250
Frame ID: 49C2F78926D9F23B429D8D053F96F3CB
Requests: 16 HTTP requests in this frame

Frame: https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: DA11ABF00D28AB12766436672F5D2922
Requests: 13 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 4E370F46DE1E358212D2336FEA739F0F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMD3swEQ28u5ARijme6CAjAB&v=APEucNVkabyECYbA6t9BUbMZmZ845RHEkTdyMvoqp36Q9GQ2elL6LCAadIY9fe0wLU3pSsQTkd6UoMEHpXME6TECmatFY-CzIU3OP6CBOjFwOJeZ_pOLSj9MdXiFisMgA3tng3ZAshOlSa5j6cQCwlTSVCjCi9R2QXyrkXXLkSCH1RacdZVA5-OT2TFFTeOJYwGTZejh4VZD4mQduqW_lYGhOrDVsFxIKQ
Frame ID: 0A049007B4E24B375FBD13FD180AD674
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 5BBD45CC1459ED45C48F26D116E60557
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/3246924247423529428/300x250.html?e=69&leftOffset=0&topOffset=0&c=mDasyO7XEQ&t=1&renderingType=2&ev=01_250
Frame ID: E0481986D2D5C0FF89920F312A68B4DE
Requests: 11 HTTP requests in this frame

Frame: https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: B57D01EF75279E107AD7372575988CEB
Requests: 29 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLSETBC6jZEBGLaEw-ABMAE&v=APEucNXVg3LYZgPVINqBaRx-AmFvRUIipjNHVUrzjAgu27R2e3xr3YiqnlIsTnIWiaB89sA_jERKYHZDrcbm96KPPIrmSjwikuqj_IwiNUBMVDFfA4iAUlhvSXPUUWrGUGyxn2aF8Bv4KlEAe0O0n4usiP9ocnJipjAvHDq-Q2H5ods59nqB84_jhQte43AMIEblBBZjg1YBvhRIPSudGsMt1ZqSzZeqpg
Frame ID: 96E19F9DA18050D8AAAC4ECADBD6F50D
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
Frame ID: ADC03056781217564C83B78BB988293D
Requests: 1 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/14153027799838875023/300%20x%20250_NEW/_export/index.html?ev=01_250
Frame ID: B009191FD68B599A30A4C589016745EB
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 97E6953BB374D572528040722FB01395
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.613.0_en.html
Frame ID: 2A88A3C55C26664C13BEC4393F63CE66
Requests: 21 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 630B90466F9DB42173DDC9678BEE6B0A
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: DAF3EA431F8E4C290BFE60740E2E7A38
Requests: 1 HTTP requests in this frame

Frame: https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 5422F3C50177498F6EB917A29275537A
Requests: 30 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOrkQEQupmXARjPlIz8ATAB&v=APEucNXx0i22ejfWOMZBF5hldoSSbSRmcJkYYn3VBauFyoE8JCKgYGnJOrtKmKaZuUddEKgikfg2nPdwWvXJBgMwKZui-zvQsh__wJFQgi_oKLfEeYADQOX2tFNq8U_Q1mu1o0NmZF69hokqMPGa_LIOmOcScexsSMkxAKEPHx2aYVIbouGYqhMjgfdpSb1FC5W3ixnM0QHr2fwi9BDelpuNPIWSJcZugQ
Frame ID: 3A2F53DDF35504252E9FFD48A8915249
Requests: 5 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 17439D4E1506CA0250034572805198AE
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 96A79F9881822345733F430B5EB2A8C6
Requests: 3 HTTP requests in this frame

Frame: https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 6F6398A9E8ABCBE893A1A6301686A9E0
Requests: 5 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: BB6301C86B69D7EA1E4E589FCC480FCB
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 8D963A1B4E2E05A6270FB4CA7192D5D4
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/loader21.html?https://libs.outbrain.com/video/vpaid/vpaid.js
Frame ID: 81BD6078318B04F54A49CC8A7F0515A6
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/i_I7gtk5u389ZGUJiYlLngBTR4no54KgcGkAXYvtCUw.js
Frame ID: F1DA02689A23BEC14F8E6A0D6545A668
Requests: 1 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/9304040020665618056/EMEA-DEU_XA-09_0_970x90_BAN-A_HTML5_TOFU-no-Networking%20and%20Security%20Convergence%20Overview_0_105/index.html?ev=01_250
Frame ID: F7156D1955346FDD0D7FE7E38B74C2F4
Requests: 7 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012312191621000/amp4ads-v0.mjs
Frame ID: 9573561E01ACD3C1CE44EE08AF4B521C
Requests: 14 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012312191621000/amp4ads-v0.mjs
Frame ID: 2BF51F54760BAE313F29D492462265D6
Requests: 14 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 4C5A2938FBA7AEC850E98902F076A58C
Requests: 3 HTTP requests in this frame

Frame: https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 304F72F97399ECAC4673EFACADAD8F00
Requests: 21 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjgyrvGATAB&v=APEucNWv3tkSH29UTXrBLqTIflW9mT_5w_TCBI1EzryL6lJnYVB2HFXsUSLdQTqkAgXpMGt3zQDK1Z03YjLwtigLW3iDsCWSnQl3mPUrlekZ0Av--jMxStUMENJkL_8TZq3D1rQ4P8lsNK-Q3yWDppgqiDKzeqRcQUyJjZ5ODW-ETt_p23kMiR2NbyCrkec5gVdGbAMjVnZBSLAuVMnnLULyEiBrgE09Bw
Frame ID: 541D0D70721822070161168BF5D2FABF
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: D84ADDD0B0D3A0AE33252EC35F5D9FA1
Requests: 3 HTTP requests in this frame

Frame: https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: B00DA8D379915C36D60EDB90EF045860
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMD3swEQyrfz-QEYxIHIgQIwAQ&v=APEucNXWEhvtUoEpQaAsiPtM7ohxSXeBjj1blPVt_XOStS8q3WRrEYDGepcbgFOL78cqLZW7U6BarOnz-F28IW5F8jiCtmtOZclG2YAJ1jdX6WryOIop37N-HbROifvh7BqKQGw6Aygfs-4E6LEaTMel0KjlsCcoCBzq-s0zeoMouMwUh4rdfIHV3EM5nAKppuDK-kTrPdpA_Q1Fc5Cej31wG-u1IgIkEA
Frame ID: 750DA31D9FBA36E5FD7AF4C196AE1560
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 53BEA65E0E6B675105391DCA53146301
Requests: 3 HTTP requests in this frame

Frame: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Frame ID: 4A0106D427D4D5229B7BD85BCA41105A
Requests: 3 HTTP requests in this frame

Frame: https://pv.medialead.de/trck/epv/e99aace94e6e58733936cdd965d03e75?subid=48099500138177804444994012577027&t=htlp&gdpr=1&consent=1&gdpr_consent=
Frame ID: 1419DDCB704F5A4881EBFD01B5323D3B
Requests: 1 HTTP requests in this frame

Frame: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3480009841
Frame ID: A00343A0ECFDEC75A0FB28A77D108A7E
Requests: 2 HTTP requests in this frame

Frame: https://5994599.fls.doubleclick.net/activityi;dc_pre=CMrhlLyy8YMDFR1LHgIdawYGLw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5507977492695.828
Frame ID: 4952E02CD621C4F888DE505E7A83C16E
Requests: 2 HTTP requests in this frame

Frame: https://hal900027.redintelligence.net/request_content.php?s=48099500138177804444994012577027&a=626c46bc
Frame ID: 91A33CFB5C1E89B6B6B23080D6B9FF88
Requests: 8 HTTP requests in this frame

Frame: https://c.nsmedia-advertising.com/unibet-32red/DE?l=59046d39-36f5-40b4-82f9-7c31f54eee01&token=512f9a0d-02bf-4d7f-b151-46f4e52f51af&country=DE&region=undefined&ref=&path=aHR0cHM6Ly9jb2x1bmFkb2ZsYS5jb20v&url=aHR0cHM6Ly9iMS50cmlja3lyb2NrLmNvbS9yZWRpcmVjdC5hc3B4P3BpZD03NDQ0NDAyMSZiaWQ9MzQ2NjQ=
Frame ID: 9CF93B5C625717C84C3C1CEDDD666BF4
Requests: 1 HTTP requests in this frame

Frame: https://b1.trickyrock.com/btag=81765197_35BBC6679B4D40E3A84416FDB0255F3D
Frame ID: 3079FC22B9D2C88E88AEBEFDB5D033A2
Requests: 1 HTTP requests in this frame

Frame: https://c.nsmedia-advertising.com/entain-bwin-de/DE?l=239cff6f-3b7d-4c69-a210-880bf0602ea4&token=512f9a0d-02bf-4d7f-b151-46f4e52f51af&country=DE&region=undefined&ref=&path=aHR0cHM6Ly9jb2x1bmFkb2ZsYS5jb20v&url=aHR0cHM6Ly93d3cuYndpbi5kZS9lbi9tb2JpbGVwb3J0YWwvY29udGFjdD93bT01MzIyOTM3
Frame ID: B995B13109819AFC8C297F4567632F69
Requests: 1 HTTP requests in this frame

Frame: https://www.bwin.de/en/mobileportal/contact?wm=5322937
Frame ID: 58E3195B8A0B8D3D5C8320C3B64E9529
Requests: 1 HTTP requests in this frame

Frame: https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 91BBBB2C7836EA201BC71AF1FEB9FA91
Requests: 1 HTTP requests in this frame

Frame: https://www.gstatic.com/mysidia/4b0ef9dfa83525e0607f42119c034d23.js?tag=client_fast_engine_2019
Frame ID: 2D5901F025C36EDA1B3D44B7FF3E1376
Requests: 12 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3267810564073031531/index.html
Frame ID: 7C52BBC8012A624AB8A83BC09288F451
Requests: 16 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 8D468BEB2F1E62BE02E6577AC29ADAFB
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/i_I7gtk5u389ZGUJiYlLngBTR4no54KgcGkAXYvtCUw.js
Frame ID: D99D7F1F24B129C858184F56E8DBE775
Requests: 1 HTTP requests in this frame

Frame: https://c.nsmedia-advertising.com/stakecom/DE?l=91415f86-0c2d-45ad-98fb-f81df7f55862&token=512f9a0d-02bf-4d7f-b151-46f4e52f51af&country=DE&region=undefined&ref=&path=aHR0cHM6Ly9jb2x1bmFkb2ZsYS5jb20v&url=aHR0cHM6Ly9zdGFrZS5jb20vP2M9NmRhY2FjMzdmYw==
Frame ID: E12F889AEDB1BAC8DF5A83C53A2642F6
Requests: 1 HTTP requests in this frame

Frame: https://stake.com/?c=6dacac37fc
Frame ID: 78DDE47F4CED08742AE40B8693BB5E3E
Requests: 1 HTTP requests in this frame

Frame: https://c.nsmedia-advertising.com/unibet-32red/DE?l=aefbab6b-ab68-4aa8-a4e1-e71c61963eac&token=512f9a0d-02bf-4d7f-b151-46f4e52f51af&country=DE&region=undefined&ref=&path=aHR0cHM6Ly9jb2x1bmFkb2ZsYS5jb20v&url=aHR0cHM6Ly9iMS50cmlja3lyb2NrLmNvbS9yZWRpcmVjdC5hc3B4P3BpZD03NDQ0NDAyMSZiaWQ9MjE3NzU=
Frame ID: 56863BA07A905F47956A6B5390696502
Requests: 1 HTTP requests in this frame

Frame: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Frame ID: 3CF3C08B261084F2DFA1DBDDCDF1A555
Requests: 4 HTTP requests in this frame

Frame: https://www.unibet.com/stan/campaign.do?cmpId=2582340&affiliateId=1&unibetTarget=/eng-int/sportsbook/multi-sports/index.html&targetDomain=https://welcome.unibet.com&btag=81765197_5AC82A9B681E4F25AB212B63ECFDF86D&affiliateId=1&pid=74444021&bid=21775
Frame ID: D3DED422BB82E849DC005B34FD296715
Requests: 1 HTTP requests in this frame

Frame: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Frame ID: 54122F2B56319AA2CE88CCE94E7D77BE
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Flamengo | Notícias, jogos e vídeos

Page URL History Show full URLs

  1. http://colunadofla.com.br/ HTTP 301
    https://colunadofla.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • addtoany\.com/menu/page\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • cdn\.onesignal\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • /prebid\.js
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • analytics\.webgains\.io
Overall confidence: 100%
Detected patterns
  • <iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

642
Requests

92 %
HTTPS

40 %
IPv6

73
Domains

121
Subdomains

104
IPs

12
Countries

9585 kB
Transfer

23018 kB
Size

63
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://colunadofla.com.br/ HTTP 301
    https://colunadofla.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 119
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=CE77C39BDACB4A558FC17015DA3FA71C&RedC=c.clarity.ms&MXFR=232419580EBE6C1C39090D560ABE629B HTTP 302
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=CE77C39BDACB4A558FC17015DA3FA71C&MUID=0D74168E42E26CD418090280434E6D3F
Request Chain 154
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHA69z9e2lnpzbPz_mTH0u0&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHA69z9e2lnpzbPz_mTH0u0&google_cver=1&C=1
Request Chain 155
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Za6U4ZN7oIWYpN0MSEQ1kAAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHA69z9e2lnpzbPz_mTH0u0&google_cver=1
Request Chain 156
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEIcvZB41U-A7JknQjC4Xb7M&google_cver=1
Request Chain 157
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODA2NDE4MTQ3NDcxMjczOTk0
Request Chain 216
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHA69z9e2lnpzbPz_mTH0u0&google_cver=1
Request Chain 217
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Za6U4ZN7oIWYpN0MSEQ1kAAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHA69z9e2lnpzbPz_mTH0u0&google_cver=1
Request Chain 218
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEIcvZB41U-A7JknQjC4Xb7M&google_cver=1
Request Chain 219
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODA2NDE4MTQ3NDcxMjczOTk0
Request Chain 256
  • https://fw.adsafeprotected.com/rfw/st/1874223/77019481/4.js?ias_dspID=3&ias_campId=1015060172&ias_pubId=pub-8170966538152543&ias_chanId=1&ias_placementId=20839934288&bidurl=https://colunadofla.com/&ias_dealId=&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0jcRkIUqPk6oUO8UzGAB1FY&adContainerId=brand_safety_4pSuZe3SEcnpx_APlu-YwA8&cbFunctionName=goog_wrapCb_4pSuZe3SEcnpx_APlu-YwA8&true_pb=&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Fcolunadofla.com&adsafe_type=y&adsafe_url=https%3A%2F%2Fcolunadofla.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:e6e6cb43-d112-5d96-5a03-45b5fbae2e9d,c:22ZZYF,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-7b546d5668-bklws,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:3,mot:0,app:0,maw:0,fm:u26PcEG+11%7C12%7C13%7C14%7C15%7C16%7C171%7C172%7C173%7C18%7C19%7C1a*.1874223-77019481%7C1a1%7C1a2%7C1a3%7C1b,idMap:1a*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:na,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:12,oid:9c7e7577-b941-11ee-895b-e2c57465a59f,v:19.8.473,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://static.adsafeprotected.com/4.js?ias_xappb=&adContainerId=brand_safety_4pSuZe3SEcnpx_APlu-YwA8&cbFunctionName=goog_wrapCb_4pSuZe3SEcnpx_APlu-YwA8&true_pb=
Request Chain 275
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHA69z9e2lnpzbPz_mTH0u0&google_cver=1
Request Chain 276
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Za6U4ZN7oIWYpN0MSEQ1kAAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHA69z9e2lnpzbPz_mTH0u0&google_cver=1
Request Chain 277
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEIcvZB41U-A7JknQjC4Xb7M&google_cver=1
Request Chain 278
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODA2NDE4MTQ3NDcxMjczOTk0
Request Chain 296
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHA69z9e2lnpzbPz_mTH0u0&google_cver=1
Request Chain 297
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Za6U4ZN7oIWYpN0MSEQ1kAAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHA69z9e2lnpzbPz_mTH0u0&google_cver=1
Request Chain 298
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEIcvZB41U-A7JknQjC4Xb7M&google_cver=1
Request Chain 299
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODA2NDE4MTQ3NDcxMjczOTk0
Request Chain 323
  • https://fw.adsafeprotected.com/rfw/st/1350098/69352127/4.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=1015282671&ias_pubId=pub-8170966538152543&ias_chanId=1&ias_placementId=20884453817&bidurl=https://colunadofla.com/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0h2Fxzks1FKGQ6QNc8lo01K&adContainerId=brand_safety_4pSuZdHiOprKx_AP08ScmAg&cbFunctionName=goog_wrapCb_4pSuZdHiOprKx_AP08ScmAg&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_300x250.js&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Fcolunadofla.com&adsafe_type=y&adsafe_url=https%3A%2F%2Fcolunadofla.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:25b9d9e9-1d95-accb-ba98-1e1a95dac902,c:23007p,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-7b546d5668-vcwnn,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:2,mot:0,app:0,maw:0,fm:u26PcNj+11%7C12%7C13%7C14%7C15%7C16%7C171%7C172%7C173%7C18%7C191%7C192%7C193%7C194%7C1a1%7C1a2%7C1a311%7C1b*.1350098-69352127%7C1b1%7C1b2%7C1b3%7C1c%7C1d,idMap:1b*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:DIV,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:18,oid:9cd806a1-b941-11ee-818e-6eee89d3d0e8,v:19.8.473,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_4pSuZdHiOprKx_AP08ScmAg&cbFunctionName=goog_wrapCb_4pSuZdHiOprKx_AP08ScmAg&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_300x250.js
Request Chain 350
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECqC4sGok-8c3ONfxFpLRHI&google_cver=1
Request Chain 352
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESEOyEfaKH1WAzjE5uXpLbAPc&google_cver=1
Request Chain 358
  • https://fw.adsafeprotected.com/rfw/bgd/1474271/76103297/xbbe/creative/adj?p=APEucNWeGIYUrziJdMiOe2DejPKfxOYFRkfknzdL8iWDZcUCCrzjlRk&d=CokBAKAmf-CveTb4HALS97R_G6Dg4fdl8iowPcxjdD4fy4o-PdUoIDdtRWfNP7utTKzETqYByavJ2XxG7EnLKIywom1VqIC_m8FFxT1umBgdsnn6UkHLRhlYRC_ojqVL8pMhS9KvLJ7S-a7mDgRSuzAxx02V-jIWMan12ug7KxypuReI4NvAf-PXf8ISiRcAoCZ_4Nrloz5rYi7fVq7qZTzxKYic4a0wBFM9IqL0atxqz0_zg8IFDlvMxT2wjMCksPAVLqUdpfZWEO8h1MfnLfjSrd2tsO6C2bQvcDnJr5WcInGmR90YL324gTYwJc7tCCroOdm805nL1zqvXRU_Mp0s-GqvFUMlNSgafb5FRej7SYWQSZLxmGov712KClRKjISTU01zqSYvShL2pRR8fUHY1x0HmBc10jw9nKUULLjUiOmOpnrbDxwXHufd9VIKvdGwO0ib_IJsD_JL9aozJfb-Ti8uC9GeY-QZ8wFPYwBEf784ZruOvuvDHR0wTmauw2xvo_HyReLY0iDEPeHcE57F0kyEU4P43vfkmw4dxb_CbmCa6B09GbOPY00r9c3ArXVwteenXugMiKq5OVo5xM2Bu_LT59LNSgnja0RvnXXHLqBtS5LK7gLNjtQIqz5aNJknyXKvgHYnEF2TLpdFfjuVLjbWBBFfJQaU-PL1Baz4qYaYmKSYicJZCvSyWjEemWKBxOaquub4UnjxUSSHtHhqq7GTYWpzEbg3a23ry1lMYJ42hd122q-MA9_erzH2ufczRRYhM4QAqguQe7uDeCrprDO5U8q_IPuxZlSZFgGPDW8Va4M8TswzMqqGAv9JDhN8h4oNTJoKf3U3-0nk5KUAgvMLipYPXaM7Zj1fVjmBsztH1yH9WzER5n-tSNYIbsKD6fvKhlkqsrjj1oglb_6uGkztmUgNdZmdK-43sP5dfBO31h9nbFbXSjVtta2KH9JPvHsVsp5bO080qj7PRQY7xuZa6FuByO4Ddim5UizqFqsqXwKWITzpWLaUXkxASyKwD7Eo6X_8Bz74JNliWg19EnTJyEcRPsh48SphLYFbLncYUw67Tpl_XTz8unX-IRMvyoset8FZ7p4dPPQCt9x-BzaiYaFFkQM70kS2N68w5uzn0YL5aiP2zOqxRJiEOzmIre1zR3Y5mNwnBCLctgHQzq_xl9P47anAoDHzz8OcFn718_LjVWIH141hP8LOvObrI1-jMsrX6v47tFt6ea_YDYEt02sfKL-vs_3xTqYG1S817CI-oJ-o1c1KvRGLh-4q7uPqjzTqkTH7UB9p-UQ9g4MmvzAKZV4dMwxj22qVmDAnkXp6zsOgL14PsnUXM7v1JhhH578MnpLauLIUHkS_AAXXXNDSA1jsGPNeYrA6AE0JvFASRSWOsLldmSJPDrgpn8sTUJgBesC7hS-xKvNk-RofNkzkCKCrskRnN6DyEPdxE8bDhXqgnerh18hOpvfq3lhBxU6t0qiUEUl051Bxbh-cHAwiDiAXBohjlJSczxLo3vdoI_iDmIojaAAKiGfRul1D7kOHOQkEobMiouF-VvQEo3ziHjsP4qI7NVU64xE1IPhX7fgPEbdY4rF7EgvFhhm6grdczUegrkwGqoGw0RLgm2uHCYcdgzTpgYRTnS2gU8qm_G3W5Ddf1LgTzKZbpXEoWk4Ofub0xRB-NqciAPU73OqFvEjhpxUdEGwSyWVPNu1sQxFF3rYfLyq6_Kr9Cf964153m5TSNaSLEnE8bAeOjVfJIXQBkQwg59er0-p5UYfuprBgEPviPBZwGNCao34PNfO0Jv9LntWsStQYTaIyZNKd6SyJe8z1y1RbWibxqCgrWFXiSAG9i0vaqQ_Tfwp33UP5l2y3rsfKWbsKasNPLhxc5BSV2pt-DIqC0VifhztMntqbz9NVnZGa5NJmNpkXh3yrNwgqUM_zmdcX21LLeM-HkGfQJ9wgJV1C39NNRosaVf68w9-5VfriOPw8gAUMcm-rd4_TbveXght8ky-Kc75RcAv-hQ-ZtLJ0MxMLqBzPuH0uMYEsDVCoU7hmrr4LMEAF4XxW4fZuLjY6KSPLrJTbBABg4JHQHW-s7J7jZ6wVZV7yVyLCCx1rKXKhL2weLkkm3M5-GjqPztKQaAxjF_bRmNiqrMaej5D_GEXkbvY7Qyd6flDaMLI5NxPDGIlFXIJMsTZ7UYbt00HHWYJwKCzd5BSwmVAWoKdLiOHoHqRkkHD6ZwhOjeKfDzlLxwZg-givGrYw9e7xYTLaqiGvatjGs-8hQGOuRNm7eIef7sYTZS5D7W7INW7yGFOgz1e2egWGNIYCYaahixVSeiiX1-bRrVn6gJijSr9Sz67AuhKaiATSQzPHFMe_8wibkkjZ4eEIWW_5WM7NTq4U8wxARZKOuieOczWTiOl_9DT38ItOX5uMDh54u8HstUkd7U6ygjGXiMEBxoAtbfUn8vbGQZfLlVd2bhwu0Kgdb5uv6Jnu_Z5e0FPT8y7xktg3SOtrTPd2Nm2t5QfR47x0L8wx0uyUybfJpwVLimLqWavdPWLgdcjV1iH-GvD5GfU7ULxcnX2HuNa8qohjK7aLXBOhIFpskZACF19nr3fvKW-qR8gxMxRa2VQdMTaIdzjCg8fIod2vG96U4YMEXEZYVeCz0tiKl7N2I1LcewYgOn8RHB7SudbhEOeShKUec7sRQOEbWk66MMdWNQfDnaWU6eupESj8Dy4GI-VmDmpTDXFDoZFFJaSk_-_HPhh52vlxE9fJCd-uo_uMokRVt8VWUN73zkQ05E5r140DN5LWMTwPqQpbjXLnruBVFA3DxAq2YkzzPELQ39-bdtjo2tjRh4dnbqNm-OM3BVUzfPD25cIRD6GY-4mgdqY4HhcAO59Mk_ZXH25I_2dF5X9WbFfudmKvPb_alTdQnGTFDPdB7dKXzV5h7ExJ6i3iH7y2dII4n5ytLdDDCzLRQGRTpK_fPsZg5q9xso7VCjoFAQDbxQQCKDOcxI3zoh8TV-yI34y6bGmFCAs6_GLfe8wbck3nuhYFmERAMEKJi7qB5Zsx5OSZhRAWWaJjPsKu8SDP2-muGcZAEjg0g_yS5XsXD39Kif3svOlSTzE2QFRJRsHbh1FBkm1AlaI8hadeTWQTtciJH-ZCf6kjYCfccLJ16m0Pdx8iiNTgp6bV7wROcU6S6tAGCTm1hpSZB4Xo2Wbqs9sVQyl-4BJfETm2BH0Q-on7HW-V9U0BfcnvOMe3mZfInmF7gwcrw8xX3G8gfDbTU1Sa7L3nhZhMPltrm9SsHMa3pf61h-mBFcf-5E9J5dPIAC2_v04_gT12obG2QsvXZpxKBQEHx4djH6-iOxsKwR0RI6JMKEG-MMzrADYz5zjBS3-fDeQCmSIaw__OkHNZ21bvM146ApjHEU78U3lnGTeZ1B1CdD2VIjSflGySfevN5_3d_nQjKEN3y0hB_S35QQHf8VF56urEqf3Ba-L5tfUS6IPvPBZKggFY8ZjOhAmSU5sUsc_Gi682TAMxgVcW64Y_KQDN6Qi5_TbKcchJC4VY-83x0LnA-bTNW2O9HT7aDIGDpv-LD0rxqUuBU9if3qlbXFwfvKRTu7JAe9RjOom15zYPi4pBXSeD0TzECrOzqpAesKJlV-tHJlp1KdDB0tAK0mw8C86desllM660izKlhvdleDfxQjB4pNby8CY9hcRve2W1OFVG32-E9TaSnLpi22_XrlSo2jKa0drqHMA-pdIi-mfHNes-mF8VWC-D7gInAVaVecyYzGZCNQmZZP-WLI_RxGnC51z4VzVoWdBO6oU0XCGRdLQyjZNgu5zTu7kA4A8EngHFLf9Y-YIudnwmVw7gefucIK3EOVf0pGouOcUzelszEPr5zzkJp4zFzAq7Dr91rAQBEx2kmxuab6uF31nn_Sd2bekkcOYSfC6rvBXS8KQnapvlx5zO9svglN4ieJSrgpjYTXlw3359jJgUPbM45TqK9ZztbM82NAejGl1XQz4MmeMK4Fc08ZdnK7xCRY0Dj_jkq5Wf74UvKN7JxP43FZRYjUR4R4FfHP_n1hwepP1wdKNYcmjcfZH_Uaq8K0nTtvGR3-dt3HG1IqKJD7j-itxAP8wmyW62o1tZ72edDU32GlUIBBJPAC8eF_-TgalCXVFDcN7N6VZtOFNzDMPvJ7f8XvFgs25H4BT-k0XwfrF9z9HnsJxGo-E9mYY5i9gbiUeXi6RS832Sf0V1gsxQKsHuOKdatRgBYAE&bundleId=&ias_dspID=3&ias_campId=1012200182&ias_pubId=pub-8170966538152543&ias_chanId=1&ias_placementId=20123185343&bidurl=https://colunadofla.com/&ias_dealId=&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0gp_7qIEEu_j0mI7XzmWMmQ&adsafe_url=https%3A%2F%2Fcolunadofla.com&adsafe_type=y&adsafe_url=https%3A%2F%2Fcolunadofla.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:dcc17185-d318-4fed-4bef-e2516e11c71d,c:2300fn,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-7b546d5668-c5bhg,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.970.90,am:i,cc:NaN.NaN.970.90,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:3,mot:0,app:0,maw:0,fm:u26PcVn+11%7C12%7C13%7C14%7C15%7C16%7C171%7C172%7C173%7C18%7C191%7C192%7C193%7C194%7C1a1%7C1a2%7C1a31%7C1b1%7C1b2%7C1b3%7C1b4%7C1c%7C1d1%7C1d2%7C1e*.1474271-76103297%7C1e1,idMap:1e*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:13,oid:9d13fe61-b941-11ee-bc35-02b2dab6601e,v:19.8.473,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNWeGIYUrziJdMiOe2DejPKfxOYFRkfknzdL8iWDZcUCCrzjlRk&d=CokBAKAmf-CveTb4HALS97R_G6Dg4fdl8iowPcxjdD4fy4o-PdUoIDdtRWfNP7utTKzETqYByavJ2XxG7EnLKIywom1VqIC_m8FFxT1umBgdsnn6UkHLRhlYRC_ojqVL8pMhS9KvLJ7S-a7mDgRSuzAxx02V-jIWMan12ug7KxypuReI4NvAf-PXf8ISiRcAoCZ_4Nrloz5rYi7fVq7qZTzxKYic4a0wBFM9IqL0atxqz0_zg8IFDlvMxT2wjMCksPAVLqUdpfZWEO8h1MfnLfjSrd2tsO6C2bQvcDnJr5WcInGmR90YL324gTYwJc7tCCroOdm805nL1zqvXRU_Mp0s-GqvFUMlNSgafb5FRej7SYWQSZLxmGov712KClRKjISTU01zqSYvShL2pRR8fUHY1x0HmBc10jw9nKUULLjUiOmOpnrbDxwXHufd9VIKvdGwO0ib_IJsD_JL9aozJfb-Ti8uC9GeY-QZ8wFPYwBEf784ZruOvuvDHR0wTmauw2xvo_HyReLY0iDEPeHcE57F0kyEU4P43vfkmw4dxb_CbmCa6B09GbOPY00r9c3ArXVwteenXugMiKq5OVo5xM2Bu_LT59LNSgnja0RvnXXHLqBtS5LK7gLNjtQIqz5aNJknyXKvgHYnEF2TLpdFfjuVLjbWBBFfJQaU-PL1Baz4qYaYmKSYicJZCvSyWjEemWKBxOaquub4UnjxUSSHtHhqq7GTYWpzEbg3a23ry1lMYJ42hd122q-MA9_erzH2ufczRRYhM4QAqguQe7uDeCrprDO5U8q_IPuxZlSZFgGPDW8Va4M8TswzMqqGAv9JDhN8h4oNTJoKf3U3-0nk5KUAgvMLipYPXaM7Zj1fVjmBsztH1yH9WzER5n-tSNYIbsKD6fvKhlkqsrjj1oglb_6uGkztmUgNdZmdK-43sP5dfBO31h9nbFbXSjVtta2KH9JPvHsVsp5bO080qj7PRQY7xuZa6FuByO4Ddim5UizqFqsqXwKWITzpWLaUXkxASyKwD7Eo6X_8Bz74JNliWg19EnTJyEcRPsh48SphLYFbLncYUw67Tpl_XTz8unX-IRMvyoset8FZ7p4dPPQCt9x-BzaiYaFFkQM70kS2N68w5uzn0YL5aiP2zOqxRJiEOzmIre1zR3Y5mNwnBCLctgHQzq_xl9P47anAoDHzz8OcFn718_LjVWIH141hP8LOvObrI1-jMsrX6v47tFt6ea_YDYEt02sfKL-vs_3xTqYG1S817CI-oJ-o1c1KvRGLh-4q7uPqjzTqkTH7UB9p-UQ9g4MmvzAKZV4dMwxj22qVmDAnkXp6zsOgL14PsnUXM7v1JhhH578MnpLauLIUHkS_AAXXXNDSA1jsGPNeYrA6AE0JvFASRSWOsLldmSJPDrgpn8sTUJgBesC7hS-xKvNk-RofNkzkCKCrskRnN6DyEPdxE8bDhXqgnerh18hOpvfq3lhBxU6t0qiUEUl051Bxbh-cHAwiDiAXBohjlJSczxLo3vdoI_iDmIojaAAKiGfRul1D7kOHOQkEobMiouF-VvQEo3ziHjsP4qI7NVU64xE1IPhX7fgPEbdY4rF7EgvFhhm6grdczUegrkwGqoGw0RLgm2uHCYcdgzTpgYRTnS2gU8qm_G3W5Ddf1LgTzKZbpXEoWk4Ofub0xRB-NqciAPU73OqFvEjhpxUdEGwSyWVPNu1sQxFF3rYfLyq6_Kr9Cf964153m5TSNaSLEnE8bAeOjVfJIXQBkQwg59er0-p5UYfuprBgEPviPBZwGNCao34PNfO0Jv9LntWsStQYTaIyZNKd6SyJe8z1y1RbWibxqCgrWFXiSAG9i0vaqQ_Tfwp33UP5l2y3rsfKWbsKasNPLhxc5BSV2pt-DIqC0VifhztMntqbz9NVnZGa5NJmNpkXh3yrNwgqUM_zmdcX21LLeM-HkGfQJ9wgJV1C39NNRosaVf68w9-5VfriOPw8gAUMcm-rd4_TbveXght8ky-Kc75RcAv-hQ-ZtLJ0MxMLqBzPuH0uMYEsDVCoU7hmrr4LMEAF4XxW4fZuLjY6KSPLrJTbBABg4JHQHW-s7J7jZ6wVZV7yVyLCCx1rKXKhL2weLkkm3M5-GjqPztKQaAxjF_bRmNiqrMaej5D_GEXkbvY7Qyd6flDaMLI5NxPDGIlFXIJMsTZ7UYbt00HHWYJwKCzd5BSwmVAWoKdLiOHoHqRkkHD6ZwhOjeKfDzlLxwZg-givGrYw9e7xYTLaqiGvatjGs-8hQGOuRNm7eIef7sYTZS5D7W7INW7yGFOgz1e2egWGNIYCYaahixVSeiiX1-bRrVn6gJijSr9Sz67AuhKaiATSQzPHFMe_8wibkkjZ4eEIWW_5WM7NTq4U8wxARZKOuieOczWTiOl_9DT38ItOX5uMDh54u8HstUkd7U6ygjGXiMEBxoAtbfUn8vbGQZfLlVd2bhwu0Kgdb5uv6Jnu_Z5e0FPT8y7xktg3SOtrTPd2Nm2t5QfR47x0L8wx0uyUybfJpwVLimLqWavdPWLgdcjV1iH-GvD5GfU7ULxcnX2HuNa8qohjK7aLXBOhIFpskZACF19nr3fvKW-qR8gxMxRa2VQdMTaIdzjCg8fIod2vG96U4YMEXEZYVeCz0tiKl7N2I1LcewYgOn8RHB7SudbhEOeShKUec7sRQOEbWk66MMdWNQfDnaWU6eupESj8Dy4GI-VmDmpTDXFDoZFFJaSk_-_HPhh52vlxE9fJCd-uo_uMokRVt8VWUN73zkQ05E5r140DN5LWMTwPqQpbjXLnruBVFA3DxAq2YkzzPELQ39-bdtjo2tjRh4dnbqNm-OM3BVUzfPD25cIRD6GY-4mgdqY4HhcAO59Mk_ZXH25I_2dF5X9WbFfudmKvPb_alTdQnGTFDPdB7dKXzV5h7ExJ6i3iH7y2dII4n5ytLdDDCzLRQGRTpK_fPsZg5q9xso7VCjoFAQDbxQQCKDOcxI3zoh8TV-yI34y6bGmFCAs6_GLfe8wbck3nuhYFmERAMEKJi7qB5Zsx5OSZhRAWWaJjPsKu8SDP2-muGcZAEjg0g_yS5XsXD39Kif3svOlSTzE2QFRJRsHbh1FBkm1AlaI8hadeTWQTtciJH-ZCf6kjYCfccLJ16m0Pdx8iiNTgp6bV7wROcU6S6tAGCTm1hpSZB4Xo2Wbqs9sVQyl-4BJfETm2BH0Q-on7HW-V9U0BfcnvOMe3mZfInmF7gwcrw8xX3G8gfDbTU1Sa7L3nhZhMPltrm9SsHMa3pf61h-mBFcf-5E9J5dPIAC2_v04_gT12obG2QsvXZpxKBQEHx4djH6-iOxsKwR0RI6JMKEG-MMzrADYz5zjBS3-fDeQCmSIaw__OkHNZ21bvM146ApjHEU78U3lnGTeZ1B1CdD2VIjSflGySfevN5_3d_nQjKEN3y0hB_S35QQHf8VF56urEqf3Ba-L5tfUS6IPvPBZKggFY8ZjOhAmSU5sUsc_Gi682TAMxgVcW64Y_KQDN6Qi5_TbKcchJC4VY-83x0LnA-bTNW2O9HT7aDIGDpv-LD0rxqUuBU9if3qlbXFwfvKRTu7JAe9RjOom15zYPi4pBXSeD0TzECrOzqpAesKJlV-tHJlp1KdDB0tAK0mw8C86desllM660izKlhvdleDfxQjB4pNby8CY9hcRve2W1OFVG32-E9TaSnLpi22_XrlSo2jKa0drqHMA-pdIi-mfHNes-mF8VWC-D7gInAVaVecyYzGZCNQmZZP-WLI_RxGnC51z4VzVoWdBO6oU0XCGRdLQyjZNgu5zTu7kA4A8EngHFLf9Y-YIudnwmVw7gefucIK3EOVf0pGouOcUzelszEPr5zzkJp4zFzAq7Dr91rAQBEx2kmxuab6uF31nn_Sd2bekkcOYSfC6rvBXS8KQnapvlx5zO9svglN4ieJSrgpjYTXlw3359jJgUPbM45TqK9ZztbM82NAejGl1XQz4MmeMK4Fc08ZdnK7xCRY0Dj_jkq5Wf74UvKN7JxP43FZRYjUR4R4FfHP_n1hwepP1wdKNYcmjcfZH_Uaq8K0nTtvGR3-dt3HG1IqKJD7j-itxAP8wmyW62o1tZ72edDU32GlUIBBJPAC8eF_-TgalCXVFDcN7N6VZtOFNzDMPvJ7f8XvFgs25H4BT-k0XwfrF9z9HnsJxGo-E9mYY5i9gbiUeXi6RS832Sf0V1gsxQKsHuOKdatRgBYAE&ias_xappb=
Request Chain 389
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 394
  • https://cm.g.doubleclick.net/pixel?google_nid=tailtarget_dmp&google_cm&google_ula=862479430 HTTP 302
  • https://cm.t.tailtarget.com/doubleclick?google_gid=CAESECzx4GxJdq6slsNhk3duKrA&google_cver=1&google_ula=862479430,0
Request Chain 468
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESECTNZ2feq2tOOqU9chLyOO0&google_cver=1
Request Chain 481
  • https://hal900027.redintelligence.net/request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=d7d4da785f&subid=&uid=f0cc4bf6a8ecff1b&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCDAHR5JSuZYSlGa-h9u8Pqdy2kA6m5b2gab2TnKfJD_AuEAEgqtOMaGCVkpqCrAfIAQmpAjbE8JEfR7I-qAMByAObBKoEnwJP0GRHTKy4o3IntTYjZmcLv-NRdB5HGGIArVM03RRs5DkqNLHX-aunhHQcG5DVofoOZ5RU3QSFsRcp0kdHMDtp8h5d-mNVwJ4BgSpGXWUhnz017bRHoS2tP0ie5Gbw1uaSCv6L1oIagnVDkjuCHQQUrbrC2_q76-cs3LrDVntoWW1GbxG6HINTn5rNtesSaITLlwHS4YhT4_eBK0fHgXOYlob1fzE6SPmsJHDHRfNEP6LCkQe_EItsThhEBTquXc9QwbdL7dAytuz-RATGLrYjIMziMs8LXmgshSF-LQrZQKZEppM1GhI_k0DJoXU-1pPYBo_v6nKfmw2xNuNLlHq2c5wYX3f9B-dKA7xH1FF-IZQ2kul958VSy92GfzFVwMAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIDhgBAQARgdMgKqAjoCgEBIvf3BOliErem5svGDA4AKA5gLAcgLAYAMAaoNAkRF4g0TCPne6bmy8YMDFa-Q_QcdKa4N4rATh--xFdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTgAvHhf_RV0BhrvZWimw9WKQVGHgTiX6y4hfgvSK0ed4HargYin8aZm_23Nxh5YrQSWYc8DfyHrL3_xCCzQkpKesDvnLCoioHZCQ9JaXhxgB%26sig%3DAOD64_2588TY6D2shwvI3z07isDfkWVpEQ%26client%3Dca-pub-8170966538152543%26dbm_c%3DAKAmf-D3oao7XkxFFlsOJjEUfeTJ9jlxAYisNJcSDe8k6f6ZfTJULjc88I0PANUEHcTGBCqdifLdFglmUvDXTEXKeZal_Q2sRZ-unvH2p-NuER4pvdX4qewDph06AIhx0p3WZrxtDuF9dI4m89RWBry2Xsoy6PIHRhu9_80YYqCjIh0-d5L9K9g%26cry%3D1%26dbm_d%3DAKAmf-Dn9ErNWysqZ5iMeMbi-G0Gjsgpv664SvBfogZvMxy2oNKtfCx5uaAf9Fk4GiF2JZklUcvDPM7Zs1rXh0jTS2ipuEUv2fxz30BCPVBe3sttFJam4yLtSx8bwAALpQzQFdmLHwojyGtf6YonjerlP7LyQVo0t2h1PLHXl0DigOkiUXPUPYY7ZUhMi-09MdPVcB9FAOGLGTK26UvI1uz0qWM4JI2VrD9C7-I9RoTn1e3dYiwhWs_gYtqClm4T_S2XDnHUAJDNkqeWXytr0bPS-Ctza1Z0yUOW9Mi2jYLosrAJuSdKDLu7tffdBqpL3kNaxgS6UwEoli7gtUwHB2dDzUeKcevRFIf-9LbkttWpqQSnV_Upa_dIgftVDl11UZXSjyR9ny21FlI3YXDrY6SERW-KcVOMXoHHQP18pvcxVeCyjtAXgXq3y-hfcPRdmbpbX9yXpMH8sxjs4c1MRMZ7Ysbw-kVaM1ArFDARuEiooMLSaAMQYIeAtEWeMQ5O8jHKe6-JRvHKc7GGpFWD4uSFie7Hbm45RA%26adurl%3D&documentReferer=https%3A%2F%2Fcolunadofla.com%2F&ancestorOrigins=https%3A%2F%2Fcolunadofla.com&random=695345089873&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
  • https://hal900027.redintelligence.net/request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=d7d4da785f&subid=&uid=f0cc4bf6a8ecff1b&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCDAHR5JSuZYSlGa-h9u8Pqdy2kA6m5b2gab2TnKfJD_AuEAEgqtOMaGCVkpqCrAfIAQmpAjbE8JEfR7I-qAMByAObBKoEnwJP0GRHTKy4o3IntTYjZmcLv-NRdB5HGGIArVM03RRs5DkqNLHX-aunhHQcG5DVofoOZ5RU3QSFsRcp0kdHMDtp8h5d-mNVwJ4BgSpGXWUhnz017bRHoS2tP0ie5Gbw1uaSCv6L1oIagnVDkjuCHQQUrbrC2_q76-cs3LrDVntoWW1GbxG6HINTn5rNtesSaITLlwHS4YhT4_eBK0fHgXOYlob1fzE6SPmsJHDHRfNEP6LCkQe_EItsThhEBTquXc9QwbdL7dAytuz-RATGLrYjIMziMs8LXmgshSF-LQrZQKZEppM1GhI_k0DJoXU-1pPYBo_v6nKfmw2xNuNLlHq2c5wYX3f9B-dKA7xH1FF-IZQ2kul958VSy92GfzFVwMAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIDhgBAQARgdMgKqAjoCgEBIvf3BOliErem5svGDA4AKA5gLAcgLAYAMAaoNAkRF4g0TCPne6bmy8YMDFa-Q_QcdKa4N4rATh--xFdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTgAvHhf_RV0BhrvZWimw9WKQVGHgTiX6y4hfgvSK0ed4HargYin8aZm_23Nxh5YrQSWYc8DfyHrL3_xCCzQkpKesDvnLCoioHZCQ9JaXhxgB%26sig%3DAOD64_2588TY6D2shwvI3z07isDfkWVpEQ%26client%3Dca-pub-8170966538152543%26dbm_c%3DAKAmf-D3oao7XkxFFlsOJjEUfeTJ9jlxAYisNJcSDe8k6f6ZfTJULjc88I0PANUEHcTGBCqdifLdFglmUvDXTEXKeZal_Q2sRZ-unvH2p-NuER4pvdX4qewDph06AIhx0p3WZrxtDuF9dI4m89RWBry2Xsoy6PIHRhu9_80YYqCjIh0-d5L9K9g%26cry%3D1%26dbm_d%3DAKAmf-Dn9ErNWysqZ5iMeMbi-G0Gjsgpv664SvBfogZvMxy2oNKtfCx5uaAf9Fk4GiF2JZklUcvDPM7Zs1rXh0jTS2ipuEUv2fxz30BCPVBe3sttFJam4yLtSx8bwAALpQzQFdmLHwojyGtf6YonjerlP7LyQVo0t2h1PLHXl0DigOkiUXPUPYY7ZUhMi-09MdPVcB9FAOGLGTK26UvI1uz0qWM4JI2VrD9C7-I9RoTn1e3dYiwhWs_gYtqClm4T_S2XDnHUAJDNkqeWXytr0bPS-Ctza1Z0yUOW9Mi2jYLosrAJuSdKDLu7tffdBqpL3kNaxgS6UwEoli7gtUwHB2dDzUeKcevRFIf-9LbkttWpqQSnV_Upa_dIgftVDl11UZXSjyR9ny21FlI3YXDrY6SERW-KcVOMXoHHQP18pvcxVeCyjtAXgXq3y-hfcPRdmbpbX9yXpMH8sxjs4c1MRMZ7Ysbw-kVaM1ArFDARuEiooMLSaAMQYIeAtEWeMQ5O8jHKe6-JRvHKc7GGpFWD4uSFie7Hbm45RA%26adurl%3D&documentReferer=https%3A%2F%2Fcolunadofla.com%2F&ancestorOrigins=https%3A%2F%2Fcolunadofla.com&random=695345089873&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Request Chain 498
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm&google_dbm HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEMmCp3KNgEr-gNj5ws9H1oI&google_cver=1
Request Chain 499
  • https://ads.stickyadstv.com/user-matching?id=11 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=M2E5YzE5MTg0ZDVlYTA3MmY1ZTY1NTZjYzg2MjYwODM=&gdpr=0&gdpr_consent=
Request Chain 500
  • https://cm.g.doubleclick.net/pixel?google_nid=smartrtb_dbm&google_cm&google_dbm HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEDHz4qjM1c5JBPpsRhHStY0&google_cver=1
Request Chain 506
  • https://cdn.retailads.net/tb.php?t=150337V2172132532M&subid=48099500138177804444994012577027&ra_cnt_active=1&ra_cnt=1 HTTP 302
  • https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3480009841
Request Chain 517
  • https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5507977492695.828 HTTP 302
  • https://5994599.fls.doubleclick.net/activityi;dc_pre=CMrhlLyy8YMDFR1LHgIdawYGLw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5507977492695.828
Request Chain 548
  • https://b1.trickyrock.com/redirect.aspx?pid=74444021&bid=34664 HTTP 307
  • https://b1.trickyrock.com/btag=81765197_35BBC6679B4D40E3A84416FDB0255F3D
Request Chain 583
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESELSWbRvwaruo9rah2OlfStg&google_cver=1&google_push=AXcoOmRTbhG4GbBB0zMYVW0p-tKVoZduyvlFJCwRUvlvPjnQZAokHHVf0oQUeN-_Hnzfutic7b0IpoefG5apAbYXUnHpYDoxWNhWOPA HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESELSWbRvwaruo9rah2OlfStg&google_cver=1&google_push=AXcoOmRTbhG4GbBB0zMYVW0p-tKVoZduyvlFJCwRUvlvPjnQZAokHHVf0oQUeN-_Hnzfutic7b0IpoefG5apAbYXUnHpYDoxWNhWOPA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTY3MTk5MjU2NjQ2ODg5NzE3&google_push=AXcoOmRTbhG4GbBB0zMYVW0p-tKVoZduyvlFJCwRUvlvPjnQZAokHHVf0oQUeN-_Hnzfutic7b0IpoefG5apAbYXUnHpYDoxWNhWOPA
Request Chain 584
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESELnhxrpRzFhM__XprZkoV18&google_cver=1&google_push=AXcoOmSo1Lbn5L98lU93WJtM0VQWIIq2MpCIqoCRFJA5b7HJAq0USk62q13g4WzI4CWSC2_3T0S7ZUwc0Zm9m3V1a_Wb7wuZ3bfrAIc HTTP 302
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESELnhxrpRzFhM__XprZkoV18&google_push=AXcoOmSo1Lbn5L98lU93WJtM0VQWIIq2MpCIqoCRFJA5b7HJAq0USk62q13g4WzI4CWSC2_3T0S7ZUwc0Zm9m3V1a_Wb7wuZ3bfrAIc&s=2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmSo1Lbn5L98lU93WJtM0VQWIIq2MpCIqoCRFJA5b7HJAq0USk62q13g4WzI4CWSC2_3T0S7ZUwc0Zm9m3V1a_Wb7wuZ3bfrAIc&google_hm=cmttWmtpY2RLa2g4eGxaZGJmTEk=
Request Chain 585
  • https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEO6bSV2MtZzStihMViXr8IA&google_cver=1&google_push=AXcoOmRvSoWpZ7wXp8h6PIyAOrfTfe47iV_xxiIkaWz1ORbSuPepFoDMEscNo_Gni3IlybU7jE4O6gPJAgyJlOP0sFyV0l6_361g3_0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=E7_xoKAeWlp-KcPAGLya59ly14M&google_push=AXcoOmRvSoWpZ7wXp8h6PIyAOrfTfe47iV_xxiIkaWz1ORbSuPepFoDMEscNo_Gni3IlybU7jE4O6gPJAgyJlOP0sFyV0l6_361g3_0
Request Chain 587
  • https://securepubads.g.doubleclick.net/pagead/adview?ai=CMFx_7pSuZeeYDceH7_UPl7yLwAqY09S3dYr26ui5EWQQASDmsPlnYJWSmoKsB6ABlvm10QPIAQmpAhbsStpbRrI-4AIAqAMByANIqgSpAk_QeMMLXzGrWSGsSoeuajYtvPA1HUtfSsdy7qOiyddXdeEME2bK-0poC4ubCisp2DT6zqNfe8MxysLONIWIsGO9gPSXrujJjQnrXh9A4bSn9mCKT7peg8cinLv6mVfSIcZzvo4KQwGzmv_4pHt09jUPag1DzdFn8HkfwlytCqOBGJE0ZcgIVITk_GEhocSTnhuNwE35sKcC26qcGDwUmQ9jgSVY5oNrl1zxQCgFmut_BQeL4q8qPdILGwrILzdjORJKOzn5ijIaOAkyWg-rji4UREtYgBBT6JYwTjAKiROP360gpmfH6bxU7RyAm2nMXMoc47sazoiUKOmh_rfuWaTGPOi_a7PSIVKzcaUEJFHBegqnpV1nH4KDvyFFsHXNfszfOprYjnOfgcAE0s_j75AE4AQBiAW1hoHVSZIFBAgEGAGSBQQIBRgEoAYugAfShsouqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyBwQQpYcE0ggfCIDhgBAQARgdMgKqAjoCgEBIvf3BOljdi_6_svGDA5oJRWh0dHBzOi8vYXV0by5zdXp1a2kuZGUvbW9kZWxsZS9zd2lmdC9zdXp1a2ktc3dpZnQtNS10dWVyZXIvcHJvYmVmYWhydIAKAcgLAaIMCCoGCgSsurEC4g0TCIS8_r-y8YMDFcfDuwgdF94CqNgTDogUAdAVAZgWAYAXAbIXHgocCAASFHB1Yi02MjAxODM2OTY5NDI0OTg2GJHzbA&sigh=ZnNfQahABrM&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSOwAvHhf__Tls8HSZPRszytXhFeWQ_4801MdBVWAYlUk2aUwTGWoioCnuJnXaVjvuZ0Kn0DGG-NoYJAE-GAE&template_id=419&cbvp=2&vis=1 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%223039794733200396493%22,%22debug_reporting%22:true,%22destination%22:%22https://suzuki.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22976059542%22],%2222%22:[%22true%22],%224%22:[%2201-22%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2212152161893216858385%22}&andc=true
Request Chain 615
  • https://vidoomy-d.openx.net/v/1.0/av?auid=559614560&url=https%3A%2F%2Fcolunadofla.com%2F&cb=832558&vwd=400&vht=225&schain=1.0%2C1!vidoomy.com%2C52453%2C1%2C97527655624020343881492419615%2C%2C&gdpr=0&gdpr_consent= HTTP 302
  • https://vidoomy-d.openx.net/v/1.0/av?cc=1&auid=559614560&url=https%3A%2F%2Fcolunadofla.com%2F&cb=832558&vwd=400&vht=225&schain=1.0%2C1!vidoomy.com%2C52453%2C1%2C97527655624020343881492419615%2C%2C&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NGE0Njc4ZTUtNmQwMS02NzZkLTRkZDQtOGEyOWE0OTczZTQ4
Request Chain 619
  • https://4cywq-eqnre.ads.tremorhub.com/ad/tag?adCode=4cywq-vgm1t&playerWidth=400&playerHeight=225&srcPageUrl=https%3A%2F%2Fcolunadofla.com%2F&gdpr=0&gdpr_consent=&cb=773538&schain=1.0%2C1!vidoomy.com%2C52453%2C1%2C97527655624020343881492419615%2C%2C HTTP 302
  • https://4cywq-eqnre.ads.tremorhub.com/ad/tag?adCode=4cywq-vgm1t&playerWidth=400&playerHeight=225&srcPageUrl=https%3A%2F%2Fcolunadofla.com%2F&gdpr=0&gdpr_consent=&cb=773538&schain=1.0%2C1!vidoomy.com%2C52453%2C1%2C97527655624020343881492419615%2C%2C&_tur=T
Request Chain 625
  • https://vidoomy-d.openx.net/v/1.0/av?auid=559614560&url=https%3A%2F%2Fcolunadofla.com%2F&cb=832558&vwd=400&vht=225&schain=1.0%2C1!vidoomy.com%2C52453%2C1%2C97527655624020343881492419615%2C%2C&gdpr=0&gdpr_consent= HTTP 302
  • https://vidoomy-d.openx.net/v/1.0/av?cc=1&auid=559614560&url=https%3A%2F%2Fcolunadofla.com%2F&cb=832558&vwd=400&vht=225&schain=1.0%2C1!vidoomy.com%2C52453%2C1%2C97527655624020343881492419615%2C%2C&gdpr=0&gdpr_consent=
Request Chain 630
  • https://b1.trickyrock.com/redirect.aspx?pid=74444021&bid=21775 HTTP 307
  • https://www.unibet.com/stan/campaign.do?cmpId=2582340&affiliateId=1&unibetTarget=/eng-int/sportsbook/multi-sports/index.html&targetDomain=https://welcome.unibet.com&btag=81765197_5AC82A9B681E4F25AB212B63ECFDF86D&affiliateId=1&pid=74444021&bid=21775
Request Chain 632
  • https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null&gpp_string=&gpp_sid= HTTP 302
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=3a9c19184d5ea072f5e6556cc8626083&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7buser.id%7d%26gdpr%3d0%26gdpr_consent%3dnull&gdpr=0&gdpr_consent=null HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=uml280d_7326969544838784390&gdpr=0&gdpr_consent=null HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=M2E5YzE5MTg0ZDVlYTA3MmY1ZTY1NTZjYzg2MjYwODM=&gdpr=0&gdpr_consent=null HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEMmCp3KNgEr-gNj5ws9H1oI&google_cver=1&gdpr=0&gdpr_consent=null HTTP 302
  • https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=null HTTP 303
  • https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=null&_bee_ppp=1
Request Chain 635
  • https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=M2E5YzE5MTg0ZDVlYTA3MmY1ZTY1NTZjYzg2MjYwODM=&gdpr=0&gdpr_consent=&_fw_gdpr=0&_fw_gdpr_consent=
Request Chain 636
  • https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=3a9c19184d5ea072f5e6556cc8626083&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=&_fw_gdpr=0&_fw_gdpr_consent=
Request Chain 643
  • https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null&gpp_string=&gpp_sid= HTTP 302
  • https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=null
Request Chain 646
  • https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=M2E5YzE5MTg0ZDVlYTA3MmY1ZTY1NTZjYzg2MjYwODM=&gdpr=0&gdpr_consent=&_fw_gdpr=0&_fw_gdpr_consent=
Request Chain 647
  • https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=3a9c19184d5ea072f5e6556cc8626083&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=&_fw_gdpr=0&_fw_gdpr_consent=

642 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
colunadofla.com/
Redirect Chain
  • http://colunadofla.com.br/
  • https://colunadofla.com/
170 KB
50 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://colunadofla.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
190.89.238.20 , Brazil, ASN28209 (Under Servicos de Internet Ltda, BR),
Reverse DNS
br86.serverdo.in
Software
nginx /
Resource Hash
7bf0ae7646f9381dd200f2fc2f9b11f1cee4d0a7faf4bc3047e1575a4e75de93
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff nosniff
X-Frame-Options “DENY” “DENY”
X-Xss-Protection 1; mode=block 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
cache-control
max-age=60
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 22 Jan 2024 16:16:31 GMT
expires
Mon, 22 Jan 2024 16:17:31 GMT
link
<https://colunadofla.com/wp-json/>; rel="https://api.w.org/" <https://colunadofla.com/wp-json/wp/v2/pages/269624>; rel="alternate"; type="application/json"
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding Accept-Encoding
x-content-type-options
nosniff nosniff
x-frame-options
“DENY” “DENY”
x-xss-protection
1; mode=block 1; mode=block

Redirect headers

Connection
Keep-Alive
Content-Length
232
Content-Type
text/html; charset=iso-8859-1
Date
Mon, 22 Jan 2024 16:16:30 GMT
Keep-Alive
timeout=5, max=100
Location
https://colunadofla.com/
Server
Apache
js
www.googletagmanager.com/gtag/ 		282 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-K5T6DQS0LR
Requested by
Host: colunadofla.com
URL: https://colunadofla.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1e842acee4094f83bf9950e72f7edd8996ecfd0b43f2151d042c30da6e63d439
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://colunadofla.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 16:16:31 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
94137
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 22 Jan 2024 16:16:31 GMT
js
www.googletagmanager.com/gtag/ 		176 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-60738862-1
Requested by
Host: colunadofla.com
URL: https://colunadofla.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
db789cc3550446a25bbbc6edef34a6d737e9db7704c00c42c5827b07f98dcc6d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://colunadofla.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 16:16:31 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65101
x-xss-protection
0
last-modified
Mon, 22 Jan 2024 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 22 Jan 2024 16:16:31 GMT
main.min.css
colunadofla.com/wp-content/themes/coluna-do-fla/assets/css/ 		695 KB
70 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://colunadofla.com/wp-content/themes/coluna-do-fla/assets/css/main.min.css?x71849&ver=1650983177
Requested by
Host: colunadofla.com
URL: https://colunadofla.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
190.89.238.20 , Brazil, ASN28209 (Under Servicos de Internet Ltda, BR),
Reverse DNS
br86.serverdo.in
Software
nginx /
Resource Hash
c730f32afff69123950c13fedf8211849ad76aff409870071fe0b407f39ce79f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://colunadofla.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
public
date
Mon, 22 Jan 2024 16:16:31 GMT
content-encoding
gzip
last-modified
Tue, 26 Apr 2022 14:26:17 GMT
server
nginx
etag
W/"62680109-ada88"
vary
Accept-Encoding, Accept-Encoding, Accept
content-type
text/css
cache-control
max-age=31536000
expires
Tue, 21 Jan 2025 16:16:31 GMT
style.min.css
colunadofla.com/wp-includes/css/dist/block-library/ 		95 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://colunadofla.com/wp-includes/css/dist/block-library/style.min.css?x71849&ver=6.2.3
Requested by
Host: colunadofla.com
URL: https://colunadofla.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
190.89.238.20 , Brazil, ASN28209 (Under Servicos de Internet Ltda, BR),
Reverse DNS
br86.serverdo.in
Software
nginx /
Resource Hash
aca566587618e75fa291a419c7c430be02e03fc72f6105658c1bc8e7d59a65e4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://colunadofla.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
public
date
Mon, 22 Jan 2024 16:16:31 GMT
content-encoding
gzip
last-modified
Sat, 03 Jun 2023 06:39:54 GMT
server
nginx
etag
W/"647ae03a-17ced"
vary
Accept-Encoding, Accept-Encoding, Accept
content-type
text/css
cache-control
max-age=31536000
expires
Tue, 21 Jan 2025 16:16:31 GMT
frontend.css
colunadofla.com/wp-content/plugins/jet-engine/assets/css/ 		34 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://colunadofla.com/wp-content/plugins/jet-engine/assets/css/frontend.css?x71849&ver=2.9.4
Requested by
Host: colunadofla.com
URL: https://colunadofla.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
190.89.238.20 , Brazil, ASN28209 (Under Servicos de Internet Ltda, BR),
Reverse DNS
br86.serverdo.in
Software
nginx /
Resource Hash
e2bb6c97b20292d41f84bc1599d3f8d1bc52df2511661edbb862cee7535e3a0f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://colunadofla.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
public
date
Mon, 22 Jan 2024 16:16:31 GMT
content-encoding
gzip
last-modified
Wed, 17 Nov 2021 14:35:57 GMT
server
nginx
etag
W/"6195134d-8797"
vary
Accept-Encoding, Accept-Encoding, Accept
content-type
text/css
cache-control
max-age=31536000
expires
Tue, 21 Jan 2025 16:16:31 GMT
classic-themes.min.css
colunadofla.com/wp-includes/css/ 		291 B
446 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://colunadofla.com/wp-includes/css/classic-themes.min.css?x71849&ver=6.2.3
Requested by
Host: colunadofla.com
URL: https://colunadofla.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
190.89.238.20 , Brazil, ASN28209 (Under Servicos de Internet Ltda, BR),
Reverse DNS
br86.serverdo.in
Software
nginx /
Resource Hash
dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://colunadofla.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
public
date
Mon, 22 Jan 2024 16:16:31 GMT
content-encoding
gzip
last-modified
Sat, 03 Jun 2023 06:39:54 GMT
server
nginx
etag
W/"647ae03a-123"
vary
Accept-Encoding, Accept-Encoding, Accept
content-type
text/css
cache-control
max-age=31536000
expires
Tue, 21 Jan 2025 16:16:31 GMT
widget-options.css
colunadofla.com/wp-content/plugins/widget-options/assets/css/ 		3 KB
656 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://colunadofla.com/wp-content/plugins/widget-options/assets/css/widget-options.css?x71849
Requested by
Host: colunadofla.com
URL: https://colunadofla.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
190.89.238.20 , Brazil, ASN28209 (Under Servicos de Internet Ltda, BR),
Reverse DNS
br86.serverdo.in
Software
nginx /
Resource Hash
abb0f964c9209344eba89cb789ed800a211da042d8341fbe4144f254d16e0458

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://colunadofla.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
public
date
Mon, 22 Jan 2024 16:16:31 GMT
content-encoding
gzip
last-modified
Tue, 01 Aug 2023 04:14:49 GMT
server
nginx
etag
W/"64c886b9-a57"
vary
Accept-Encoding, Accept-Encoding, Accept
content-type
text/css
cache-control
max-age=31536000
expires
Tue, 21 Jan 2025 16:16:31 GMT
frontend.css
colunadofla.com/wp-content/plugins/wp-social/assets/css/ 		66 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://colunadofla.com/wp-content/plugins/wp-social/assets/css/frontend.css?x71849&ver=3.0.0
Requested by
Host: colunadofla.com
URL: https://colunadofla.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
190.89.238.20 , Brazil, ASN28209 (Under Servicos de Internet Ltda, BR),
Reverse DNS
br86.serverdo.in
Software
nginx /
Resource Hash
086f68b75e10cff78c11ff7d8159c9bbe5bea67202280ea74a6ddf5a1d8e44c6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://colunadofla.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
public
date
Mon, 22 Jan 2024 16:16:31 GMT
content-encoding
gzip
last-modified
Wed, 17 Jan 2024 07:52:28 GMT
server
nginx
etag
W/"65a7873c-1076f"
vary
Accept-Encoding, Accept-Encoding, Accept
content-type
text/css
cache-control
max-age=31536000
expires
Tue, 21 Jan 2025 16:16:31 GMT
font-icon.css
colunadofla.com/wp-content/plugins/wp-social/assets/css/ 		43 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://colunadofla.com/wp-content/plugins/wp-social/assets/css/font-icon.css?x71849&ver=3.0.0
Requested by
Host: colunadofla.com
URL: https://colunadofla.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
190.89.238.20 , Brazil, ASN28209 (Under Servicos de Internet Ltda, BR),
Reverse DNS
br86.serverdo.in
Software
nginx /
Resource Hash
a5b2665050154a908f93b008604837aa6cd5d0fd6914338cbfe13c0ff0a2934f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://colunadofla.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
public
date
Mon, 22 Jan 2024 16:16:31 GMT
content-encoding
gzip
last-modified
Wed, 17 Jan 2024 07:52:28 GMT
server
nginx
etag
W/"65a7873c-ab05"
vary
Accept-Encoding, Accept-Encoding, Accept
content-type
text/css
cache-control
max-age=31536000
expires
Tue, 21 Jan 2025 16:16:31 GMT
yop-poll-public-6.5.29.css
colunadofla.com/wp-content/plugins/yop-poll/public/assets/css/ 		159 KB
22 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://colunadofla.com/wp-content/plugins/yop-poll/public/assets/css/yop-poll-public-6.5.29.css?x71849&ver=6.2.3
Requested by
Host: colunadofla.com
URL: https://colunadofla.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
190.89.238.20 , Brazil, ASN28209 (Under Servicos de Internet Ltda, BR),
Reverse DNS
br86.serverdo.in
Software
nginx /
Resource Hash
aa1f211bb7e5e55474c82ad9c520623a0e456949bf70c45d5dae80861e2abce9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://colunadofla.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
public
date
Mon, 22 Jan 2024 16:16:31 GMT
content-encoding
gzip
last-modified
Thu, 21 Dec 2023 13:45:03 GMT
server
nginx
etag
W/"6584415f-27df1"
vary
Accept-Encoding, Accept-Encoding, Accept
content-type
text/css
cache-control
max-age=31536000
expires
Tue, 21 Jan 2025 16:16:31 GMT
yvtwp-frontend.css
colunadofla.com/wp-content/plugins/youtube-videos-to-wordpress-posts/resources/css/ 		275 B
402 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://colunadofla.com/wp-content/plugins/youtube-videos-to-wordpress-posts/resources/css/yvtwp-frontend.css?x71849&ver=6.2.3
Requested by
Host: colunadofla.com
URL: https://colunadofla.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
190.89.238.20 , Brazil, ASN28209 (Under Servicos de Internet Ltda, BR),
Reverse DNS
br86.serverdo.in
Software
nginx /
Resource Hash
247d97b8046a941994933d2da467829c240d01c86aef6705abe3850d25d1f264

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://colunadofla.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
public
date
Mon, 22 Jan 2024 16:16:31 GMT
content-encoding
gzip
last-modified
Mon, 19 Apr 2021 17:42:28 GMT
server
nginx
etag
W/"607dc104-113"
vary
Accept-Encoding, Accept-Encoding, Accept
content-type
text/css
cache-control
max-age=31536000
expires
Tue, 21 Jan 2025 16:16:31 GMT
front.min.css
colunadofla.com/wp-content/plugins/cookie-notice/css/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://colunadofla.com/wp-content/plugins/cookie-notice/css/front.min.css?x71849&ver=2.4.13
Requested by
Host: colunadofla.com
URL: https://colunadofla.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
190.89.238.20 , Brazil, ASN28209 (Under Servicos de Internet Ltda, BR),
Reverse DNS
br86.serverdo.in
Software
nginx /
Resource Hash
029dedf319bc4536d9c663ae9c0b10c95d1e9f5dd1de0aa73172e9e89ae254cc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://colunadofla.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
public
date
Mon, 22 Jan 2024 16:16:31 GMT
content-encoding
gzip
last-modified
Wed, 17 Jan 2024 07:48:04 GMT
server
nginx
etag
W/"65a78634-13c8"
vary
Accept-Encoding, Accept-Encoding, Accept
content-type
text/css
cache-control
max-age=31536000
expires
Tue, 21 Jan 2025 16:16:31 GMT
addtoany.min.css
colunadofla.com/wp-content/plugins/add-to-any/ 		2 KB
770 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://colunadofla.com/wp-content/plugins/add-to-any/addtoany.min.css?x71849&ver=1.16
Requested by
Host: colunadofla.com
URL: https://colunadofla.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
190.89.238.20 , Brazil, ASN28209 (Under Servicos de Internet Ltda, BR),
Reverse DNS
br86.serverdo.in
Software
nginx /
Resource Hash
c19e3e4151ea4933fa9ba9703c51fe20ad469237771214b1c5001d1b107ddef5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://colunadofla.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
public
date
Mon, 22 Jan 2024 16:16:31 GMT
content-encoding
gzip
last-modified
Fri, 22 Dec 2023 07:25:29 GMT
server
nginx
etag
W/"658539e9-644"
vary
Accept-Encoding, Accept-Encoding, Accept
content-type
text/css
cache-control
max-age=31536000
expires
Tue, 21 Jan 2025 16:16:31 GMT
jquery.min.js
colunadofla.com/wp-includes/js/jquery/ 		88 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://colunadofla.com/wp-includes/js/jquery/jquery.min.js?x71849&ver=3.6.4
Requested by
Host: colunadofla.com
URL: https://colunadofla.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
190.89.238.20 , Brazil, ASN28209 (Under Servicos de Internet Ltda, BR),
Reverse DNS
br86.serverdo.in
Software
nginx /
Resource Hash
afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://colunadofla.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
public
date
Mon, 22 Jan 2024 16:16:31 GMT
content-encoding
gzip
last-modified
Sat, 03 Jun 2023 06:39:54 GMT
server
nginx
etag
W/"647ae03a-15ed7"
vary
Accept-Encoding, Accept-Encoding, Accept
content-type
application/javascript
cache-control
max-age=31536000
expires
Tue, 21 Jan 2025 16:16:31 GMT
jquery-migrate.min.js
colunadofla.com/wp-includes/js/jquery/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://colunadofla.com/wp-includes/js/jquery/jquery-migrate.min.js?x71849&ver=3.4.0
Requested by
Host: colunadofla.com
URL: https://colunadofla.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
190.89.238.20 , Brazil, ASN28209 (Under Servicos de Internet Ltda, BR),
Reverse DNS
br86.serverdo.in
Software
nginx /
Resource Hash
9810aee7e6d57d8cceaa96322b88e6df46710194689ae12b284149148cabc2f3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://colunadofla.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
public
date
Mon, 22 Jan 2024 16:16:31 GMT
content-encoding
gzip
last-modified
Sat, 03 Jun 2023 06:39:54 GMT
server
nginx
etag
W/"647ae03a-3470"
vary
Accept-Encoding, Accept-Encoding, Accept
content-type
application/javascript
cache-control
max-age=31536000
expires
Tue, 21 Jan 2025 16:16:31 GMT
page.js
static.addtoany.com/menu/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.addtoany.com/menu/page.js
Requested by
Host: colunadofla.com
URL: https://colunadofla.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:47c5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c48b1ff73db9191e083a11b99c66fac0e506e01081b0358f81a98a26facd8c45
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://colunadofla.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 16:16:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1294
content-encoding
br
alt-svc
h3=":443"; ma=86400
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"69e533c66291569cf7f6966cda830b78"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=92G%2FPij6oFkTVpJOFsP1js1UKIvuQa9CTcGUPyOl%2BKA0%2BjjgjksYBN8Cs5WnrC0xkue1uG%2BiYyS5XYNYe%2FV8Fkqetu1P0SQpRz0vrdVbMSI4hzprh0Qh85xMmF9OcsAjRAI7KCWiIlLZF1rrkxlwsEoJ"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=86400, stale-while-revalidate=30, public
cf-ray
84991a199d38911e-FRA
addtoany.min.js
colunadofla.com/wp-content/plugins/add-to-any/ 		129 B
346 B 		Script
General
Check archive.org
Download Go to
Full URL
https://colunadofla.com/wp-content/plugins/add-to-any/addtoany.min.js?x71849&ver=1.1
Requested by
Host: colunadofla.com
URL: https://colunadofla.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
190.89.238.20 , Brazil, ASN28209 (Under Servicos de Internet Ltda, BR),
Reverse DNS
br86.serverdo.in
Software
nginx /
Resource Hash
50679e0e3933c945348a2db0cc128bb14b57a60a74fabf8cae13acc14efbb2e1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://colunadofla.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
public
date
Mon, 22 Jan 2024 16:16:32 GMT
last-modified
Fri, 22 Dec 2023 07:25:29 GMT
server
nginx
etag
"658539e9-81"
vary
Accept
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
content-length
129
expires
Tue, 21 Jan 2025 16:16:32 GMT
front-main.js
colunadofla.com/wp-content/plugins/wp-social/assets/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://colunadofla.com/wp-content/plugins/wp-social/assets/js/front-main.js?x71849&ver=3.0.0
Requested by
Host: colunadofla.com
URL: https://colunadofla.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
190.89.238.20 , Brazil, ASN28209 (Under Servicos de Internet Ltda, BR),
Reverse DNS
br86.serverdo.in
Software
nginx /
Resource Hash
235b98e9724beb6c5d4365e7f097c06fb0ac3208e38b1ddbd401a375203f655f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://colunadofla.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
public
date
Mon, 22 Jan 2024 16:16:31 GMT
content-encoding
gzip
last-modified
Wed, 17 Jan 2024 07:52:28 GMT
server
nginx
etag
W/"65a7873c-925"
vary
Accept-Encoding, Accept-Encoding, Accept
content-type
application/javascript
cache-control
max-age=31536000
expires
Tue, 21 Jan 2025 16:16:31 GMT
yop-poll-public-6.5.29.min.js
colunadofla.com/wp-content/plugins/yop-poll/public/assets/js/ 		46 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://colunadofla.com/wp-content/plugins/yop-poll/public/assets/js/yop-poll-public-6.5.29.min.js?x71849&ver=6.2.3
Requested by
Host: colunadofla.com
URL: https://colunadofla.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
190.89.238.20 , Brazil, ASN28209 (Under Servicos de Internet Ltda, BR),
Reverse DNS
br86.serverdo.in
Software
nginx /
Resource Hash
96085d39ff9098e43cb0346b92caab9040ee4aff4f60aada77322ccc2c07ed20

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://colunadofla.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
public
date
Mon, 22 Jan 2024 16:16:31 GMT
content-encoding
gzip
last-modified
Thu, 21 Dec 2023 13:45:03 GMT
server
nginx
etag
W/"6584415f-b6c4"
vary
Accept-Encoding, Accept-Encoding, Accept
content-type
application/javascript
cache-control
max-age=31536000
expires
Tue, 21 Jan 2025 16:16:31 GMT
wpp.min.js
colunadofla.com/wp-content/plugins/wordpress-popular-posts/assets/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://colunadofla.com/wp-content/plugins/wordpress-popular-posts/assets/js/wpp.min.js?x71849&ver=6.2.1
Requested by
Host: colunadofla.com
URL: https://colunadofla.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
190.89.238.20 , Brazil, ASN28209 (Under Servicos de Internet Ltda, BR),
Reverse DNS
br86.serverdo.in
Software
nginx /
Resource Hash
7081b35bdd0f1ba60fcb80e1ef5bc535b4010d10bd97cf40a362e67819ab5e98

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://colunadofla.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
public
date
Mon, 22 Jan 2024 16:16:31 GMT
content-encoding
gzip
last-modified
Tue, 25 Jul 2023 08:43:07 GMT
server
nginx
etag
W/"64bf8b1b-11aa"
vary
Accept-Encoding, Accept-Encoding, Accept
content-type
application/javascript
cache-control
max-age=31536000
expires
Tue, 21 Jan 2025 16:16:31 GMT
social-front.js
colunadofla.com/wp-content/plugins/wp-social/assets/js/ 		459 B
534 B 		Script
General
Check archive.org
Download Go to
Full URL
https://colunadofla.com/wp-content/plugins/wp-social/assets/js/social-front.js?x71849&ver=6.2.3
Requested by
Host: colunadofla.com
URL: https://colunadofla.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
190.89.238.20 , Brazil, ASN28209 (Under Servicos de Internet Ltda, BR),
Reverse DNS
br86.serverdo.in
Software
nginx /
Resource Hash
2b42cd3660f6bf3f2c6f3a60cd9523eee7ac9b544e7ae928a269dc1c0fa1e366

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://colunadofla.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
public
date
Mon, 22 Jan 2024 16:16:31 GMT
content-encoding
gzip
last-modified
Wed, 17 Jan 2024 07:52:28 GMT
server
nginx
etag
W/"65a7873c-1cb"
vary
Accept-Encoding, Accept-Encoding, Accept
content-type
application/javascript
cache-control
max-age=31536000
expires
Tue, 21 Jan 2025 16:16:31 GMT
front.min.js
colunadofla.com/wp-content/plugins/cookie-notice/js/ 		8 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://colunadofla.com/wp-content/plugins/cookie-notice/js/front.min.js?x71849&ver=2.4.13
Requested by
Host: colunadofla.com
URL: https://colunadofla.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
190.89.238.20 , Brazil, ASN28209 (Under Servicos de Internet Ltda, BR),
Reverse DNS
br86.serverdo.in
Software
nginx /
Resource Hash
08756c47213d461baa3b01f42448a76d11f524470c7a34f9018733889bd4f49c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://colunadofla.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
public
date
Mon, 22 Jan 2024 16:16:32 GMT
content-encoding
gzip
last-modified
Wed, 17 Jan 2024 07:48:04 GMT
server
nginx
etag
W/"65a78634-21fc"
vary
Accept-Encoding, Accept-Encoding, Accept
content-type
application/javascript
cache-control
max-age=31536000
expires
Tue, 21 Jan 2025 16:16:32 GMT
gtm.js
www.googletagmanager.com/ 		178 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PGCK9DR
Requested by
Host: colunadofla.com
URL: https://colunadofla.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6210a6c4c95a7e3dfae5d73280b92f3435ab4e10d20d663ae4fc31aee3e6609d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://colunadofla.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 16:16:32 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65034
x-xss-protection
0
last-modified
Mon, 22 Jan 2024 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 22 Jan 2024 16:16:32 GMT
wp-emoji-release.min.js
colunadofla.com/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://colunadofla.com/wp-includes/js/wp-emoji-release.min.js?ver=6.2.3
Requested by
Host: colunadofla.com
URL: https://colunadofla.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
190.89.238.20 , Brazil, ASN28209 (Under Servicos de Internet Ltda, BR),
Reverse DNS
br86.serverdo.in
Software
nginx /
Resource Hash
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://colunadofla.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
public
date
Mon, 22 Jan 2024 16:16:32 GMT
content-encoding
gzip
last-modified
Sat, 03 Jun 2023 06:39:54 GMT
server
nginx
etag
W/"647ae03a-4904"
vary
Accept-Encoding, Accept-Encoding, Accept
content-type
application/javascript
cache-control
max-age=31536000
expires
Tue, 21 Jan 2025 16:16:32 GMT
js
www.googletagmanager.com/gtag/ 		282 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-K5T6DQS0LR&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-60738862-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d1fac847db1d7eb55be35c93e3e6cd8b056bab3ce18d858dcd21d6686cd902bb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://colunadofla.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 16:16:32 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
94082
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 22 Jan 2024 16:16:32 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-60738862-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://colunadofla.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 22 Jan 2024 15:48:09 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
1703
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Mon, 22 Jan 2024 17:48:09 GMT
collect
region1.analytics.google.com/g/ 		0
245 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-K5T6DQS0LR&gtm=45je41h0v878194228&_p=1705940191534&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1599854402.1705940192&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1705940191&sct=1&seg=0&dl=https%3A%2F%2Fcolunadofla.com%2F&dt=Flamengo%20%7C%20Not%C3%ADcias%2C%20jogos%20e%20v%C3%ADdeos&en=page_view&_fv=2&_nsi=1&_ss=2&_c=1&_ee=1&tfd=1976
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-K5T6DQS0LR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://colunadofla.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 16:16:31 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://colunadofla.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
254 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-K5T6DQS0LR&cid=1599854402.1705940192&gtm=45je41h0v878194228&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-K5T6DQS0LR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0b::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://colunadofla.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 16:16:31 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://colunadofla.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-K5T6DQS0LR&cid=1599854402.1705940192&gtm=45je41h0v878194228&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=1032876989
Requested by
Host: colunadofla.com
URL: https://colunadofla.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://colunadofla.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 16:16:32 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.analytics.google.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-K5T6DQS0LR&gtm=45je41h0v878194228&_p=1705940191534&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1599854402.1705940192&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1705940191&sct=1&seg=0&dl=https%3A%2F%2Fcolunadofla.com%2F&dt=Flamengo%20%7C%20Not%C3%ADcias%2C%20jogos%20e%20v%C3%ADdeos&en=scroll&_c=1&epn.percent_scrolled=90&_et=4&tfd=1981
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-K5T6DQS0LR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://colunadofla.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 16:16:31 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://colunadofla.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		98 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: colunadofla.com
URL: https://colunadofla.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e8cf1c9501e19b3bba8821897a532cdfb7dbb3254290cfe215308388c08f7702
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://colunadofla.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 16:16:32 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29598
x-xss-protection
0
server
cafe
etag
593 / 19744 / 31080521 / config-hash: 16721368857602662386
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 22 Jan 2024 16:16:32 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		377 KB
130 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js?x71849
Requested by
Host: colunadofla.com
URL: https://colunadofla.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
38105aac42d1610743fba1feb58227a93739e52333b57597bd988ae71dad6353
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://colunadofla.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 16:16:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
132425
x-xss-protection
0
expires
Mon, 22 Jan 2024 16:16:32 GMT
logo.colunadofla.site_.png
colunadofla.com/wp-content/uploads/2022/05/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://colunadofla.com/wp-content/uploads/2022/05/logo.colunadofla.site_.png
Requested by
Host: colunadofla.com
URL: https://colunadofla.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
190.89.238.20 , Brazil, ASN28209 (Under Servicos de Internet Ltda, BR),
Reverse DNS
br86.serverdo.in
Software
nginx /
Resource Hash
87d3b016132d08785375bad54750e448501458f04a7e87912382c0d2a103aa9d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://colunadofla.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
public
date
Mon, 22 Jan 2024 16:16:31 GMT
last-modified
Tue, 10 May 2022 02:52:41 GMT
server
nginx
etag
"6279d379-a4b"
vary
Accept
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
2635
expires
Tue, 21 Jan 2025 16:16:31 GMT
main.js
colunadofla.com/wp-content/themes/coluna-do-fla/assets/js/ 		172 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://colunadofla.com/wp-content/themes/coluna-do-fla/assets/js/main.js?x71849&ver=1705477191
Requested by
Host: colunadofla.com
URL: https://colunadofla.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
190.89.238.20 , Brazil, ASN28209 (Under Servicos de Internet Ltda, BR),
Reverse DNS
br86.serverdo.in
Software
nginx /
Resource Hash
714ffaa29a516013a6de7b1e8c5caa1e32f29eb1932bf9ef3735e991d81a2204

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://colunadofla.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
public
date
Mon, 22 Jan 2024 16:16:31 GMT
content-encoding
gzip
last-modified
Wed, 17 Jan 2024 07:39:51 GMT
server
nginx
etag
W/"65a78447-2af26"
vary
Accept-Encoding, Accept-Encoding, Accept
content-type
application/javascript
cache-control
max-age=31536000
expires
Tue, 21 Jan 2025 16:16:31 GMT
embed.min.js
www.sofascore.com/bundles/sofascoreweb/js/bin/util/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.sofascore.com/bundles/sofascoreweb/js/bin/util/embed.min.js?ver=6.2.3
Requested by
Host: colunadofla.com
URL: https://colunadofla.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.14.13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://colunadofla.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers
OneSignalSDK.js
cdn.onesignal.com/sdks/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalSDK.js?ver=6.2.3
Requested by
Host: colunadofla.com
URL: https://colunadofla.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d73b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4191d89ec03bce5dc273716075335e31851031184b0fff0ab9fc900a8442019f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://colunadofla.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 16:16:32 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
age
2953
etag
W/"a87c48d211877c49b878679b2e3cdab8"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
84991a19ab371c60-FRA
access-control-allow-headers
OneSignal-Subscription-Id
alt-svc
h3=":443"; ma=86400
expires
Thu, 25 Jan 2024 16:16:32 GMT
colunadofla.js
tags.juicebarads.com/js/ 		80 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.juicebarads.com/js/colunadofla.js?cachebust=1705940192201
Requested by
Host: colunadofla.com
URL: https://colunadofla.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
190.89.238.88 , Brazil, ASN28209 (Under Servicos de Internet Ltda, BR),
Reverse DNS
br204.serverdo.in
Software
nginx /
Resource Hash
15c19d3a4513b5ad0004bfdd0ccb80028ed2f3d5049b827a7fb8119a8a874902
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options “DENY”
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://colunadofla.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 16:16:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Thu, 18 Jan 2024 13:42:21 GMT
server
nginx
content-encoding
gzip
etag
W/"65a92abd-13f7b"
vary
Accept-Encoding
x-frame-options
“DENY”
content-type
application/javascript
x-xss-protection
1; mode=block
6f5a0f84a967110
ad.webads.media/deliver/pixel/ Frame 2FF4 		191 B
502 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.webads.media/deliver/pixel/6f5a0f84a967110
Requested by
Host: colunadofla.com
URL: https://colunadofla.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
116.203.19.36 Tettnang, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.36.19.203.116.clients.your-server.de
Software
nginx /
Resource Hash
ba1b837ec05ba3020e0162a3a6f8b7c2761f4fb00b083f15b24a8c2b26d8d486

Request headers

Referer
https://colunadofla.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
max-age=0, must-revalidate, private, s-maxage=3837
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Mon, 22 Jan 2024 16:16:32 GMT
Expires
Mon, 22 Jan 2024 16:16:32 GMT
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding
lines-up.svg
colunadofla.com/wp-content/themes/coluna-do-fla/assets/img/ 		2 KB
811 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://colunadofla.com/wp-content/themes/coluna-do-fla/assets/img/lines-up.svg
Requested by
Host: colunadofla.com
URL: https://colunadofla.com/wp-content/themes/coluna-do-fla/assets/css/main.min.css?x71849&ver=1650983177
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
190.89.238.20 , Brazil, ASN28209 (Under Servicos de Internet Ltda, BR),
Reverse DNS
br86.serverdo.in
Software
nginx /
Resource Hash
e2cc5cc991726477320685714be247b3440cbc402761a98e80db436f1a759a09
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options “DENY”
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://colunadofla.com/wp-content/themes/coluna-do-fla/assets/css/main.min.css?x71849&ver=1650983177
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
public
date
Mon, 22 Jan 2024 16:16:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Tue, 10 Aug 2021 22:41:16 GMT
server
nginx
content-encoding
gzip
etag
W/"6113008c-692"
vary
Accept-Encoding, Accept-Encoding
x-frame-options
“DENY”
content-type
image/svg+xml
cache-control
max-age=31536000
x-xss-protection
1; mode=block
expires
Tue, 21 Jan 2025 16:16:32 GMT
librefranklin-regular.woff2
colunadofla.com/wp-content/themes/coluna-do-fla/assets/fonts/ 		20 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://colunadofla.com/wp-content/themes/coluna-do-fla/assets/fonts/librefranklin-regular.woff2
Requested by
Host: colunadofla.com
URL: https://colunadofla.com/wp-content/themes/coluna-do-fla/assets/css/main.min.css?x71849&ver=1650983177
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
190.89.238.20 , Brazil, ASN28209 (Under Servicos de Internet Ltda, BR),
Reverse DNS
br86.serverdo.in
Software
nginx /
Resource Hash
b3593c5d38a9de54e41220e2c52194a6bcd90b21ed66e70d05fb434d81a2c1b9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options “DENY”
X-Xss-Protection 1; mode=block

Request headers

Referer
https://colunadofla.com/wp-content/themes/coluna-do-fla/assets/css/main.min.css?x71849&ver=1650983177
Origin
https://colunadofla.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 16:16:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-length
20500
x-xss-protection
1; mode=block
last-modified
Tue, 10 Aug 2021 22:41:08 GMT
server
nginx
etag
"61130084-5014"
x-frame-options
“DENY”
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
font/woff2
access-control-allow-origin
https://colunadofla.com
cache-control
max-age=31536000
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
expires
Tue, 21 Jan 2025 16:16:32 GMT
librefranklin-bold.woff2
colunadofla.com/wp-content/themes/coluna-do-fla/assets/fonts/ 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://colunadofla.com/wp-content/themes/coluna-do-fla/assets/fonts/librefranklin-bold.woff2
Requested by
Host: colunadofla.com
URL: https://colunadofla.com/wp-content/themes/coluna-do-fla/assets/css/main.min.css?x71849&ver=1650983177
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
190.89.238.20 , Brazil, ASN28209 (Under Servicos de Internet Ltda, BR),
Reverse DNS
br86.serverdo.in
Software
nginx /
Resource Hash
097db156a836a8fad51b77ac67f94b30ac55add0d16fe9b666ca4aeff3681e00
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options “DENY”
X-Xss-Protection 1; mode=block

Request headers

Referer
https://colunadofla.com/wp-content/themes/coluna-do-fla/assets/css/main.min.css?x71849&ver=1650983177
Origin
https://colunadofla.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 16:16:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-length
21180
x-xss-protection
1; mode=block
last-modified
Tue, 10 Aug 2021 22:41:06 GMT
server
nginx
etag
"61130082-52bc"
x-frame-options
“DENY”
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
font/woff2
access-control-allow-origin
https://colunadofla.com
cache-control
max-age=31536000
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
expires
Tue, 21 Jan 2025 16:16:32 GMT
alegreyasanssc-blackitalic.woff2
colunadofla.com/wp-content/themes/coluna-do-fla/assets/fonts/ 		20 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://colunadofla.com/wp-content/themes/coluna-do-fla/assets/fonts/alegreyasanssc-blackitalic.woff2
Requested by
Host: colunadofla.com
URL: https://colunadofla.com/wp-content/themes/coluna-do-fla/assets/css/main.min.css?x71849&ver=1650983177
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
190.89.238.20 , Brazil, ASN28209 (Under Servicos de Internet Ltda, BR),
Reverse DNS
br86.serverdo.in
Software
nginx /
Resource Hash
b846e8deb6704662c84437b86d7be89b508bc3510e251d0fa8e34f4610b24e2d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options “DENY”
X-Xss-Protection 1; mode=block

Request headers

Referer
https://colunadofla.com/wp-content/themes/coluna-do-fla/assets/css/main.min.css?x71849&ver=1650983177
Origin
https://colunadofla.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 16:16:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-length
20572
x-xss-protection
1; mode=block
last-modified
Tue, 10 Aug 2021 22:41:06 GMT
server
nginx
etag
"61130082-505c"
x-frame-options
“DENY”
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
font/woff2
access-control-allow-origin
https://colunadofla.com
cache-control
max-age=31536000
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
expires
Tue, 21 Jan 2025 16:16:32 GMT
met-social.ttf
colunadofla.com/wp-content/plugins/wp-social/assets/css/fonts/ 		466 KB
467 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://colunadofla.com/wp-content/plugins/wp-social/assets/css/fonts/met-social.ttf?kjn5hn
Requested by
Host: colunadofla.com
URL: https://colunadofla.com/wp-content/plugins/wp-social/assets/css/font-icon.css?x71849&ver=3.0.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
190.89.238.20 , Brazil, ASN28209 (Under Servicos de Internet Ltda, BR),
Reverse DNS
br86.serverdo.in
Software
nginx /
Resource Hash
d1cbe1a53c29fbcc25e32b5427b16f9649269b15465382f9af3587394e594849
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options “DENY”
X-Xss-Protection 1; mode=block

Request headers

Referer
https://colunadofla.com/wp-content/plugins/wp-social/assets/css/font-icon.css?x71849&ver=3.0.0
Origin
https://colunadofla.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 16:16:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-length
477152
x-xss-protection
1; mode=block
last-modified
Mon, 26 Jun 2023 07:00:04 GMT
server
nginx
etag
"64993774-747e0"
x-frame-options
“DENY”
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/octet-stream
access-control-allow-origin
https://colunadofla.com
cache-control
max-age=31536000
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
expires
Tue, 21 Jan 2025 16:16:32 GMT
librefranklin-semibold.woff2
colunadofla.com/wp-content/themes/coluna-do-fla/assets/fonts/ 		20 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://colunadofla.com/wp-content/themes/coluna-do-fla/assets/fonts/librefranklin-semibold.woff2
Requested by
Host: colunadofla.com
URL: https://colunadofla.com/wp-content/themes/coluna-do-fla/assets/css/main.min.css?x71849&ver=1650983177
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
190.89.238.20 , Brazil, ASN28209 (Under Servicos de Internet Ltda, BR),
Reverse DNS
br86.serverdo.in
Software
nginx /
Resource Hash
b929ca11c78d94ed0967b5d4dd77eb6b209cebb07c536530eeb0c26bfd4dfca5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options “DENY”
X-Xss-Protection 1; mode=block

Request headers

Referer
https://colunadofla.com/wp-content/themes/coluna-do-fla/assets/css/main.min.css?x71849&ver=1650983177
Origin
https://colunadofla.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 16:16:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-length
20720
x-xss-protection
1; mode=block
last-modified
Tue, 10 Aug 2021 22:41:08 GMT
server
nginx
etag
"61130084-50f0"
x-frame-options
“DENY”
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
font/woff2
access-control-allow-origin
https://colunadofla.com
cache-control
max-age=31536000
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
expires
Tue, 21 Jan 2025 16:16:32 GMT
placeholder.svg
colunadofla.com/wp-content/plugins/native-lazyload/assets/images/ 		88 B
413 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://colunadofla.com/wp-content/plugins/native-lazyload/assets/images/placeholder.svg
Requested by
Host: colunadofla.com
URL: https://colunadofla.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
190.89.238.20 , Brazil, ASN28209 (Under Servicos de Internet Ltda, BR),
Reverse DNS
br86.serverdo.in
Software
nginx /
Resource Hash
3860635dae56adc091d0f38baf9183d9373782e4fca9884535d8eb60d90e4ba3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options “DENY”
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://colunadofla.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
public
date
Mon, 22 Jan 2024 16:16:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Tue, 17 Dec 2019 14:29:50 GMT
server
nginx
etag
"5df8e65e-58"
x-frame-options
“DENY”
content-type
image/svg+xml
cache-control
max-age=31536000
accept-ranges
bytes
content-length
88
x-xss-protection
1; mode=block
expires
Tue, 21 Jan 2025 16:16:32 GMT
d2d1f42b6e8c57a17c3ec9ec1874f1fb.js
scripts.nsn-server.xyz/js/ 		493 KB
163 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.nsn-server.xyz/js/d2d1f42b6e8c57a17c3ec9ec1874f1fb.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PGCK9DR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:25a2:5a00:1:825a:8300:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
83748e7d0dcc196fda4747369084720b0a3704c93e8be21b0f12fb5cd50a0ca8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://colunadofla.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 14:25:58 GMT
content-encoding
br
via
1.1 e042bf1e56617a2fbe098f111a30b514.cloudfront.net (CloudFront)
last-modified
Mon, 22 Jan 2024 11:16:54 GMT
server
AmazonS3
x-amz-cf-pop
ZRH55-P1
age
6635
etag
W/"e7a4f4700cc891ae0a6799a1f7935326"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
eDBFRR9ij_m2wFO3CtwjS36qatf3mN0-2mmuF1bopPFUyfHLzzv7oA==
huxbalp2s6
www.clarity.ms/tag/ 		700 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/huxbalp2s6?ref=gtm2
Requested by
Host: colunadofla.com
URL: https://colunadofla.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
cfb8eae40717fbf03b8ef7c9776158341a18dd29178628db8feb4e19277e3e21

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://colunadofla.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
-1
date
Mon, 22 Jan 2024 16:16:32 GMT
x-azure-ref
20240122T161632Z-88v9mh8zxx7sm0pdqm5y14q9ts00000000z000000001754n
x-cache
CONFIG_NOCACHE
content-type
application/x-javascript
cache-control
no-cache, no-store
accept-ranges
bytes
content-length
700
request-context
appId=cid-v1:67bc0b23-8423-4b52-b1ca-6a87709ceaa2
collect
www.google-analytics.com/j/ 		2 B
207 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=759708928&t=pageview&_s=1&dl=https%3A%2F%2Fcolunadofla.com%2F&ul=en-us&de=UTF-8&dt=Flamengo%20%7C%20Not%C3%ADcias%2C%20jogos%20e%20v%C3%ADdeos&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=690072992&gjid=1895709160&cid=1599854402.1705940192&tid=UA-60738862-1&_gid=1424359539.1705940192&_r=1&gtm=457e41h0&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&jsscut=1&z=437922223
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://colunadofla.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 16:16:32 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://colunadofla.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
sm.25.html
static.addtoany.com/menu/ Frame 9A2C 		716 B
728 B 		Document
General
Check archive.org
Download Go to
Full URL
https://static.addtoany.com/menu/sm.25.html
Requested by
Host: static.addtoany.com
URL: https://static.addtoany.com/menu/page.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:47c5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
274d4116239b63097bb7c16e56e27cbb5a77be20392fb8e2317c0a0235185cad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://colunadofla.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
age
1292
alt-svc
h3=":443"; ma=86400
cache-control
max-age=315360000, immutable
cf-cache-status
HIT
cf-ray
84991a19dd6c911e-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Mon, 22 Jan 2024 16:16:32 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mMplrcM7UcqH3FbCK5im4mhTCOm4wYK6%2FbSl2oa71pikzvyBdOeUPfPAzqVL0UcHJUByYqPjxfdFC53B3h4xLKV6ZPdWJ%2BgCehTyJUoJIud5MZ6vhE4xYdVuAoZpk981z7yJaiSU"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
core.KJQApO2n.js
static.addtoany.com/menu/modules/ 		70 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.addtoany.com/menu/modules/core.KJQApO2n.js
Requested by
Host: static.addtoany.com
URL: https://static.addtoany.com/menu/page.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:47c5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
108bcba14581350a7815b5caa02835f1157276a442ee1b426fbe23bb6fb8f3c3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://colunadofla.com/
Origin
https://colunadofla.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 16:16:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4277
content-encoding
br
alt-svc
h3=":443"; ma=86400
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"72d3f16463b3853530ea28b8dc5fc529"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zx70Qld0cio9KM6VRhS%2BXl0s7Fq6YYQ1J4UP4qDoQmJdgG5dPBflv5FJpsM1Go19hKmjQ0RA8DQAdNr6VXZKfMXdp377s7vqjSj0qkPILno2AjUptkK770d8xXbswBdt0c3KKUW96NEzp6l8kUrxoe01"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000, immutable
cf-ray
84991a1a1fa29295-FRA
6f5a0f84a967110
ad.webads.media/deliver/js/ Frame 2FF4 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.webads.media/deliver/js/6f5a0f84a967110
Requested by
Host: ad.webads.media
URL: https://ad.webads.media/deliver/pixel/6f5a0f84a967110
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
116.203.19.36 Tettnang, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.36.19.203.116.clients.your-server.de
Software
nginx /
Resource Hash
3f6b1fb1e88bd5c6cfbc9b558ba3e5ceb8608f3e1730283becbfa0cc0b13bc53

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.webads.media/deliver/pixel/6f5a0f84a967110
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 22 Jan 2024 16:16:32 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript; charset=UTF-8
Cache-Control
max-age=0, must-revalidate, private, s-maxage=3321
Connection
keep-alive
Expires
Mon, 22 Jan 2024 16:16:32 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
151 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-60738862-1&cid=1599854402.1705940192&jid=690072992&gjid=1895709160&_gid=1424359539.1705940192&_u=YADAAUAAAAAAACAAI~&z=1504988928
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0b::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
d1c87d61697d144d62a45e704e89fff10ac0a6c448a0982f05b8a105e3968333
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://colunadofla.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Mon, 22 Jan 2024 16:16:32 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://colunadofla.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
6f5a0f84a967110
ad.webads.media/deliver/token/ Frame 2FF4 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.webads.media/deliver/token/6f5a0f84a967110?loc=https%3A%2F%2Fad.webads.media%2Fdeliver%2Fpixel%2F6f5a0f84a967110&vid=70a30967-3b6e-446a-b1f4-87acb88e863a&ref=https%3A%2F%2Fcolunadofla.com%2F
Requested by
Host: ad.webads.media
URL: https://ad.webads.media/deliver/js/6f5a0f84a967110
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
116.203.19.36 Tettnang, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.36.19.203.116.clients.your-server.de
Software
nginx /
Resource Hash
0f45b8ed412490e0d354a3f0c68a730d2599456dbc2ee5bbe38487c047cdb939

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.webads.media/deliver/pixel/6f5a0f84a967110
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 Jan 2024 16:16:32 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript; charset=UTF-8
Cache-Control
max-age=0, must-revalidate, private
Connection
keep-alive
Expires
Mon, 22 Jan 2024 16:16:32 GMT
ga-audiences
www.google.com/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-60738862-1&cid=1599854402.1705940192&jid=690072992&_u=YADAAUAAAAAAACAAI~&z=1174520286
Requested by
Host: colunadofla.com
URL: https://colunadofla.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://colunadofla.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 16:16:32 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.pt/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.pt/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-60738862-1&cid=1599854402.1705940192&jid=690072992&_u=YADAAUAAAAAAACAAI~&z=1174520286
Requested by
Host: colunadofla.com
URL: https://colunadofla.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://colunadofla.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 16:16:32 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401170101/ 		429 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401170101/pubads_impl.js?cb=31080521
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9d9faf92d5031707ade900a893ce95d561540cf4e8df13ccecfe2ee9c63dde01
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://colunadofla.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 09:41:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
23709
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
137892
x-xss-protection
0
server
cafe
etag
15922169668158481824
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Tue, 21 Jan 2025 09:41:23 GMT
OneSignalPageSDKES6.js
cdn.onesignal.com/sdks/ 		284 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151605
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js?ver=6.2.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d73b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ebe0f94ca53bc5f7d865f89aec5b0315bca03ace6942d6c1c76d94d5b59d419a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://colunadofla.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 16:16:32 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
age
307
etag
W/"e3be409ac3c100e2a5d3f264ec260551"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
84991a1a9c5b1c60-FRA
access-control-allow-headers
OneSignal-Subscription-Id
alt-svc
h3=":443"; ma=86400
expires
Thu, 25 Jan 2024 16:16:32 GMT
elenco-flamengo-copinha-2024.jpg
colunadofla.com/wp-content/uploads/2024/01/ 		95 KB
95 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://colunadofla.com/wp-content/uploads/2024/01/elenco-flamengo-copinha-2024.jpg
Requested by
Host: colunadofla.com
URL: https://colunadofla.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
190.89.238.20 , Brazil, ASN28209 (Under Servicos de Internet Ltda, BR),
Reverse DNS
br86.serverdo.in
Software
nginx /
Resource Hash
a956fa209752ea88e56e702848e3439ff71af3acdbf7853648d6d6a87fbd58c4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://colunadofla.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
public
date
Mon, 22 Jan 2024 16:16:32 GMT
last-modified
Mon, 22 Jan 2024 14:44:53 GMT
server
nginx
etag
"65ae7f65-17b2c"
vary
Accept
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
content-length
97068
expires
Tue, 21 Jan 2025 16:16:32 GMT
arrascaeta-flamengo-x-philadelphia-union-estados-unidos.jpg
colunadofla.com/wp-content/uploads/2024/01/ 		50 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://colunadofla.com/wp-content/uploads/2024/01/arrascaeta-flamengo-x-philadelphia-union-estados-unidos.jpg
Requested by
Host: colunadofla.com
URL: https://colunadofla.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
190.89.238.20 , Brazil, ASN28209 (Under Servicos de Internet Ltda, BR),
Reverse DNS
br86.serverdo.in
Software
nginx /
Resource Hash
f7acc35ce7955cf7db9b0835385e506333b8c7678e106d44d71e0a18d2e55424

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://colunadofla.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
public
date
Mon, 22 Jan 2024 16:16:32 GMT
last-modified
Mon, 22 Jan 2024 15:38:26 GMT
server
nginx
etag
"65ae8bf2-c68f"
vary
Accept
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
content-length
50831
expires
Tue, 21 Jan 2025 16:16:32 GMT
Flamengo-5-1140x450.jpeg
colunadofla.com/wp-content/uploads/2024/01/ 		114 KB
115 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://colunadofla.com/wp-content/uploads/2024/01/Flamengo-5-1140x450.jpeg
Requested by
Host: colunadofla.com
URL: https://colunadofla.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
190.89.238.20 , Brazil, ASN28209 (Under Servicos de Internet Ltda, BR),
Reverse DNS
br86.serverdo.in
Software
nginx /
Resource Hash
76a635a7ed47dd7005fe201baf4c3d1633e6185f199b99b41755a77a51057677

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://colunadofla.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
public
date
Mon, 22 Jan 2024 16:16:32 GMT
last-modified
Mon, 22 Jan 2024 13:31:24 GMT
server
nginx
etag
"65ae6e2c-1c8fc"
vary
Accept
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
content-length
116988
expires
Tue, 21 Jan 2025 16:16:32 GMT
thiago-maia-flamengo-x-vasco-brasileirao-maracana.jpg
colunadofla.com/wp-content/uploads/2024/01/ 		67 KB
67 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://colunadofla.com/wp-content/uploads/2024/01/thiago-maia-flamengo-x-vasco-brasileirao-maracana.jpg
Requested by
Host: colunadofla.com
URL: https://colunadofla.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
190.89.238.20 , Brazil, ASN28209 (Under Servicos de Internet Ltda, BR),
Reverse DNS
br86.serverdo.in
Software
nginx /
Resource Hash
7aa81bed43a77da928022ddde3a276a568fef79a7ead10e5a11d5396c6e88965

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://colunadofla.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
public
date
Mon, 22 Jan 2024 16:16:32 GMT
last-modified
Tue, 02 Jan 2024 22:51:48 GMT
server
nginx
etag
"65949384-10a53"
vary
Accept
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
content-length
68179
expires
Tue, 21 Jan 2025 16:16:32 GMT
flamengo-thiaguinho.jpg
colunadofla.com/wp-content/uploads/2024/01/ 		245 KB
246 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://colunadofla.com/wp-content/uploads/2024/01/flamengo-thiaguinho.jpg
Requested by
Host: colunadofla.com
URL: https://colunadofla.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
190.89.238.20 , Brazil, ASN28209 (Under Servicos de Internet Ltda, BR),
Reverse DNS
br86.serverdo.in
Software
nginx /
Resource Hash
cd763592b7a2bd3d9e1cb34f53edb1d5c3e6a820dfe5a96ece069bec1e41010f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://colunadofla.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
public
date
Mon, 22 Jan 2024 16:16:32 GMT
last-modified
Mon, 22 Jan 2024 01:41:12 GMT
server
nginx
etag
"65adc7b8-3d492"
vary
Accept
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
content-length
251026
expires
Tue, 21 Jan 2025 16:16:32 GMT
thiago-maia-flamengo-internacional.jpg
colunadofla.com/wp-content/uploads/2024/01/ 		58 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://colunadofla.com/wp-content/uploads/2024/01/thiago-maia-flamengo-internacional.jpg
Requested by
Host: colunadofla.com
URL: https://colunadofla.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
190.89.238.20 , Brazil, ASN28209 (Under Servicos de Internet Ltda, BR),
Reverse DNS
br86.serverdo.in
Software
nginx /
Resource Hash
fc8d093da8f258b6b78f78590a24cbed9a81ef5981beb9874ff26971cd332bd4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://colunadofla.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
public
date
Mon, 22 Jan 2024 16:16:32 GMT
last-modified
Fri, 05 Jan 2024 01:20:31 GMT
server
nginx
etag
"6597595f-e660"
vary
Accept
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
content-length
58976
expires
Tue, 21 Jan 2025 16:16:32 GMT
luiz-henrique-real-betis-flamengo-fluminense.jpg
colunadofla.com/wp-content/uploads/2023/12/ 		127 KB
127 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://colunadofla.com/wp-content/uploads/2023/12/luiz-henrique-real-betis-flamengo-fluminense.jpg
Requested by
Host: colunadofla.com
URL: https://colunadofla.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
190.89.238.20 , Brazil, ASN28209 (Under Servicos de Internet Ltda, BR),
Reverse DNS
br86.serverdo.in
Software
nginx /
Resource Hash
aed3ba6251e85d6729f7d2473e23d55287d70f3e9456546019992c0ac310083f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://colunadofla.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
public
date
Mon, 22 Jan 2024 16:16:32 GMT
last-modified
Sat, 23 Dec 2023 23:33:52 GMT
server
nginx
etag
"65876e60-1fc3c"
vary
Accept
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
content-length
130108
expires
Tue, 21 Jan 2025 16:16:32 GMT
werton.jpg
colunadofla.com/wp-content/uploads/2024/01/ 		61 KB
61 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://colunadofla.com/wp-content/uploads/2024/01/werton.jpg
Requested by
Host: colunadofla.com
URL: https://colunadofla.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
190.89.238.20 , Brazil, ASN28209 (Under Servicos de Internet Ltda, BR),
Reverse DNS
br86.serverdo.in
Software
nginx /
Resource Hash
47fd816cb2e3da1fee07464daced010c851db9a68768a2ab7c1e05ed28195e6a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://colunadofla.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
public
date
Mon, 22 Jan 2024 16:16:32 GMT
last-modified
Wed, 10 Jan 2024 02:11:40 GMT
server
nginx
etag
"659dfcdc-f31f"
vary
Accept
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
content-length
62239
expires
Tue, 21 Jan 2025 16:16:32 GMT
filipe-luis-embarque-flamengo-x-sao-paulo-brasileirao.jpg
colunadofla.com/wp-content/uploads/2023/12/ 		56 KB
56 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://colunadofla.com/wp-content/uploads/2023/12/filipe-luis-embarque-flamengo-x-sao-paulo-brasileirao.jpg
Requested by
Host: colunadofla.com
URL: https://colunadofla.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
190.89.238.20 , Brazil, ASN28209 (Under Servicos de Internet Ltda, BR),
Reverse DNS
br86.serverdo.in
Software
nginx /
Resource Hash
be4d1ef2273f2926eb6b68c83354d78367d45038b551a4ef69c92cea2fad16bc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://colunadofla.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
public
date
Mon, 22 Jan 2024 16:16:32 GMT
last-modified
Tue, 05 Dec 2023 18:08:51 GMT
server
nginx
etag
"656f6733-dfdb"
vary
Accept
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
content-length
57307
expires
Tue, 21 Jan 2025 16:16:32 GMT
elenco-comemorando-gol-philadelphia-unios-amistoso.jpg
colunadofla.com/wp-content/uploads/2024/01/ 		41 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://colunadofla.com/wp-content/uploads/2024/01/elenco-comemorando-gol-philadelphia-unios-amistoso.jpg
Requested by
Host: colunadofla.com
URL: https://colunadofla.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
190.89.238.20 , Brazil, ASN28209 (Under Servicos de Internet Ltda, BR),
Reverse DNS
br86.serverdo.in
Software
nginx /
Resource Hash
26c6f50cb469395333f4d73b569af05aa27b786e731c3760882ee27f34eb6046

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://colunadofla.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
public
date
Mon, 22 Jan 2024 16:16:32 GMT
last-modified
Sun, 21 Jan 2024 20:55:38 GMT
server
nginx
etag
"65ad84ca-a5b1"
vary
Accept
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
content-length
42417
expires
Tue, 21 Jan 2025 16:16:32 GMT
festa-torcida-maracana-flamengo-x-atletico-mg.jpg
colunadofla.com/wp-content/uploads/2023/11/ 		287 KB
288 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://colunadofla.com/wp-content/uploads/2023/11/festa-torcida-maracana-flamengo-x-atletico-mg.jpg
Requested by
Host: colunadofla.com
URL: https://colunadofla.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
190.89.238.20 , Brazil, ASN28209 (Under Servicos de Internet Ltda, BR),
Reverse DNS
br86.serverdo.in
Software
nginx /
Resource Hash
0985bf9b257363200e40708247b194352c42a5869820b522c7f8d05949026c55

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://colunadofla.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
public
date
Mon, 22 Jan 2024 16:16:32 GMT
last-modified
Wed, 29 Nov 2023 12:48:04 GMT
server
nginx
etag
"65673304-47d27"
vary
Accept
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
content-length
294183
expires
Tue, 21 Jan 2025 16:16:32 GMT
mario-jorge-flamengo.jpg
colunadofla.com/wp-content/uploads/2024/01/ 		171 KB
171 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://colunadofla.com/wp-content/uploads/2024/01/mario-jorge-flamengo.jpg
Requested by
Host: colunadofla.com
URL: https://colunadofla.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
190.89.238.20 , Brazil, ASN28209 (Under Servicos de Internet Ltda, BR),
Reverse DNS
br86.serverdo.in
Software
nginx /
Resource Hash
20f2a2a55eece0eac1b422599e89ab8c19bf06e64f38580c40e8519c664d54fb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://colunadofla.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
public
date
Mon, 22 Jan 2024 16:16:32 GMT
last-modified
Mon, 22 Jan 2024 12:05:50 GMT
server
nginx
etag
"65ae5a1e-2abd7"
vary
Accept
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
content-length
175063
expires
Tue, 21 Jan 2025 16:16:32 GMT
arrascaeta-flamengo-audax-carioca.jpg
colunadofla.com/wp-content/uploads/2024/01/ 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://colunadofla.com/wp-content/uploads/2024/01/arrascaeta-flamengo-audax-carioca.jpg
Requested by
Host: colunadofla.com
URL: https://colunadofla.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
190.89.238.20 , Brazil, ASN28209 (Under Servicos de Internet Ltda, BR),
Reverse DNS
br86.serverdo.in
Software
nginx /
Resource Hash
1fc5ad13b04dfb7a0f29f735a67003d71d8f34966a7a74522c1cf7898e331f43

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://colunadofla.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
public
date
Mon, 22 Jan 2024 16:16:32 GMT
last-modified
Fri, 19 Jan 2024 02:41:46 GMT
server
nginx
etag
"65a9e16a-8821"
vary
Accept
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
content-length
34849
expires
Tue, 21 Jan 2025 16:16:32 GMT
chamada-marketing-whatsapp.webp
colunadofla.com/wp-content/uploads/2023/06/ 		161 KB
161 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://colunadofla.com/wp-content/uploads/2023/06/chamada-marketing-whatsapp.webp
Requested by
Host: colunadofla.com
URL: https://colunadofla.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
190.89.238.20 , Brazil, ASN28209 (Under Servicos de Internet Ltda, BR),
Reverse DNS
br86.serverdo.in
Software
nginx /
Resource Hash
1a4b902ac54ad650b9a769f13341e985de506c4ca0e4cd6d6c4b0f36d61a6573

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://colunadofla.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
public
date
Mon, 22 Jan 2024 16:16:32 GMT
last-modified
Wed, 28 Jun 2023 05:26:10 GMT
server
nginx
etag
"649bc472-28346"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
content-length
164678
expires
Tue, 21 Jan 2025 16:16:32 GMT
e2d4e686547fbf27e732.png
ad.webads.media/images/delivery/ Frame 2FF4 		928 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.webads.media/images/delivery/e2d4e686547fbf27e732.png
Requested by
Host: ad.webads.media
URL: https://ad.webads.media/deliver/pixel/6f5a0f84a967110
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
116.203.19.36 Tettnang, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.36.19.203.116.clients.your-server.de
Software
nginx /
Resource Hash
31489288e85672dcc3dfb19e97f035fbef57b28ee36021a93de30463cc92cae3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.webads.media/deliver/pixel/6f5a0f84a967110
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
public
Date
Mon, 22 Jan 2024 16:16:32 GMT
Last-Modified
Mon, 31 Oct 2022 17:26:55 GMT
Server
nginx
ETag
"6360055f-3a0"
Content-Type
image/png
Cache-Control
max-age=172800, public, must-revalidate, proxy-revalidate
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
928
Expires
Wed, 24 Jan 2024 16:16:32 GMT
web
onesignal.com/api/v1/sync/84193562-f5d2-4dc4-a8e3-25ca4d6c4d2a/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/api/v1/sync/84193562-f5d2-4dc4-a8e3-25ca4d6c4d2a/web?callback=__jp0
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151605
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d73b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2eefcc491168e6bebf37b7ad06fadfbc5f3ad2a2fa1f6b9fd4368830f472e4eb
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://colunadofla.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 16:16:32 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
EXPIRED
content-encoding
br
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=15552000; includeSubDomains
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
d3120218-f6ef-44a8-a700-0403a7427acd
x-runtime
0.043861
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"2eefcc491168e6bebf37b7ad06fadfbc"
x-download-options
noopen
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=3600
cf-ray
84991a1b0d0a1c60-FRA
access-control-allow-headers
SDK-Version
expires
Mon, 22 Jan 2024 17:16:32 GMT
clarity.js
www.clarity.ms/s/0.7.20/ 		60 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/s/0.7.20/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/huxbalp2s6?ref=gtm2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
cbcfb303a1e7d1f9da8965565b535f4122f2de2f1f3ed9f61f3f9e2dad3dcf9d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://colunadofla.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 16:16:32 GMT
content-encoding
br
last-modified
Thu, 18 Jan 2024 15:10:56 GMT
etag
W/"0x8DC1837ABBF2420"
vary
Accept-Encoding
x-azure-ref
20240122T161632Z-88v9mh8zxx7sm0pdqm5y14q9ts00000000z0000000017557
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
x-ms-request-id
21cd6617-801e-0077-7baf-4bfb4f000000
cache-control
public, max-age=86400
x-cache
TCP_HIT
x-ms-version
2018-03-28
x-fd-int-roxy-purgeid
51562430
OneSignalSDKStyles.css
onesignal.com/sdks/ 		82 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/sdks/OneSignalSDKStyles.css?v=2
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151605
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:d73b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://colunadofla.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 16:16:32 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
age
246
etag
W/"4e9aaefffd5f8ae7dc83361aa2294190"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=2592000
cf-ray
84991a1ba9c668fe-FRA
access-control-allow-headers
OneSignal-Subscription-Id
alt-svc
h3=":443"; ma=86400
expires
Wed, 21 Feb 2024 16:16:32 GMT
icon
onesignal.com/api/v1/apps/84193562-f5d2-4dc4-a8e3-25ca4d6c4d2a/ 		44 B
708 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/api/v1/apps/84193562-f5d2-4dc4-a8e3-25ca4d6c4d2a/icon
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151605
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:d63b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e51140cdcd044ad76335646936ec53196a169aace83a8b266bc1c182a944609b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://colunadofla.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 16:16:32 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=15552000; includeSubDomains
alt-svc
h3=":443"; ma=86400
content-length
44
x-xss-protection
1; mode=block
x-request-id
54717621-e036-44c8-a47d-ab2701634a8c
x-runtime
0.012874
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"e51140cdcd044ad76335646936ec5319"
x-download-options
noopen
x-frame-options
SAMEORIGIN
vary
Accept, Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=0, private, must-revalidate
accept-ranges
bytes
cf-ray
84991a1c3c8a8fe0-FRA
access-control-allow-headers
SDK-Version
collect
t.clarity.ms/ 		0
295 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.20/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.114.189.70 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://colunadofla.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://colunadofla.com
Date
Mon, 22 Jan 2024 16:16:33 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d
truncated
/ 		582 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c1f6b66e052e0dba3f115f59a94d7304a27a73848db4b8995e2a2017ba79046b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/svg+xml
prebid.js
tags.denakop.com/ 		323 KB
101 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.denakop.com/prebid.js
Requested by
Host: tags.juicebarads.com
URL: https://tags.juicebarads.com/js/colunadofla.js?cachebust=1705940192201
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:170e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ca6f07ec1368dbc869318144688deac0eca76f09553a468c942c2d9a227ca4f5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://colunadofla.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 16:16:33 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Tue, 03 Oct 2023 13:24:20 GMT
server
cloudflare
age
1474
cf-polished
origSize=330936
etag
W/"651c1604-50cb8"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, must-revalidate, max-age=3600
timing-allow-origin
*
cf-ray
84991a1f0cbd383c-FRA
alt-svc
h3=":443"; ma=86400
pub-5822243610880583
fundingchoicesmessages.google.com/i/ 		183 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/i/pub-5822243610880583?ers=1
Requested by
Host: tags.juicebarads.com
URL: https://tags.juicebarads.com/js/colunadofla.js?cachebust=1705940192201
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8646c1db3a90c0f44884813424a81365a68e1a6b8597d8051798aed6eea890d5
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-FLonDK-P7uv5lrdmJmPHig' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://colunadofla.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 16:16:33 GMT
content-security-policy
script-src 'report-sample' 'nonce-FLonDK-P7uv5lrdmJmPHig' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		377 KB
130 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: tags.juicebarads.com
URL: https://tags.juicebarads.com/js/colunadofla.js?cachebust=1705940192201
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
38105aac42d1610743fba1feb58227a93739e52333b57597bd988ae71dad6353
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://colunadofla.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 16:16:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
132425
x-xss-protection
0
expires
Mon, 22 Jan 2024 16:16:33 GMT
js
www.googletagmanager.com/gtag/ 		276 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-P70CXNKW5H
Requested by
Host: tags.juicebarads.com
URL: https://tags.juicebarads.com/js/colunadofla.js?cachebust=1705940192201
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
215f7359036ccc412e703af5be1462f44cdf84aa907782a3b35d307cd46df68e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://colunadofla.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 16:16:33 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
93278
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 22 Jan 2024 16:16:33 GMT
js
www.googletagmanager.com/gtag/ 		276 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-P70CXNKW5H&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-60738862-1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
90bd2d967051c98f6c3af6c56132e92a81470be38cc6a3826114e1833060d646
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://colunadofla.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 16:16:33 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
93293
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 22 Jan 2024 16:16:33 GMT
t3m.js
tags.t.tailtarget.com/ 		15 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.t.tailtarget.com/t3m.js?i=TT-11382-4/CT-1249
Requested by
Host: colunadofla.com
URL: https://colunadofla.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.123.184 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
184.123.201.35.bc.googleusercontent.com
Software
nginx/1.8.1 /
Resource Hash
6fdd4e9b40aca531e10530f776c3fbb6ef8c74d360d93a75a23cb22153fbecbc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://colunadofla.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 14:53:35 GMT
content-encoding
gzip
via
1.1 google
age
4978
x-guploader-uploadid
ABPtcPr9uuR_1nvCsKX_SbXloBSP1D8C_LQhJIbRCJ3BKpEOuIHfhNq_fbR92Kae8x_7ZWetT5gviCM7QA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6184
last-modified
Thu, 19 Dec 2019 17:12:55 GMT
server
nginx/1.8.1
etag
"0aa924c986b60c68345be2b644a237df"
vary
Accept-Encoding
x-goog-generation
1576775575233105
x-goog-hash
md5=CqkkyYa2DGg0W+K2RKI33w==
content-type
application/javascript
cache-control
max-age=7200,public
x-goog-stored-content-length
6184
accept-ranges
bytes
expires
Mon, 22 Jan 2024 16:53:35 GMT
prebid.js
tags.juicebarads.com/js/ 		328 KB
105 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.juicebarads.com/js/prebid.js
Requested by
Host: tags.juicebarads.com
URL: https://tags.juicebarads.com/js/colunadofla.js?cachebust=1705940192201
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
190.89.238.88 , Brazil, ASN28209 (Under Servicos de Internet Ltda, BR),
Reverse DNS
br204.serverdo.in
Software
nginx /
Resource Hash
c5c3526917e554524ba76f85f768fb11ef858a9f4316b787496812580d4886c9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options “DENY”
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://colunadofla.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 16:16:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Wed, 10 Jan 2024 19:37:26 GMT
server
nginx
content-encoding
gzip
etag
W/"659ef1f6-51e73"
vary
Accept-Encoding
x-frame-options
“DENY”
content-type
application/javascript
x-xss-protection
1; mode=block
collect
region1.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-P70CXNKW5H&gtm=45je41h0v9121861011&_p=1705940191534&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1599854402.1705940192&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1705940193&sct=1&seg=0&dl=https%3A%2F%2Fcolunadofla.com%2F&dt=Flamengo%20%7C%20Not%C3%ADcias%2C%20jogos%20e%20v%C3%ADdeos&en=page_view&_fv=1&_ss=1&_ee=1&tfd=3454
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-P70CXNKW5H&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://colunadofla.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 16:16:33 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://colunadofla.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
AGSKWxXzWWIH1Rm7Fh7fGuzOk0nMwLdlPWJ6jRroho50GPWILIfxbtF0cZcv7cTAN5ghP0-NNbR64qBlk2xKieu80sFMWT71o7nHLFr9p5tM9uX_DVfwF65uY2zI2GhrPDBdoS2-j5eadw==
fundingchoicesmessages.google.com/f/ 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxXzWWIH1Rm7Fh7fGuzOk0nMwLdlPWJ6jRroho50GPWILIfxbtF0cZcv7cTAN5ghP0-NNbR64qBlk2xKieu80sFMWT71o7nHLFr9p5tM9uX_DVfwF65uY2zI2GhrPDBdoS2-j5eadw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA1OTQwMTkzLDIxMTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9jb2x1bmFkb2ZsYS5jb20vIixudWxsLFtbOCwia2hKdkRlRnNtYlEiXSxbOSwiZGUiXSxbMTYsIlsxLDEsMV0iXSxbMTksIjIiXSxbMTcsIlswXSJdXV0
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.khJvDeFsmbQ.es5.O/am=wA/d=1/rs=AJlcJMwJ9BA3wRA87nRKq-wcXLDPRM5jiw/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9875805105555fce0ea7336f32bb53232dab4913d49ead3628cecb5a63134517
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-hrEczG1AbclxaSttk8smeQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://colunadofla.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 16:16:33 GMT
content-security-policy
script-src 'report-sample' 'nonce-hrEczG1AbclxaSttk8smeQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		35 KB
13 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=294181521280792&correlator=331221524920723&eid=31080584%2C31080521%2C31079724&output=ldjh&gdfp_req=1&vrg=202401170101&ptt=17&impl=fifs&iu_parts=21715141650%3A22515816402%2Ccolunadofla.com&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C970x90&ifi=1&didk=99964827&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1705940193223&lmt=1705940193&adxs=436&adys=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fcolunadofla.com%2F&vis=1&psz=1600x-1&msz=1600x-1&fws=516&ohw=1600&ga_vid=1599854402.1705940192&ga_sid=1705940193&ga_hid=759708928&ga_fc=true&dlt=1705940191519&idt=916&prev_scp=site%3Dcolunadofla%26place%3Ddm-sticky%26sm%3Ds&cust_params=Version%3D1.02%26Estilos-de-Vida%3Dna%26Interesses%3Dna%26Times-de-Futebol%3Dna%26Renda%3Dna%26Micro-Segmentos%3Dna%26Audiencias%3Dna%26Equipamentos%3Dna%26Faixa-Etaria%3Dna%26Genero%3Dna&adks=1861204021&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401170101/pubads_impl.js?cb=31080521
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4e9dfe40d41586accab5e3019f91cdcc3ce67b70579842047bb412d17cc1b409
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://colunadofla.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 16:16:35 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13366
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://colunadofla.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		22 KB
10 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=294181521280792&correlator=331221524920723&eid=31080584%2C31080521%2C31079724&output=ldjh&gdfp_req=1&vrg=202401170101&ptt=17&impl=fifs&iu_parts=21715141650%3A22515816402%2Ccolunadofla.com&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C336x280&ifi=2&didk=3118911255&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1705940193228&lmt=1705940193&adxs=1030&adys=180&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fcolunadofla.com%2F&vis=1&psz=350x250&msz=350x0&fws=4&ohw=350&ga_vid=1599854402.1705940192&ga_sid=1705940193&ga_hid=759708928&ga_fc=true&dlt=1705940191519&idt=916&prev_scp=site%3Dcolunadofla%26place%3Ddmh-v-sidebar1&cust_params=Version%3D1.02%26Estilos-de-Vida%3Dna%26Interesses%3Dna%26Times-de-Futebol%3Dna%26Renda%3Dna%26Micro-Segmentos%3Dna%26Audiencias%3Dna%26Equipamentos%3Dna%26Faixa-Etaria%3Dna%26Genero%3Dna&adks=4175623571&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401170101/pubads_impl.js?cb=31080521
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
39ac5f1027bcaf08d58abeadaef1d1a3f960334631e7dff4c87b470954fe7e2f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://colunadofla.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 16:16:34 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10268
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://colunadofla.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		110 KB
45 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=294181521280792&correlator=331221524920723&eid=31080584%2C31080521%2C31079724&output=ldjh&gdfp_req=1&vrg=202401170101&ptt=17&impl=fifs&iu_parts=21715141650%3A22515816402%2Ccolunadofla.com&enc_prev_ius=%2F0%2F1&prev_iu_szs=350x50&ifi=3&didk=3118911252&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1705940193230&lmt=1705940193&adxs=1005&adys=196&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fcolunadofla.com%2F&vis=1&psz=350x250&msz=350x0&fws=4&ohw=350&ga_vid=1599854402.1705940192&ga_sid=1705940193&ga_hid=759708928&ga_fc=true&dlt=1705940191519&idt=916&prev_scp=site%3Dcolunadofla%26place%3Ddmh-v-sidebar2&cust_params=Version%3D1.02%26Estilos-de-Vida%3Dna%26Interesses%3Dna%26Times-de-Futebol%3Dna%26Renda%3Dna%26Micro-Segmentos%3Dna%26Audiencias%3Dna%26Equipamentos%3Dna%26Faixa-Etaria%3Dna%26Genero%3Dna&adks=4268202871&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401170101/pubads_impl.js?cb=31080521
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3245bffb513edafcce8abd7e2d303a891cd060e39d029bcc1873d3c2a9da1e2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://colunadofla.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 16:16:33 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
45556
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://colunadofla.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		22 KB
10 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=294181521280792&correlator=331221524920723&eid=31080584%2C31080521%2C31079724&output=ldjh&gdfp_req=1&vrg=202401170101&ptt=17&impl=fifs&iu_parts=21715141650%3A22515816402%2Ccolunadofla.com&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C336x280&ifi=4&didk=3118911253&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1705940193231&lmt=1705940193&adxs=1055&adys=1055&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fcolunadofla.com%2F&vis=1&psz=300x1633&msz=300x250&fws=516&ohw=300&ga_vid=1599854402.1705940192&ga_sid=1705940193&ga_hid=759708928&ga_fc=true&dlt=1705940191519&idt=916&prev_scp=site%3Dcolunadofla%26place%3Ddmh-v-sidebar3&cust_params=Version%3D1.02%26Estilos-de-Vida%3Dna%26Interesses%3Dna%26Times-de-Futebol%3Dna%26Renda%3Dna%26Micro-Segmentos%3Dna%26Audiencias%3Dna%26Equipamentos%3Dna%26Faixa-Etaria%3Dna%26Genero%3Dna&adks=4175623573&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401170101/pubads_impl.js?cb=31080521
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
70242fa4fc32014697cfb3f0354b1464db9d118b5f5bd9d9ce5e0005258fbeca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://colunadofla.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 16:16:34 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10259
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://colunadofla.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		60 KB
14 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=294181521280792&correlator=331221524920723&eid=31080584%2C31080521%2C31079724&output=ldjh&gdfp_req=1&vrg=202401170101&ptt=17&impl=fifs&iu_parts=21715141650%3A22515816402%2Ccolunadofla.com&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C336x280&ifi=5&didk=3299781287&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1705940193232&lmt=1705940193&adxs=275&adys=1123&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fcolunadofla.com%2F&vis=1&psz=360x313&msz=360x0&fws=4&ohw=360&ga_vid=1599854402.1705940192&ga_sid=1705940193&ga_hid=759708928&ga_fc=true&dlt=1705940191519&idt=916&prev_scp=site%3Dcolunadofla%26place%3Ddmh-v-destaque1&cust_params=Version%3D1.02%26Estilos-de-Vida%3Dna%26Interesses%3Dna%26Times-de-Futebol%3Dna%26Renda%3Dna%26Micro-Segmentos%3Dna%26Audiencias%3Dna%26Equipamentos%3Dna%26Faixa-Etaria%3Dna%26Genero%3Dna&adks=1510524526&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401170101/pubads_impl.js?cb=31080521
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8f0316fc8452da46add24d4b481940a02fc19adcb04b9e6718714fa74ad60051
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://colunadofla.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 16:16:36 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14553
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://colunadofla.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		91 KB
42 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=294181521280792&correlator=331221524920723&eid=31080584%2C31080521%2C31079724&output=ldjh&gdfp_req=1&vrg=202401170101&ptt=17&impl=fifs&iu_parts=21715141650%3A22515816402%2Ccolunadofla.com&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C336x280&ifi=6&didk=2426049261&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1705940193233&lmt=1705940193&adxs=275&adys=1848&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fcolunadofla.com%2F&vis=1&psz=360x313&msz=360x0&fws=4&ohw=360&ga_vid=1599854402.1705940192&ga_sid=1705940193&ga_hid=759708928&ga_fc=true&dlt=1705940191519&idt=916&prev_scp=site%3Dcolunadofla%26place%3Ddmh-v-par1&cust_params=Version%3D1.02%26Estilos-de-Vida%3Dna%26Interesses%3Dna%26Times-de-Futebol%3Dna%26Renda%3Dna%26Micro-Segmentos%3Dna%26Audiencias%3Dna%26Equipamentos%3Dna%26Faixa-Etaria%3Dna%26Genero%3Dna&adks=3428748908&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401170101/pubads_impl.js?cb=31080521
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8ff902cb97f360fdfd00e9cb012ff782303ff800cb1ddfff8cd9534cc704c74b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://colunadofla.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 16:16:37 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42834
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://colunadofla.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		109 KB
44 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=294181521280792&correlator=331221524920723&eid=31080584%2C31080521%2C31079724&output=ldjh&gdfp_req=1&vrg=202401170101&ptt=17&impl=fifs&iu_parts=21715141650%3A22515816402%2Ccolunadofla.com&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C336x280&ifi=7&didk=2426049260&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1705940193234&lmt=1705940193&adxs=275&adys=2556&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fcolunadofla.com%2F&vis=1&psz=360x334&msz=360x0&fws=4&ohw=360&ga_vid=1599854402.1705940192&ga_sid=1705940193&ga_hid=759708928&ga_fc=true&dlt=1705940191519&idt=916&prev_scp=site%3Dcolunadofla%26place%3Ddmh-v-par2&cust_params=Version%3D1.02%26Estilos-de-Vida%3Dna%26Interesses%3Dna%26Times-de-Futebol%3Dna%26Renda%3Dna%26Micro-Segmentos%3Dna%26Audiencias%3Dna%26Equipamentos%3Dna%26Faixa-Etaria%3Dna%26Genero%3Dna&adks=3428748909&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401170101/pubads_impl.js?cb=31080521
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ec845791aeb058de2649747b2d5fe37fe2e5aff507b67cc62266b4852f933032
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://colunadofla.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 16:16:34 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
45060
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://colunadofla.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		25 KB
11 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=294181521280792&correlator=331221524920723&eid=31080584%2C31080521%2C31079724&output=ldjh&gdfp_req=1&vrg=202401170101&ptt=17&impl=fifs&iu_parts=21715141650%3A22515816402%2Ccolunadofla.com&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C336x280&ifi=8&didk=2426049263&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1705940193235&lmt=1705940193&adxs=275&adys=3285&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=3&ucis=8&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fcolunadofla.com%2F&vis=1&psz=360x349&msz=360x0&fws=4&ohw=360&ga_vid=1599854402.1705940192&ga_sid=1705940193&ga_hid=759708928&ga_fc=true&dlt=1705940191519&idt=916&prev_scp=site%3Dcolunadofla%26place%3Ddmh-v-par3&cust_params=Version%3D1.02%26Estilos-de-Vida%3Dna%26Interesses%3Dna%26Times-de-Futebol%3Dna%26Renda%3Dna%26Micro-Segmentos%3Dna%26Audiencias%3Dna%26Equipamentos%3Dna%26Faixa-Etaria%3Dna%26Genero%3Dna&adks=3428748910&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401170101/pubads_impl.js?cb=31080521
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d2597376ff0aa821df542df988e9f0b0bdc84b358855ecda37c80aaf34db2adf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://colunadofla.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 16:16:36 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11566
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://colunadofla.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		60 KB
14 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=294181521280792&correlator=331221524920723&eid=31080584%2C31080521%2C31079724&output=ldjh&gdfp_req=1&vrg=202401170101&ptt=17&impl=fifs&iu_parts=21715141650%3A22515816402%2Ccolunadofla.com&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C300x250%7C336x280&ifi=9&didk=3299781286&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1705940193236&lmt=1705940193&adxs=256&adys=3648&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=4&ucis=9&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fcolunadofla.com%2F&vis=1&psz=1140x5073&msz=728x0&fws=4&ohw=728&ga_vid=1599854402.1705940192&ga_sid=1705940193&ga_hid=759708928&ga_fc=true&dlt=1705940191519&idt=916&prev_scp=site%3Dcolunadofla%26place%3Ddmh-v-destaque2&cust_params=Version%3D1.02%26Estilos-de-Vida%3Dna%26Interesses%3Dna%26Times-de-Futebol%3Dna%26Renda%3Dna%26Micro-Segmentos%3Dna%26Audiencias%3Dna%26Equipamentos%3Dna%26Faixa-Etaria%3Dna%26Genero%3Dna&adks=926198616&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401170101/pubads_impl.js?cb=31080521
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
128130c4ddda9b91546695f014149bc57d2acc8b698985bebe3602b8aa6e7d1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://colunadofla.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 16:16:36 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14599
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://colunadofla.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		190 KB
53 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=294181521280792&correlator=331221524920723&eid=31080584%2C31080521%2C31079724&output=ldjh&gdfp_req=1&vrg=202401170101&ptt=17&impl=fifs&iu_parts=21715141650%3A22515816402%2Ccolunadofla.com&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=10&didk=2895817028&sfv=1-0-40&ists=1&fas=8&sc=1&cookie_enabled=1&abxe=1&dt=1705940193237&lmt=1705940193&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=a&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fcolunadofla.com%2F&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1599854402.1705940192&ga_sid=1705940193&ga_hid=759708928&ga_fc=true&dlt=1705940191519&idt=916&prev_scp=site%3Dcolunadofla%26place%3Dinterstitial&cust_params=Version%3D1.02%26Estilos-de-Vida%3Dna%26Interesses%3Dna%26Times-de-Futebol%3Dna%26Renda%3Dna%26Micro-Segmentos%3Dna%26Audiencias%3Dna%26Equipamentos%3Dna%26Faixa-Etaria%3Dna%26Genero%3Dna&adks=587538470&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401170101/pubads_impl.js?cb=31080521
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
197c59bab4312d499aefeeaa8d93c57f65c422db6e8e040b4d1f747d008d3c01
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://colunadofla.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 16:16:35 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53830
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://colunadofla.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame AEE8 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401170101/pubads_impl.js?cb=31080521
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://colunadofla.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 22 Jan 2024 16:16:33 GMT
expires
Tue, 21 Jan 2025 16:16:33 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pubads_impl_page_level_ads.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401170101/ 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401170101/pubads_impl_page_level_ads.js?cb=31080521
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401170101/pubads_impl.js?cb=31080521
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
37fccb1c28e7bf54c11bec26a3ba55cc10f901b138fbd21aad32ef3578229da8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://colunadofla.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 12:37:36 GMT
content-encoding
br
x-content-type-options
nosniff
age
13137
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13860
x-xss-protection
0
server
cafe
etag
12722142586417172404
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Tue, 21 Jan 2025 12:37:36 GMT
prebid
ib.adnxs.com/ut/v3/ 		50 B
741 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
b98d68dfcac900dd387f517a3e8e5d84bc1c3b775222660221c780a73d729fb7
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://colunadofla.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 16:16:33 GMT
an-x-request-uuid
3557c183-80dc-4ead-96a6-0b6f09e50a07
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://colunadofla.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
217.114.215.131; 217.114.215.131; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
50
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
prg.smartadserver.com/prebid/ 		0
337 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.123 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://colunadofla.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 16:16:32 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://colunadofla.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
v1
prg.smartadserver.com/prebid/ 		0
337 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.123 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://colunadofla.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 16:16:32 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://colunadofla.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
v1
prg.smartadserver.com/prebid/ 		0
337 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.123 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://colunadofla.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 16:16:32 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://colunadofla.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
v1
prg.smartadserver.com/prebid/ 		0
337 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.123 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://colunadofla.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 16:16:33 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://colunadofla.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
v1
prg.smartadserver.com/prebid/ 		0
337 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.123 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://colunadofla.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 16:16:33 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://colunadofla.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
v1
prg.smartadserver.com/prebid/ 		0
337 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.123 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://colunadofla.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 16:16:32 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://colunadofla.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
v1
prg.smartadserver.com/prebid/ 		0
337 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.123 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://colunadofla.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 16:16:33 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://colunadofla.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
v1
prg.smartadserver.com/prebid/ 		0
337 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.123 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://colunadofla.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 16:16:33 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://colunadofla.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
v1
prg.smartadserver.com/prebid/ 		0
337 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.123 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://colunadofla.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 16:16:33 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://colunadofla.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		303 B
644 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23648&site_id=401834&zone_id=2250872&size_id=2&rf=https%3A%2F%2Fcolunadofla.com%2F&tg_i.domain=colunadofla.com&tg_i.page=https%3A%2F%2Fcolunadofla.com%2F&tk_flint=pbjs_lite_v8.17.0&l_pb_bid_id=223c803d11233b4&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.4988036956325457
Requested by
Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::45 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
e1b5a7cc494f490beb0d17f0aef199fc399f6853d7a35f28c39ae15a583cce6c

Request headers

Referer
https://colunadofla.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 16:16:33 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://colunadofla.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
303
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		324 B
665 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23648&site_id=401834&zone_id=2250872&size_id=15&alt_size_ids=16&rf=https%3A%2F%2Fcolunadofla.com%2F&tg_i.domain=colunadofla.com&tg_i.page=https%3A%2F%2Fcolunadofla.com%2F&tk_flint=pbjs_lite_v8.17.0&l_pb_bid_id=23b53e934f32438&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.09434394451548722
Requested by
Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::45 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
ec3ae32aa8896c5c1df88bc8342fe3a58d6e83bc02cb8511126dc6d314b8c8be

Request headers

Referer
https://colunadofla.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 16:16:33 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://colunadofla.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
324
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		324 B
665 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23648&site_id=401834&zone_id=2250872&size_id=15&alt_size_ids=16&rf=https%3A%2F%2Fcolunadofla.com%2F&tg_i.domain=colunadofla.com&tg_i.page=https%3A%2F%2Fcolunadofla.com%2F&tk_flint=pbjs_lite_v8.17.0&l_pb_bid_id=25cbe30e46fb0df&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.5395294341903989
Requested by
Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::45 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
4da9f9f876a19f081e2471300deb0e414a5a4cecfac55b0619c7b1238565b479

Request headers

Referer
https://colunadofla.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 16:16:33 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://colunadofla.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
324
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		324 B
665 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23648&site_id=401834&zone_id=2250872&size_id=15&alt_size_ids=16&rf=https%3A%2F%2Fcolunadofla.com%2F&tg_i.domain=colunadofla.com&tg_i.page=https%3A%2F%2Fcolunadofla.com%2F&tk_flint=pbjs_lite_v8.17.0&l_pb_bid_id=26476977a254bab&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.9209157796451468
Requested by
Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::45 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
6da805276a266f21e76a3baa90927665780099aed2a27c83befeddda91f14123

Request headers

Referer
https://colunadofla.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 16:16:33 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://colunadofla.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
324
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		324 B
666 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23648&site_id=401834&zone_id=2250872&size_id=15&alt_size_ids=16&rf=https%3A%2F%2Fcolunadofla.com%2F&tg_i.domain=colunadofla.com&tg_i.page=https%3A%2F%2Fcolunadofla.com%2F&tk_flint=pbjs_lite_v8.17.0&l_pb_bid_id=27f0cfa6f88b329&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.6289416257602232
Requested by
Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::45 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
f0d90e81a2ff97160fb785b159680eea315316d332fc2e3b135addfb758693f0

Request headers

Referer
https://colunadofla.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 16:16:33 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://colunadofla.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
324
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		324 B
840 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23648&site_id=401834&zone_id=2250872&size_id=15&alt_size_ids=16&rf=https%3A%2F%2Fcolunadofla.com%2F&tg_i.domain=colunadofla.com&tg_i.page=https%3A%2F%2Fcolunadofla.com%2F&tk_flint=pbjs_lite_v8.17.0&l_pb_bid_id=283c52d717e8bb4&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.3139737968517695
Requested by
Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::45 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
f3624b2e2adf3efa4e37fefeb6dd825564ead1acd29077a34f15ef5cce28d57a

Request headers

Referer
https://colunadofla.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 16:16:33 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://colunadofla.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
324
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		324 B
665 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23648&site_id=401834&zone_id=2250872&size_id=15&alt_size_ids=16&rf=https%3A%2F%2Fcolunadofla.com%2F&tg_i.domain=colunadofla.com&tg_i.page=https%3A%2F%2Fcolunadofla.com%2F&tk_flint=pbjs_lite_v8.17.0&l_pb_bid_id=29c050e2199beb6&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.0815002795999138
Requested by
Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::45 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
55702ad7bd542f20600a014e59b095828e4c2df0860b2ee4707b298732acb175

Request headers

Referer
https://colunadofla.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 16:16:33 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://colunadofla.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
324
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		326 B
667 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23648&site_id=401834&zone_id=2250872&size_id=15&alt_size_ids=2%2C16&rf=https%3A%2F%2Fcolunadofla.com%2F&tg_i.domain=colunadofla.com&tg_i.page=https%3A%2F%2Fcolunadofla.com%2F&tk_flint=pbjs_lite_v8.17.0&l_pb_bid_id=30a0f730b9eaf7&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.4745486070196694
Requested by
Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::45 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
cb9ab788552ddfdb7e7c60a6585515bbd307e452183b311ecfae1b7ba66824e6

Request headers

Referer
https://colunadofla.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 16:16:33 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://colunadofla.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
326
expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid-request
onetag-sys.com/ 		15 B
412 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://colunadofla.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://colunadofla.com
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
bids
prebid-us.creativecdn.com/bidder/prebid/ 		0
178 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid-us.creativecdn.com/bidder/prebid/bids
Requested by
Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.10.30 , Poland, ASN203690 (RTB-HOUSE-ASH, PL),
Reverse DNS
ip-185-184-10-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://colunadofla.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://colunadofla.com
date
Mon, 22 Jan 2024 16:16:33 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=CE77C39BDACB4A558FC17015DA3FA71C&RedC=c.clarity.ms&MXFR=232419580EBE6C1C39090D560ABE629B
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=CE77C39BDACB4A558FC17015DA3FA71C&MUID=0D74168E42E26CD418090280434E6D3F
42 B
464 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=CE77C39BDACB4A558FC17015DA3FA71C&MUID=0D74168E42E26CD418090280434E6D3F
Protocol
H2
Server
68.219.88.97 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://colunadofla.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 16:16:33 GMT
last-modified
Wed, 10 Jan 2024 21:11:32 GMT
server
Microsoft-IIS/10.0
etag
"d765ee95944da1:0"
x-powered-by
ASP.NET
content-type
image/gif
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42

Redirect headers

pragma
no-cache
date
Mon, 22 Jan 2024 16:16:33 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 09B322974E074F3F94FA4C4F4DCA6DA2 Ref B: FRA31EDGE0808 Ref C: 2024-01-22T16:16:33Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=CE77C39BDACB4A558FC17015DA3FA71C&MUID=0D74168E42E26CD418090280434E6D3F
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
conversion.js
d.tailtarget.com/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d.tailtarget.com/conversion.js
Requested by
Host: colunadofla.com
URL: https://colunadofla.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.123.184 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
184.123.201.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
f3d70165d1438b13b94b2aebf55f853777b6f44c8ca0b3473728bfefa90b115f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://colunadofla.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 21:41:03 GMT
content-encoding
gzip
age
66930
x-guploader-uploadid
ABPtcPp_-hQbF2zOgWa3ukOLlslOL7DG8pjvKCWsPK4uxI6XMbH6Zrnnn-lK0jMp5lNrDE7qRDQ
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6116
last-modified
Thu, 14 Sep 2023 12:59:30 GMT
server
UploadServer
etag
"c39451e5dec2be7fc7d6df76b55be662"
x-goog-hash
crc32c=SdVkEQ==, md5=w5RR5d7Cvn/H1t92tVvmYg==
x-goog-generation
1694696370171925
content-language
en
content-type
application/javascript
cache-control
public, max-age=86400,no-transform
x-goog-stored-content-length
6116
accept-ranges
bytes
expires
Mon, 22 Jan 2024 21:41:03 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202401170101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401170101/pubads_impl.js?cb=31080521
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d3cffbe32249c8aae52dbfaa3d5c3edbf86e42e73bdb48538a9170cedc3c6af7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://colunadofla.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 16:16:33 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12116
x-xss-protection
0
rt.js
rtads.s3.sa-east-1.amazonaws.com/ 		18 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rtads.s3.sa-east-1.amazonaws.com/rt.js?hash=3b3465aa4b7ae7631900e5ab3dbd7fe2&t=2
Requested by
Host: colunadofla.com
URL: https://colunadofla.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.5.234.115 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-sa-east-1-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
4abba191223d78eea7532e5b14e836b24b4a391ae8039f4ef76fe6a68cbd9970

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://colunadofla.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 22 Jan 2024 16:16:35 GMT
Last-Modified
Sat, 18 Nov 2023 09:52:10 GMT
Server
AmazonS3
x-amz-request-id
6M0RGCQ1PQGAS120
ETag
"fd84f00dd606142dc5ddc9236258b86e"
x-amz-server-side-encryption
AES256
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
18744
x-amz-id-2
2qfbQDuLDZqHeMBfhzbO/67wXhRPqQNJt7CGHW0CHt6etYgyKiQ+/G3S/OdQ68D5vATFjWk0jZStfUPklXem9Q==
beacon.js
sb.scorecardresearch.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: colunadofla.com
URL: https://colunadofla.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.183.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-183-30.zrh55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://colunadofla.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 03:16:31 GMT
content-encoding
gzip
via
1.1 841da31399fe7f7e7065c840a22fae0a.cloudfront.net (CloudFront)
last-modified
Thu, 07 Dec 2023 12:13:41 GMT
server
AmazonS3
x-amz-cf-pop
ZRH55-P1
age
46896
x-amz-server-side-encryption
AES256
etag
W/"a06e7a176f40dc26aa5e9567ac9d2d5e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
3xDCT4NYZqwlVWhKgZP1phPD5IceX7silzKw8EF2Bo2gjZTcdI9oZw==
t3m.js
tags.t.tailtarget.com/ 		73 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.t.tailtarget.com/t3m.js?i=TT-9964-3/CT-23
Requested by
Host: colunadofla.com
URL: https://colunadofla.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.123.184 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
184.123.201.35.bc.googleusercontent.com
Software
nginx/1.8.1 /
Resource Hash
6c22bbed0afe926a4ad7941291775e6b212006a5d26a720b253a8c028c870cd3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://colunadofla.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 15:25:09 GMT
content-encoding
gzip
via
1.1 google
age
3084
x-guploader-uploadid
ABPtcPr1BpOwaaKHLm-A5v358EGVvHnBMF3ocxaD2fC5rIZVXTtA6e4AK255aobkXCu_1v_6yVQ
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21234
last-modified
Wed, 13 Sep 2023 13:22:21 GMT
server
nginx/1.8.1
etag
"13721cc7c233ffe3299c16c1f82c8394"
vary
Accept-Encoding
x-goog-generation
1694611341874847
x-goog-hash
md5=E3Icx8Iz/+MpnBbB+CyDlA==
content-type
application/javascript
cache-control
max-age=7200,public
x-goog-stored-content-length
21234
accept-ranges
bytes
expires
Mon, 22 Jan 2024 17:25:09 GMT
js
www.googletagmanager.com/gtag/ 		204 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-931232517
Requested by
Host: tags.t.tailtarget.com
URL: https://tags.t.tailtarget.com/t3m.js?i=TT-9964-3/CT-23
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
000ece53b2387a99f868ac9944969bf7e35932c25515f8c1c1891d3cc8bb4291
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://colunadofla.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 16:16:33 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
74853
x-xss-protection
0
last-modified
Mon, 22 Jan 2024 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 22 Jan 2024 16:16:33 GMT
js
www.googletagmanager.com/gtag/ 		230 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-814785950
Requested by
Host: tags.t.tailtarget.com
URL: https://tags.t.tailtarget.com/t3m.js?i=TT-9964-3/CT-23
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
7e94ac307f582667740067e3a7b956f8a7a3e682ba23d0a54e653641f01d41be
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://colunadofla.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 16:16:33 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
81233
x-xss-protection
0
last-modified
Mon, 22 Jan 2024 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 22 Jan 2024 16:16:33 GMT
js
www.googletagmanager.com/gtag/ 		230 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-814785950&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-60738862-1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
eff1143779f056e4bb4193933d2145a8f54fe7d9788407253a0c0eb70fffd110
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://colunadofla.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 16:16:33 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
81339
x-xss-protection
0
last-modified
Mon, 22 Jan 2024 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 22 Jan 2024 16:16:33 GMT
js
www.googletagmanager.com/gtag/ 		230 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-801247112
Requested by
Host: tags.t.tailtarget.com
URL: https://tags.t.tailtarget.com/t3m.js?i=TT-9964-3/CT-23
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
7c237d08b31ee7882d5eb58e69ac94a479b4bdfd0bdb4bf04f91c37effad0fb2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://colunadofla.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 16:16:33 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
81312
x-xss-protection
0
last-modified
Mon, 22 Jan 2024 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 22 Jan 2024 16:16:33 GMT
js
www.googletagmanager.com/gtag/ 		230 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-801247112&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-60738862-1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
60ebd54f8b161fc21ec650f7d074c95eacbdf19bd617a70bae78e1aae631ecbc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://colunadofla.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 16:16:33 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
81262
x-xss-protection
0
last-modified
Mon, 22 Jan 2024 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 22 Jan 2024 16:16:33 GMT
js
www.googletagmanager.com/gtag/ 		196 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-AW-931232517&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-60738862-1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
fcc44d3c728207cad27ff18bd94adec286d757eec477f0512d5c34b5a41efd66
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://colunadofla.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 16:16:33 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
72594
x-xss-protection
0
last-modified
Mon, 22 Jan 2024 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 22 Jan 2024 16:16:33 GMT
container.html
48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 4C61 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401170101/pubads_impl.js?cb=31080521
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://colunadofla.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 22 Jan 2024 16:16:33 GMT
expires
Tue, 21 Jan 2025 16:16:33 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
base.js
d.tailtarget.com/ 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d.tailtarget.com/base.js
Requested by
Host: d.tailtarget.com
URL: https://d.tailtarget.com/conversion.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.201.123.184 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
184.123.201.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
54930f8d5930ea73a5643b6e7cd4f3e5142609ed371fd9d1969ad38dba591ab4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://colunadofla.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 08:28:25 GMT
content-encoding
gzip
age
28088
x-guploader-uploadid
ABPtcPqBURRUsmlkInGaw3bq-2OX50R5UP_T2l7oQE6a2PGZl8CYVgKTzp67y195c-h7gpcfdmfd9I9_Dg
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8334
last-modified
Thu, 14 Sep 2023 12:59:30 GMT
server
UploadServer
etag
"20de3c90b2d9541b062276e079f0eaa7"
x-goog-hash
crc32c=yMCztg==, md5=IN48kLLZVBsGInbgefDqpw==
x-goog-generation
1694696370056280
content-language
en
content-type
application/javascript
cache-control
public, max-age=86400,no-transform
x-goog-stored-content-length
8334
accept-ranges
bytes
expires
Tue, 23 Jan 2024 08:28:25 GMT
trk
tt-9964-3.seg.t.tailtarget.com/ 		70 B
664 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tt-9964-3.seg.t.tailtarget.com/trk?tA=TT-9964-3&tJ=_channel:r7-cas-alimentacaosaudavel:1|_channel:r7-cas-int-em-livros:1|_channel:r7-visao-geral:1&tK=1705940194&tM=direct&tL=direct&tN=direct&tY=3&tZ=648397470
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
99.185.102.34.bc.googleusercontent.com
Software
nginx/1.17.8 /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://colunadofla.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 16:16:33 GMT
via
1.1 google
server
nginx/1.17.8
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
image/png
cache-control
no-cache, private, proxy-revalidate
content-disposition
inline
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
70
b
sb.scorecardresearch.com/ 		0
224 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b?c1=2&c2=14194541&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1705940193761&ns_c=UTF-8&c7=https%3A%2F%2Fcolunadofla.com%2F&c8=Flamengo%20%7C%20Not%C3%ADcias%2C%20jogos%20e%20v%C3%ADdeos&c9=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.183.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-183-30.zrh55.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://colunadofla.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 16:16:33 GMT
via
1.1 841da31399fe7f7e7065c840a22fae0a.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
ZRH55-P1
x-amz-cf-id
lHheG518DaaQN55hnZcDo5o2wJJxN1O4hl6dCZetXRMJrwnxk3NlDQ==
x-cache
Miss from cloudfront
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/814785950/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/814785950/?random=1705940193772&cv=11&fst=1705940193772&bg=ffffff&guid=ON&async=1&gtm=45be41h0v887832856&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fcolunadofla.com%2F&hn=www.googleadservices.com&frm=0&tiba=Flamengo%20%7C%20Not%C3%ADcias%2C%20jogos%20e%20v%C3%ADdeos&auid=1593730856.1705940194&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-814785950&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
42a26146ae91a29d6f31a955b4d1ed23e36ae77bbdafb5467d24db269345a667
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://colunadofla.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 16:16:33 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1300
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401170101/pubads_impl.js?cb=31080521
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://colunadofla.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 16:16:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 22 Jan 2024 16:16:33 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 582E 		624 B
557 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CO-p_psDEOa-zKMDGOfqm4MCMAE&v=APEucNWoCOc-1Ypt0A8z2DVg8vgiUbqGl4CMidatCxAKgUXt1O2x9m0lYXQ0pXpa03CvTNWwEKHnUzSwNSRorBjmCzGvEmFHSQXIlYQd88nhzuC8IADaj6K5qa6T_lBkA0QWm3v39FusauE5f6LeGXek68BuNRKROkQcR1fUB7n2UFd3AaevjEHPu3pEhnxLNLgd50TymQyaL2BrkzSEShWC1-kvwSv6Gg
Requested by
Host: 48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com
URL: https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 22 Jan 2024 16:16:33 GMT
expires
Mon, 22 Jan 2024 16:16:33 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
express_html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame 4C61 		111 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Requested by
Host: colunadofla.com
URL: https://colunadofla.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/
Origin
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 21:44:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
66734
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39806
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:44:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 22 Jan 2024 21:44:19 GMT
omrhp_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20240118/r20110914/elements/html/ Frame 4C61 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240118/r20110914/elements/html/omrhp_fy2021.js
Requested by
Host: colunadofla.com
URL: https://colunadofla.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef34301455784e8a56ecc7a80985d6fd317ddd8328b6232dc0bc3223d79c91c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 18:37:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
77925
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3206
x-xss-protection
0
server
cafe
etag
12640889860211258669
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 04 Feb 2024 18:37:48 GMT
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20240118/r20110914/ Frame 4C61 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240118/r20110914/abg_lite_fy2021.js
Requested by
Host: colunadofla.com
URL: https://colunadofla.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 18:32:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
78265
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9276
x-xss-protection
0
server
cafe
etag
3558958386372919956
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 04 Feb 2024 18:32:08 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 4C61 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: colunadofla.com
URL: https://colunadofla.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 17:14:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
428505
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 16 Jan 2025 17:14:48 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame 4C61 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/window_focus_fy2021.js
Requested by
Host: 48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com
URL: https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 09:41:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
23708
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 05 Feb 2024 09:41:25 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame 4C61 		20 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com
URL: https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 18:29:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
78436
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8492
x-xss-protection
0
server
cafe
etag
9878124937798820110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 04 Feb 2024 18:29:17 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4C61 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DJySF9m-985Lt1g1cWHBI7gFVHJynswsbsoaOCN4nHNCgtTZ-rLkFKke7Lv_TSeSZ6QcWhyF4kI4CsVnQvbkoLSLiVN52OSFtB7yWEIICkM2-xYDQ
Requested by
Host: 48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com
URL: https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 16:16:33 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 4C61 		206 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: 48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com
URL: https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 16:16:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66453
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1705495733332172"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 22 Jan 2024 16:16:33 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/801247112/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/801247112/?random=1705940193812&cv=11&fst=1705940193812&bg=ffffff&guid=ON&async=1&gtm=45be41h0v876458346&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fcolunadofla.com%2F&hn=www.googleadservices.com&frm=0&tiba=Flamengo%20%7C%20Not%C3%ADcias%2C%20jogos%20e%20v%C3%ADdeos&auid=1593730856.1705940194&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-801247112
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e2d000d8f2a825432b6b20b09c894946c5ef626366b546db9c0397ad7da75089
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://colunadofla.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 16:16:33 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1302
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
u
b.t.tailtarget.com/ 		76 B
315 B 		Script
General
Check archive.org
Download Go to
Full URL
https://b.t.tailtarget.com/u?env=_ttq_tteurekaads
Requested by
Host: d.tailtarget.com
URL: https://d.tailtarget.com/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
99.185.102.34.bc.googleusercontent.com
Software
nginx/1.17.8 /
Resource Hash
0ad2c35b5c6285b74710e2e953b699ea781dcd49b455cf38eab359cc96db6baa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://colunadofla.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 16:16:33 GMT
content-encoding
gzip
via
1.1 google
server
nginx/1.17.8
vary
Accept-Encoding, Accept-Encoding
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
application/x-javascript
cache-control
private, proxy-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
u
b.t.tailtarget.com/ 		54 B
329 B 		Script
General
Check archive.org
Download Go to
Full URL
https://b.t.tailtarget.com/u?
Requested by
Host: d.tailtarget.com
URL: https://d.tailtarget.com/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
99.185.102.34.bc.googleusercontent.com
Software
nginx/1.17.8 /
Resource Hash
621a52a805a8bf400ad1153b715536d6e6f34c87a047ebb33eeff3129af31581

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://colunadofla.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 16:16:33 GMT
content-encoding
gzip
via
1.1 google
server
nginx/1.17.8
vary
Accept-Encoding, Accept-Encoding
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
application/x-javascript
cache-control
private, proxy-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/AW-931232517/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/AW-931232517/?random=1705940193830&cv=11&fst=1705940193830&bg=ffffff&guid=ON&async=1&gtm=45be41h0&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fcolunadofla.com%2F&hn=www.googleadservices.com&frm=0&tiba=Flamengo%20%7C%20Not%C3%ADcias%2C%20jogos%20e%20v%C3%ADdeos&auid=1593730856.1705940194&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-AW-931232517&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5feb0418f2fa206c78b1da503b3f14ee8852ad25956f30c6db1ca92046badc8f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://colunadofla.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 16:16:33 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1289
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame 4C61 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
14f146cd51b8689ecc324ea735199d3f90998a9075ae9ada58b40849e5ccb68b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/png
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 2FE0 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
428505
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 17 Jan 2024 17:14:48 GMT
expires
Thu, 16 Jan 2025 17:14:48 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame EBAE 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://colunadofla.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
23680
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 22 Jan 2024 09:41:53 GMT
expires
Tue, 21 Jan 2025 09:41:53 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 5504 		829 B
997 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
2dbf0033c76d6c789cce7caa4dee2f95a16d6582f6081e6d22d5d466ad48eb87
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-cVqU5NCw8cbM50sHsDqpYw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://colunadofla.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-cVqU5NCw8cbM50sHsDqpYw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 22 Jan 2024 16:16:33 GMT
expires
Mon, 22 Jan 2024 16:16:33 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
rum
dsum-sec.casalemedia.com/ Frame 582E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHA69z9e2lnpzbPz_mTH0u0&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHA69z9e2lnpzbPz_mTH0u0&google_cver=1&C=1
43 B
771 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHA69z9e2lnpzbPz_mTH0u0&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO-p_psDEOa-zKMDGOfqm4MCMAE&v=APEucNWoCOc-1Ypt0A8z2DVg8vgiUbqGl4CMidatCxAKgUXt1O2x9m0lYXQ0pXpa03CvTNWwEKHnUzSwNSRorBjmCzGvEmFHSQXIlYQd88nhzuC8IADaj6K5qa6T_lBkA0QWm3v39FusauE5f6LeGXek68BuNRKROkQcR1fUB7n2UFd3AaevjEHPu3pEhnxLNLgd50TymQyaL2BrkzSEShWC1-kvwSv6Gg
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 16:16:34 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e1IMXOFW0Cpmohz%2F%2BudrK3rBRVw0PTIZPy3RuYK4mqh2ukY9sahlD5irU3AfoBvtfslV%2BgFvH%2FRaDl8yl24TzdwKFt9l8hlF%2FfKBgUP%2BbgAi09InDErYHOwtkFiGWeyHMmgGxjG88iMPHw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
84991a24da382671-TXL
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 22 Jan 2024 16:16:34 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rq0edDiANAb1QAuttn%2FkWasNrG%2FfDCy7CSVz6n%2FY4CbSH8xgYAUHd5z0B2i%2BnUw7VcEZqgW3HccLBtqjWpQyJwGG9%2BW0VGnTxaisR7Kh6jSaCnbPGs4oq0xZYuMOuuCPsr1yg70DFKERSg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
/rum?cm_dsp_id=45&external_user_id=CAESEHA69z9e2lnpzbPz_mTH0u0&google_cver=1&C=1
cache-control
no-cache
cf-ray
84991a246c612685-TXL
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
rum
dsum-sec.casalemedia.com/ Frame 582E
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Za6U4ZN7oIWYpN0MSEQ1kAAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHA69z9e2lnpzbPz_mTH0u0&google_cver=1
43 B
731 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHA69z9e2lnpzbPz_mTH0u0&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO-p_psDEOa-zKMDGOfqm4MCMAE&v=APEucNWoCOc-1Ypt0A8z2DVg8vgiUbqGl4CMidatCxAKgUXt1O2x9m0lYXQ0pXpa03CvTNWwEKHnUzSwNSRorBjmCzGvEmFHSQXIlYQd88nhzuC8IADaj6K5qa6T_lBkA0QWm3v39FusauE5f6LeGXek68BuNRKROkQcR1fUB7n2UFd3AaevjEHPu3pEhnxLNLgd50TymQyaL2BrkzSEShWC1-kvwSv6Gg
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 16:16:34 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EmTT1X0geLvcNSUPrWaB%2BubKWcdbPzWuaLFOBaPVsIfc1AiCbRZyF5VfMSELnmid13AxOPhCXZD4qFYtEBNfKu214iLZzVcME3m08b7BpUcDK%2BOLw1s6immvGWNNTxNtHmvPcLsAOacFPg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
84991a252af22671-TXL
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 22 Jan 2024 16:16:34 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHA69z9e2lnpzbPz_mTH0u0&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 582E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEIcvZB41U-A7JknQjC4Xb7M&google_cver=1
43 B
1010 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEIcvZB41U-A7JknQjC4Xb7M&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO-p_psDEOa-zKMDGOfqm4MCMAE&v=APEucNWoCOc-1Ypt0A8z2DVg8vgiUbqGl4CMidatCxAKgUXt1O2x9m0lYXQ0pXpa03CvTNWwEKHnUzSwNSRorBjmCzGvEmFHSQXIlYQd88nhzuC8IADaj6K5qa6T_lBkA0QWm3v39FusauE5f6LeGXek68BuNRKROkQcR1fUB7n2UFd3AaevjEHPu3pEhnxLNLgd50TymQyaL2BrkzSEShWC1-kvwSv6Gg
Protocol
H2
Server
185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 16:16:33 GMT
an-x-request-uuid
90a13e4b-787a-41ed-ac93-55c5d98cff79
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
217.114.215.131; 217.114.215.131; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 22 Jan 2024 16:16:33 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEIcvZB41U-A7JknQjC4Xb7M&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 582E
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODA2NDE4MTQ3NDcxMjczOTk0
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODA2NDE4MTQ3NDcxMjczOTk0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO-p_psDEOa-zKMDGOfqm4MCMAE&v=APEucNWoCOc-1Ypt0A8z2DVg8vgiUbqGl4CMidatCxAKgUXt1O2x9m0lYXQ0pXpa03CvTNWwEKHnUzSwNSRorBjmCzGvEmFHSQXIlYQd88nhzuC8IADaj6K5qa6T_lBkA0QWm3v39FusauE5f6LeGXek68BuNRKROkQcR1fUB7n2UFd3AaevjEHPu3pEhnxLNLgd50TymQyaL2BrkzSEShWC1-kvwSv6Gg
Protocol
H2
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 16:16:34 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 22 Jan 2024 16:16:33 GMT
an-x-request-uuid
f81b9722-60ee-4eb1-8704-aca9bd4b85ec
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODA2NDE4MTQ3NDcxMjczOTk0
x-proxy-origin
217.114.215.131; 217.114.215.131; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
adsinsert.
fundingchoicesmessages.google.com/f/AGSKWxUhTvKj5vzMkrabBEgcN32NNPPi3fI5zW2Dm_j23DuTURDHcGmiMmiJMnHkV_qV6iUjY_Wg9BjEl7Vdl7t5kK15SROqQKGyY0LBLPag1bGIFXFM3ipnARf-o9XcwpZkQ6q-AyuqaHN3LbYeq0n4L69MyJ4eS... 		54 B
110 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxUhTvKj5vzMkrabBEgcN32NNPPi3fI5zW2Dm_j23DuTURDHcGmiMmiJMnHkV_qV6iUjY_Wg9BjEl7Vdl7t5kK15SROqQKGyY0LBLPag1bGIFXFM3ipnARf-o9XcwpZkQ6q-AyuqaHN3LbYeq0n4L69MyJ4eSPW-1h-jrzYhW6TVFLfxjSEM1IeneDnR/_/msn-1.js/ads/exit.-banner468x60./ad-frame./adsinsert.
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.khJvDeFsmbQ.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMxn6_Df_ZAdd726ZYUhIgFMFxfMig/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
488e30e6f97933448a60975b7da58f45d88092cbb46b8e123c77eece3f3c9b44
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-mc8WXHuN3BHwK5bXHqvKYw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://colunadofla.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 16:16:33 GMT
content-security-policy
script-src 'report-sample' 'nonce-mc8WXHuN3BHwK5bXHqvKYw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjOsOoxSXF4KohxXDe6Q7TdSC-qPKU6SYQ1zI8Y2oF4gfhz5heALGBxnMmCyAuyH7OVAHEjH9eMHECcU__S6YpQPzuy0smjq8vmSSAWA2I30m-YvoGxDt8PFjehE9nZYuYznq6YDrrZSBmq5jOygfEcXXTWXOAmG_ddFbN9dNZt5yZzroHiGOeT2dNAeLFrDNYVwOxq_gMVl8gnhI4g3UOELdEz2CdBMRO6TNYA4D4c-YM1t9ALMTD8XDlrrVsAhv6Dm1kBgBOPFoO"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
lidar.js
pagead2.googlesyndication.com/pagead/js/ 		86 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/lidar.js?fcd=true
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.khJvDeFsmbQ.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMxn6_Df_ZAdd726ZYUhIgFMFxfMig/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c9cacd70ab308f607d941cc9728d034e189506e8d020820adb112d7ff148762a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://colunadofla.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 15:33:34 GMT
content-encoding
br
x-content-type-options
nosniff
age
2579
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31172
x-xss-protection
0
server
cafe
etag
8274047967244442607
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Mon, 22 Jan 2024 16:33:34 GMT
AGSKWxVHjVLKyLgYgP9RJOayw8LrdmOiB5flQYF2IUF90MBuxSnHAsLzxFudThOK4ivPuzsCMIlrzrGxAgkg9pWzLOsEQIXpc7SxiEml9d1cu0vLeruJQPgBtEOrgO8DQ-lKGLScOfnXMw==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxVHjVLKyLgYgP9RJOayw8LrdmOiB5flQYF2IUF90MBuxSnHAsLzxFudThOK4ivPuzsCMIlrzrGxAgkg9pWzLOsEQIXpc7SxiEml9d1cu0vLeruJQPgBtEOrgO8DQ-lKGLScOfnXMw==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.khJvDeFsmbQ.es5.O/am=wA/d=1/rs=AJlcJMwJ9BA3wRA87nRKq-wcXLDPRM5jiw/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-njvWj59SrVYo1rUOeeR8Rw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://colunadofla.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 22 Jan 2024 16:16:33 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-njvWj59SrVYo1rUOeeR8Rw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://colunadofla.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
amt.js
attentionxyz.com/160-3c6e1570/ Frame 4C61 		134 KB
134 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://attentionxyz.com/160-3c6e1570/amt.js?tagLabel=Dept_Agency_cm360&attrAdvertiser=11822513&attrCampaign=31208750&attrSite=7847497&attrPlacement=385568821&attrCreative=208026589&attrAd=576600420&attr1=%edclid!&attr2=j
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.183.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-183-57.zrh55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a448773f6f8d12eb078e585d58bf4f1f4e1f4dd5d62118e10a530540ace7ce69

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 16:03:09 GMT
via
1.1 9defe0d67603d45217a1199d0f877384.cloudfront.net (CloudFront)
last-modified
Mon, 22 Jan 2024 16:01:02 GMT
server
AmazonS3
x-amz-cf-pop
ZRH55-P1
age
806
etag
"9cbf84fc61ac85ad6252b9b5aae5033a"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
binary/octet-stream
accept-ranges
bytes
content-length
137135
x-amz-cf-id
xcqNFj5CiV0d4-HEIlLN7JurysBXRgqjLbhNnXKibnesb6QdrCdyGw==
index.html
s0.2mdn.net/sadbundle/8949344874281304064/ Frame 8B43 		89 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/8949344874281304064/index.html?ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c99f45ba59060acda2eadde3068025d50b2fa0f055c2a8d07fae8c61f8cd768
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
468982
allow-fenced-frame-automatic-beacons
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
18634
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Wed, 17 Jan 2024 06:00:11 GMT
expires
Thu, 16 Jan 2025 06:00:11 GMT
last-modified
Mon, 08 Jan 2024 13:27:10 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
ad.doubleclick.net/pcs/ Frame 4C61 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjsvLrSSL-EC3OElU1-hNAnSaXYkXAB71LJd7mmU3OXJpLofa5yyJrLgZQJQUsW2UGUSfI_weHAJ5QhQ32BzEa2we51TFOC_V8tX_r6qRMXVVQDBwqAOdcvG8Tbtd2DOR6QYAbADzzTpP7NViLxxEzSHe9Y915eJDgIHH2k-omhoYtHGcsX7jLenbPPiTxZXVN2b14Wnfwm2z2yQblxK4YT8DmcilhxE-KR1qf27HE5tzi-xsbCK36fQ0R_2BnLaeXHRemQ4Q_69d4GtjeHkVohtnRguZeF-r1LRGYoWxxLLPkC0Sy-qRetqPHoF0dNCqdIqckSMfTeY8eWwGKatkpsWO5gx4D-aBBuSOh84okvZWPjtg447pQbEckr_cyzokBmkNtaCzAVWs8CGNrHg6YZaEpjrzQBVGwWxxHNysBQeCmIh05LcH17nmxVvBtiddqMqJ98QcJRdZvkTj8FtRTc5gRmHrFqlGQq5jSGb_s0MzyMZIUrO0uuRiOSMIEZaC1b4PjxWNy3CD2HoHj8d9nDU5BVyLp6eVJPmcVD_WpwZEXCa2WT1wC8k9pK_8fm7Lr6xlKO-1pBodWAuoH2tHYvHcNa0VhBQTazS9aFSbUqDl7afy8kgoGuxque8-dnhx9o6F2CcloMjf88SZZBSBNfORQBa2UkduntIs0TtA_YNOcUnBhdkFx_9y02n9gDOQ81i9lQLyq3P7tEgmMWlYfC3v3Z5bX6WuNX5HyII7zJGd65cpvrO2fVfHBmI57BSkc07Q5MANKL5CAIWPEcRK3xGiqnbZkBPvUHazgPJgCPF3owb7atmJb_AvJXg68E0Q0tlxd790_xuNaGlo0Zr7TMky1GlzeF14qQQDaMRB1-r1Lw8b84lt2hNorQE7qhccn7eqTz6Yqb5bbqD5CdeiqKY4MXqcqZknRrZJDV9JawXqKYf0IgR4wPnsccW91cBHGS6MYa0GnYMlKoN1z4b3BUDBGdlYVB65PZHbp38v0SVdT9lfrOP9hs2tuvGuTJe_SingZqO66xSOUJv3h8gcHUwRu1XgqrDyKnOUNCqc7QjgBoe3cMVXzhrONlRpLW354DK7auYoX3OQ6_D8-uT_hF8udkmJrKD9a81WsgK1LVsYGVMKgBrwCMp676ojKornXRLCQ9GyF7VeXgXT6TJVe-_NhG5_4WqJr8XM5BPOIyp0AD_m0nN0LE9qVK6Pk0EVUji-eS2dfF075iiRYM05_Z8ecWDtzdHy6sf2KbXtBT7ZsRAAhIb5cOE8LBgvNDACg9U7AFDWMDLLZOURPkdOaT9y5COFNHHz2KskNVGALEf7xDBvSYBmUkxfL7MptFWIs8_LWiBA5BGRdpxXFEWbeelEvphxCBbYtv3xLTE8jzFZBoiT6gb9g9yB33Y5lu-9kJELO-t0nbkXm2h7bSkYRirA5WYuqo2HbE18RLfN9RHxgw1tkypoIrjHul2J-UpuJZPVd6DxyhognsocGg&sai=AMfl-YRMDaT0Y_gAPjLlwXRZ64HQe-3tinr8Z5H9woum_Rx6dFK6pqeGzGat95ZZNME8sYcRCr5tHikGNQjr0c-P7FB_x8qt3gTn4FI8yqrt0foQjigTDU9QZJ1nBOUdabP6zl4oSoEbfam4jvD_8VRGuPvov6IbrfEg1nyVke8-eKOxr-qVUccelv3HAHvSOxYrEdzRL0DkF_PRPWTIsQVbFUyHit5YrENApJP4o9GgfU3jqVx-LAT538beiJQq9T81S6BTac9fNpPFx0YIen65mB4moY8sjAk8lJg9woeobSS1p5gE5iXCYQ-YWJ5Fr3XPhFwBlEU9EC9yVmwqWVn5r2njD4rAUamBVVIINZJCV5CH3kfZW9x8b_sYJ2t72VHSGylbjB6t3AE7uLEFxJBzuNsGg9lCLgCu5Oc9bV0Ztyzukprc48TF72IqV6MXoUK37HycafaK9VVgS3fQPrrJ2soyY4ZUs7txnjyJYRJqTXE4tnTO8Xlwh0hp1BrJZgCbbXhY6LY&sig=Cg0ArKJSzFIDrxZidqIKEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9zbWFydC5jb20&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=103&cbvp=1&cstd=102&cisv=r20240118.86453&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: colunadofla.com
URL: https://colunadofla.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Mon, 22 Jan 2024 16:16:34 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
/
www.google.com/pagead/1p-user-list/814785950/ 		42 B
138 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/814785950/?random=1705940193772&cv=11&fst=1705939200000&bg=ffffff&guid=ON&async=1&gtm=45be41h0v887832856&u_w=1600&u_h=1200&url=https%3A%2F%2Fcolunadofla.com%2F&frm=0&tiba=Flamengo%20%7C%20Not%C3%ADcias%2C%20jogos%20e%20v%C3%ADdeos&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSKQAvHhf_nVxWEOPNCxs_F_dpGAMK57NBl-e96KhxRUr2Y5qIt8T6yv13&random=2605508921&rmt_tld=0&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://colunadofla.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 16:16:33 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/814785950/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/814785950/?random=1705940193772&cv=11&fst=1705939200000&bg=ffffff&guid=ON&async=1&gtm=45be41h0v887832856&u_w=1600&u_h=1200&url=https%3A%2F%2Fcolunadofla.com%2F&frm=0&tiba=Flamengo%20%7C%20Not%C3%ADcias%2C%20jogos%20e%20v%C3%ADdeos&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSKQAvHhf_nVxWEOPNCxs_F_dpGAMK57NBl-e96KhxRUr2Y5qIt8T6yv13&random=2605508921&rmt_tld=1&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://colunadofla.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 16:16:33 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/801247112/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/801247112/?random=1705940193812&cv=11&fst=1705939200000&bg=ffffff&guid=ON&async=1&gtm=45be41h0v876458346&u_w=1600&u_h=1200&url=https%3A%2F%2Fcolunadofla.com%2F&frm=0&tiba=Flamengo%20%7C%20Not%C3%ADcias%2C%20jogos%20e%20v%C3%ADdeos&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSKQAvHhf_eb3fcFZFMMKiJbdXqwsYLPkAZ8khFNcC3dYATKFBOZ1j2gwF&random=3098273751&rmt_tld=0&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://colunadofla.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 16:16:33 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/801247112/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/801247112/?random=1705940193812&cv=11&fst=1705939200000&bg=ffffff&guid=ON&async=1&gtm=45be41h0v876458346&u_w=1600&u_h=1200&url=https%3A%2F%2Fcolunadofla.com%2F&frm=0&tiba=Flamengo%20%7C%20Not%C3%ADcias%2C%20jogos%20e%20v%C3%ADdeos&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSKQAvHhf_eb3fcFZFMMKiJbdXqwsYLPkAZ8khFNcC3dYATKFBOZ1j2gwF&random=3098273751&rmt_tld=1&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://colunadofla.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 16:16:33 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/AW-931232517/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/AW-931232517/?random=1705940193830&cv=11&fst=1705939200000&bg=ffffff&guid=ON&async=1&gtm=45be41h0&u_w=1600&u_h=1200&url=https%3A%2F%2Fcolunadofla.com%2F&frm=0&tiba=Flamengo%20%7C%20Not%C3%ADcias%2C%20jogos%20e%20v%C3%ADdeos&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSKQAvHhf_a6x6mA_8rnyx5aMi7DNvEM3Nye-7CcLw4YZjSKf9Dwo9n2Bf&random=2961848670&rmt_tld=0&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://colunadofla.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 16:16:33 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/AW-931232517/ 		42 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/AW-931232517/?random=1705940193830&cv=11&fst=1705939200000&bg=ffffff&guid=ON&async=1&gtm=45be41h0&u_w=1600&u_h=1200&url=https%3A%2F%2Fcolunadofla.com%2F&frm=0&tiba=Flamengo%20%7C%20Not%C3%ADcias%2C%20jogos%20e%20v%C3%ADdeos&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSKQAvHhf_a6x6mA_8rnyx5aMi7DNvEM3Nye-7CcLw4YZjSKf9Dwo9n2Bf&random=2961848670&rmt_tld=1&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://colunadofla.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 16:16:33 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
pagead2.googlesyndication.com/bg/ Frame 2FE0 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 10:08:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
22081
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15219
x-xss-protection
0
last-modified
Mon, 15 Jan 2024 09:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 21 Jan 2025 10:08:32 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 5504 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202401170101&jk=294181521280792&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers
IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
pagead2.googlesyndication.com/bg/ Frame EBAE 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 10:08:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
22081
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15219
x-xss-protection
0
last-modified
Mon, 15 Jan 2024 09:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 21 Jan 2025 10:08:32 GMT
AGSKWxVHjVLKyLgYgP9RJOayw8LrdmOiB5flQYF2IUF90MBuxSnHAsLzxFudThOK4ivPuzsCMIlrzrGxAgkg9pWzLOsEQIXpc7SxiEml9d1cu0vLeruJQPgBtEOrgO8DQ-lKGLScOfnXMw==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxVHjVLKyLgYgP9RJOayw8LrdmOiB5flQYF2IUF90MBuxSnHAsLzxFudThOK4ivPuzsCMIlrzrGxAgkg9pWzLOsEQIXpc7SxiEml9d1cu0vLeruJQPgBtEOrgO8DQ-lKGLScOfnXMw==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.khJvDeFsmbQ.es5.O/am=wA/d=1/rs=AJlcJMwJ9BA3wRA87nRKq-wcXLDPRM5jiw/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-UV-3Ku--U7DWHOoPERR2fw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://colunadofla.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 22 Jan 2024 16:16:33 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-UV-3Ku--U7DWHOoPERR2fw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://colunadofla.com
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxVHjVLKyLgYgP9RJOayw8LrdmOiB5flQYF2IUF90MBuxSnHAsLzxFudThOK4ivPuzsCMIlrzrGxAgkg9pWzLOsEQIXpc7SxiEml9d1cu0vLeruJQPgBtEOrgO8DQ-lKGLScOfnXMw==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxVHjVLKyLgYgP9RJOayw8LrdmOiB5flQYF2IUF90MBuxSnHAsLzxFudThOK4ivPuzsCMIlrzrGxAgkg9pWzLOsEQIXpc7SxiEml9d1cu0vLeruJQPgBtEOrgO8DQ-lKGLScOfnXMw==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.khJvDeFsmbQ.es5.O/am=wA/d=1/rs=AJlcJMwJ9BA3wRA87nRKq-wcXLDPRM5jiw/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-NAlqTtvoTuLPXzx5h4AasA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://colunadofla.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 22 Jan 2024 16:16:33 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-NAlqTtvoTuLPXzx5h4AasA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://colunadofla.com
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxVHjVLKyLgYgP9RJOayw8LrdmOiB5flQYF2IUF90MBuxSnHAsLzxFudThOK4ivPuzsCMIlrzrGxAgkg9pWzLOsEQIXpc7SxiEml9d1cu0vLeruJQPgBtEOrgO8DQ-lKGLScOfnXMw==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxVHjVLKyLgYgP9RJOayw8LrdmOiB5flQYF2IUF90MBuxSnHAsLzxFudThOK4ivPuzsCMIlrzrGxAgkg9pWzLOsEQIXpc7SxiEml9d1cu0vLeruJQPgBtEOrgO8DQ-lKGLScOfnXMw==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.khJvDeFsmbQ.es5.O/am=wA/d=1/rs=AJlcJMwJ9BA3wRA87nRKq-wcXLDPRM5jiw/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-6JBieHwG4pCxWyrFSypkOA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://colunadofla.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 22 Jan 2024 16:16:33 GMT
content-security-policy
script-src 'report-sample' 'nonce-6JBieHwG4pCxWyrFSypkOA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://colunadofla.com
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxXnUFfsaC7gInBqFXHtLr9RLSCG9eoGTU4Lv90C7Co7QlQykogAGPSs47EXZhd3z1CeLNX0JvhfbyRuwYA9QDHgeljNVot1NrZ1q4A-zaKbLDQCHEo22nHAC5rAIJ9KPttrfptR_w==
fundingchoicesmessages.google.com/f/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxXnUFfsaC7gInBqFXHtLr9RLSCG9eoGTU4Lv90C7Co7QlQykogAGPSs47EXZhd3z1CeLNX0JvhfbyRuwYA9QDHgeljNVot1NrZ1q4A-zaKbLDQCHEo22nHAC5rAIJ9KPttrfptR_w==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA1OTQwMTkzLDk2MDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNl0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vY29sdW5hZG9mbGEuY29tLyIsbnVsbCxbWzgsImtoSnZEZUZzbWJRIl0sWzksImRlIl0sWzE2LCJbMSwxLDFdIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.khJvDeFsmbQ.es5.O/am=wA/d=1/rs=AJlcJMwJ9BA3wRA87nRKq-wcXLDPRM5jiw/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
bd42904f348d43d7c0c81ca57dc95aa94f644498c4f553c66d4a6774b05e3cb5
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-oE2IOA3w1OnBPXwQJA74uw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://colunadofla.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 16:16:33 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-oE2IOA3w1OnBPXwQJA74uw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjusCoxSXFEKAhxaAQtpPpvNMdputAfFHlKdNNIK5leMbUCsQPwp8xvQBiA43nTBZAXJD9nKkCiBn_vGDiBOKe_pdMU4D43ZeXTBxfXzJJALEaEL-TfMX0DYh3-HiwvAmfzsoWMZ31dMF01stAzFYxnZUPiOPqprPmADHfuumsmuuns245M511DxDHPJ_OmgLEi1lnsK4GYlfxGay-QDwlcAbrHCBuiZ7BOgmIndJnsAYA8efMGay_gViIh-Phyl1r2QQu7H5_gxkAYS5b7w"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
gsap.min.js
cdnjs.cloudflare.com/ajax/libs/gsap/3.12.2/ Frame 8B43 		70 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/gsap/3.12.2/gsap.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8949344874281304064/index.html?ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
efc85c7eb141819717cda0033484a84b1c890d13b02e355a2fec79d424b20e7a
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 16:16:34 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
4526712
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
25280
last-modified
Wed, 28 Jun 2023 20:03:01 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"649c91f5-62c0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6VuuKAdXsgPXn6FLkuV52zwW9oOCFprhda9rPGqmnScypHPkRME6C1KIXE6pn0aELsAnihYmsGW0vetxV%2FQDzieOhO3LsoP2AA5OXpdik%2BdUdPmmCg4Kkm4NPBvpQ9yrRoDcPAvasOenC%2BuEEyGaaEKy"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
84991a24d8b81a86-FRA
expires
Sat, 11 Jan 2025 16:16:34 GMT
CSSRulePlugin.min.js
cdnjs.cloudflare.com/ajax/libs/gsap/3.12.2/ Frame 8B43 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/gsap/3.12.2/CSSRulePlugin.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8949344874281304064/index.html?ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3233190287f115105de5b5a99c5418e34b73b59e56bb84f681f1b5f90c553cf5
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 16:16:34 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
6081446
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
821
last-modified
Wed, 28 Jun 2023 20:03:01 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"649c91f5-335"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4NfQaNhlWhg%2Bw21BGheSTaAPA7%2BiJIMQVDv1MOCvyniYOSwVzXSRmQLAxvCUXGAFhuQvVBBaNJXAkfWLf3Dl6stoSXE7p%2FFYjEpttDBfDWbmr7WPz%2B%2B%2Bo9m1MFVXCnKaK3kstuAHRgz2UTW4Szf61WKm"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
84991a24d8b91a86-FRA
expires
Sat, 11 Jan 2025 16:16:34 GMT
13dc9848.svg
s0.2mdn.net/sadbundle/8949344874281304064/images/ Frame 8B43 		669 B
430 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/8949344874281304064/images/13dc9848.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8949344874281304064/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a112eaf2a1694b6ce90127e3ddc7692712b4331b3bc8e01c6573bc0526b150a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8949344874281304064/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Thu, 16 Jan 2025 06:00:12 GMT
date
Wed, 17 Jan 2024 06:00:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
468982
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
400
x-xss-protection
0
last-modified
Mon, 08 Jan 2024 13:27:10 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
b5560648.jpg
s0.2mdn.net/sadbundle/8949344874281304064/images/ Frame 8B43 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/8949344874281304064/images/b5560648.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8949344874281304064/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c2d152ff81d1629309cc5818b166b8727b17dfa973c3ab304d296166dbeda817
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8949344874281304064/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Thu, 16 Jan 2025 06:00:06 GMT
date
Wed, 17 Jan 2024 06:00:06 GMT
x-content-type-options
nosniff
age
468988
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16285
x-xss-protection
0
last-modified
Mon, 08 Jan 2024 13:27:10 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
bf3747c9.jpeg
s0.2mdn.net/sadbundle/8949344874281304064/images/ Frame 8B43 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/8949344874281304064/images/bf3747c9.jpeg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8949344874281304064/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
98bfefae3e5a5985f992609b18504f8806a876e3cd7faeb28e674e913bc756c6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8949344874281304064/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Mon, 20 Jan 2025 07:00:07 GMT
date
Sun, 21 Jan 2024 07:00:07 GMT
x-content-type-options
nosniff
age
119787
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17334
x-xss-protection
0
last-modified
Mon, 08 Jan 2024 13:27:10 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
11e46638.jpeg
s0.2mdn.net/sadbundle/8949344874281304064/images/ Frame 8B43 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/8949344874281304064/images/11e46638.jpeg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8949344874281304064/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f0fee645e08a99ac0131365b2d3a7ea0384a6b916bf032d0136468e0d9d1a2f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8949344874281304064/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Thu, 16 Jan 2025 06:00:06 GMT
date
Wed, 17 Jan 2024 06:00:06 GMT
x-content-type-options
nosniff
age
468988
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22479
x-xss-protection
0
last-modified
Mon, 08 Jan 2024 13:27:10 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
80b4ed51.svg
s0.2mdn.net/sadbundle/8949344874281304064/images/ Frame 8B43 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/8949344874281304064/images/80b4ed51.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8949344874281304064/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f3ace36da1509f415d42f3fa17afd85eb755f8082546e029d4ab493b5f1cd5bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8949344874281304064/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Thu, 16 Jan 2025 06:00:12 GMT
date
Wed, 17 Jan 2024 06:00:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
468982
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1513
x-xss-protection
0
last-modified
Mon, 08 Jan 2024 13:27:10 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
b538defa.svg
s0.2mdn.net/sadbundle/8949344874281304064/images/ Frame 8B43 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/8949344874281304064/images/b538defa.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8949344874281304064/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c813a18b8cde71a8ca189a487367ae2f00893096d9c246204d0089db4b039e4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8949344874281304064/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Thu, 16 Jan 2025 06:00:12 GMT
date
Wed, 17 Jan 2024 06:00:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
468982
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1465
x-xss-protection
0
last-modified
Mon, 08 Jan 2024 13:27:10 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
31152810.svg
s0.2mdn.net/sadbundle/8949344874281304064/images/ Frame 8B43 		302 B
263 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/8949344874281304064/images/31152810.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8949344874281304064/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b889285d70207e00882df1a4bfd4604d5feac7eb05aad677ad75599b816a77e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8949344874281304064/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Thu, 16 Jan 2025 22:42:38 GMT
date
Wed, 17 Jan 2024 22:42:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
408836
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
233
x-xss-protection
0
last-modified
Mon, 08 Jan 2024 13:27:10 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
a061e6de.png
s0.2mdn.net/sadbundle/8949344874281304064/images/ Frame 8B43 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/8949344874281304064/images/a061e6de.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8949344874281304064/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
40b42a4b951e1debd0ebd175497e9d7e892f9f2b7f64494522347caf30de978a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8949344874281304064/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Thu, 16 Jan 2025 06:00:06 GMT
date
Wed, 17 Jan 2024 06:00:06 GMT
x-content-type-options
nosniff
age
468988
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2066
x-xss-protection
0
last-modified
Mon, 08 Jan 2024 13:27:10 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
8c5da58a.png
s0.2mdn.net/sadbundle/8949344874281304064/images/ Frame 8B43 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/8949344874281304064/images/8c5da58a.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8949344874281304064/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
efcc5e85d4a853e6b9edce22e73c75c33c2a459810dcdf82988fc51eee1cf9a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8949344874281304064/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Thu, 16 Jan 2025 06:00:06 GMT
date
Wed, 17 Jan 2024 06:00:06 GMT
x-content-type-options
nosniff
age
468988
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3690
x-xss-protection
0
last-modified
Mon, 08 Jan 2024 13:27:10 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
c9e290be.png
s0.2mdn.net/sadbundle/8949344874281304064/images/ Frame 8B43 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/8949344874281304064/images/c9e290be.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8949344874281304064/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6c6bd0e70922a9996b2ad0dddc5053164128a677eb645e56041bbf29b9669eaf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8949344874281304064/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Thu, 16 Jan 2025 06:00:06 GMT
date
Wed, 17 Jan 2024 06:00:06 GMT
x-content-type-options
nosniff
age
468988
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1637
x-xss-protection
0
last-modified
Mon, 08 Jan 2024 13:27:10 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
c0cc24ce.png
s0.2mdn.net/sadbundle/8949344874281304064/images/ Frame 8B43 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/8949344874281304064/images/c0cc24ce.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8949344874281304064/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0127ca2d8cb02fc6d26d60997ece08759fcd903eaf1d2204bffe904965fc9e20
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8949344874281304064/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Thu, 16 Jan 2025 06:00:06 GMT
date
Wed, 17 Jan 2024 06:00:06 GMT
x-content-type-options
nosniff
age
468988
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2893
x-xss-protection
0
last-modified
Mon, 08 Jan 2024 13:27:10 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
28ca2240.png
s0.2mdn.net/sadbundle/8949344874281304064/images/ Frame 8B43 		774 B
802 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/8949344874281304064/images/28ca2240.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8949344874281304064/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
404fc6033cbb4f69830fdbea2a5ddb36791b06d6d0ca28a27fd27ec66d47c19d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8949344874281304064/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Thu, 16 Jan 2025 06:00:06 GMT
date
Wed, 17 Jan 2024 06:00:06 GMT
x-content-type-options
nosniff
age
468988
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
774
x-xss-protection
0
last-modified
Mon, 08 Jan 2024 13:27:10 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
ebb6d449.png
s0.2mdn.net/sadbundle/8949344874281304064/images/ Frame 8B43 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/8949344874281304064/images/ebb6d449.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8949344874281304064/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2201faf7dc1901c58428a4855b903fa2c161e298c5a8bba997e2e1642619df3b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8949344874281304064/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Thu, 16 Jan 2025 06:00:06 GMT
date
Wed, 17 Jan 2024 06:00:06 GMT
x-content-type-options
nosniff
age
468988
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1608
x-xss-protection
0
last-modified
Mon, 08 Jan 2024 13:27:10 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
d3ce6798.svg
s0.2mdn.net/sadbundle/8949344874281304064/images/ Frame 8B43 		820 B
500 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/8949344874281304064/images/d3ce6798.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8949344874281304064/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
43bee53229b0e308836bfd9b6bac0800ab708c82e352498264b7b4e68ca270d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8949344874281304064/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Wed, 15 Jan 2025 20:46:47 GMT
date
Tue, 16 Jan 2024 20:46:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
502187
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
470
x-xss-protection
0
last-modified
Mon, 08 Jan 2024 13:27:10 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
1147abdf.svg
s0.2mdn.net/sadbundle/8949344874281304064/images/ Frame 8B43 		769 B
431 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/8949344874281304064/images/1147abdf.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8949344874281304064/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
84ec131112ca132c741450c29f43750d4cc516f7fe8d642a35092729373c2e90
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8949344874281304064/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Wed, 15 Jan 2025 20:54:14 GMT
date
Tue, 16 Jan 2024 20:54:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
501740
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
401
x-xss-protection
0
last-modified
Mon, 08 Jan 2024 13:27:10 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
d6da1564.png
s0.2mdn.net/sadbundle/8949344874281304064/images/ Frame 8B43 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/8949344874281304064/images/d6da1564.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8949344874281304064/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f46ecd8fc6cce0501cc56281db3bd8f38ec384bb025ee0acd6ddc44103db9878
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8949344874281304064/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Wed, 15 Jan 2025 19:49:30 GMT
date
Tue, 16 Jan 2024 19:49:30 GMT
x-content-type-options
nosniff
age
505624
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2467
x-xss-protection
0
last-modified
Mon, 08 Jan 2024 13:27:10 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
262f0eaa.png
s0.2mdn.net/sadbundle/8949344874281304064/images/ Frame 8B43 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/8949344874281304064/images/262f0eaa.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8949344874281304064/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e11e426fe789060d189826c85f8cf007cc95ff4b73348723e16c90ab9797b28a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8949344874281304064/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Fri, 17 Jan 2025 15:27:52 GMT
date
Thu, 18 Jan 2024 15:27:52 GMT
x-content-type-options
nosniff
age
348522
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4129
x-xss-protection
0
last-modified
Mon, 08 Jan 2024 13:27:10 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
d0c8bb88.png
s0.2mdn.net/sadbundle/8949344874281304064/images/ Frame 8B43 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/8949344874281304064/images/d0c8bb88.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8949344874281304064/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
183ccec5677be65f03127c16d3b2e7e50987a0c4eaf110ac183c9d35d00744d5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8949344874281304064/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Wed, 15 Jan 2025 20:46:44 GMT
date
Tue, 16 Jan 2024 20:46:44 GMT
x-content-type-options
nosniff
age
502190
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11774
x-xss-protection
0
last-modified
Mon, 08 Jan 2024 13:27:10 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
4981bcb9.png
s0.2mdn.net/sadbundle/8949344874281304064/images/ Frame 8B43 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/8949344874281304064/images/4981bcb9.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8949344874281304064/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
43939b89186b244eeefdd0dbb39c9562b4603d307b5274a4df9132e73949401c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8949344874281304064/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Wed, 15 Jan 2025 17:53:00 GMT
date
Tue, 16 Jan 2024 17:53:00 GMT
x-content-type-options
nosniff
age
512614
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31612
x-xss-protection
0
last-modified
Mon, 08 Jan 2024 13:27:10 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
0f373144.png
s0.2mdn.net/sadbundle/8949344874281304064/images/ Frame 8B43 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/8949344874281304064/images/0f373144.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8949344874281304064/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc45ca4d679d7085db8e71d09ccbfef07e7bc9acdbd06df18c5a24deba287884
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8949344874281304064/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Thu, 16 Jan 2025 06:00:06 GMT
date
Wed, 17 Jan 2024 06:00:06 GMT
x-content-type-options
nosniff
age
468988
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1308
x-xss-protection
0
last-modified
Mon, 08 Jan 2024 13:27:10 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
c8840ccb.png
s0.2mdn.net/sadbundle/8949344874281304064/images/ Frame 8B43 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/8949344874281304064/images/c8840ccb.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8949344874281304064/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eaa2aee98ac27ff97e81e010ff3b1d996a360f3a7f41fc532bd3f392ddca00af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8949344874281304064/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Wed, 15 Jan 2025 20:51:17 GMT
date
Tue, 16 Jan 2024 20:51:17 GMT
x-content-type-options
nosniff
age
501917
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3020
x-xss-protection
0
last-modified
Mon, 08 Jan 2024 13:27:10 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
AGSKWxVU8N8jcpHooMKqCaaXYpR2iSvKS8qUH5NAQQ8oqZ5DVgD1MOxAKl7djiAJXtXd42BENyxgCK4qg6L54rxAM0idyktTykMg3FUf5Lye00l1Fr8QzIpvHgc_lyEilk_Luu0qd7a35A==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxVU8N8jcpHooMKqCaaXYpR2iSvKS8qUH5NAQQ8oqZ5DVgD1MOxAKl7djiAJXtXd42BENyxgCK4qg6L54rxAM0idyktTykMg3FUf5Lye00l1Fr8QzIpvHgc_lyEilk_Luu0qd7a35A==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.khJvDeFsmbQ.es5.O/am=wA/d=1/rs=AJlcJMwJ9BA3wRA87nRKq-wcXLDPRM5jiw/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-sM5KVzFmiUoDub-zIkgV4w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://colunadofla.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 22 Jan 2024 16:16:34 GMT
content-security-policy
script-src 'report-sample' 'nonce-sM5KVzFmiUoDub-zIkgV4w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://colunadofla.com
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
generate_204
tpc.googlesyndication.com/ Frame EBAE 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?uUioTw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 16:16:34 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
b
b.t.tailtarget.com/ 		136 B
547 B 		Script
General
Check archive.org
Download Go to
Full URL
https://b.t.tailtarget.com/b?tA=TT-11382-4&tY=1&tS=3&tU=0100007FE194AE659706297502F8025D&tX=b.52&tZ=473194106&env=_ttq_tteurekaads
Requested by
Host: d.tailtarget.com
URL: https://d.tailtarget.com/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
99.185.102.34.bc.googleusercontent.com
Software
nginx/1.17.8 /
Resource Hash
ca730f149b7308e02af38b71c23a22868905e4f7a66dc4eeaad9e3b7c8f589ea

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://colunadofla.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 16:16:34 GMT
content-encoding
gzip
via
1.1 google
server
nginx/1.17.8
vary
Accept-Encoding, Accept-Encoding
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
application/javascript
cache-control
no-cache, private, proxy-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
b
b.t.tailtarget.com/ 		92 B
510 B 		Script
General
Check archive.org
Download Go to
Full URL
https://b.t.tailtarget.com/b?tA=TT-9964-3&tY=1&tS=3&tU=0100007FE194AE65B3066F1D02635A07&tX=b.52&tZ=966365895
Requested by
Host: d.tailtarget.com
URL: https://d.tailtarget.com/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
99.185.102.34.bc.googleusercontent.com
Software
nginx/1.17.8 /
Resource Hash
ee5b69862ff709e871144188e68437b26b84c8a2e27c65d73a42bc1c893bcc9f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://colunadofla.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 16:16:43 GMT
content-encoding
gzip
via
1.1 google
server
nginx/1.17.8
vary
Accept-Encoding, Accept-Encoding
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
application/javascript
cache-control
no-cache, private, proxy-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2FE0 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=B8x2G4ZSuZd2iEbax7_UPqt6lsAUAAAAAOAHgBAI&bg=!iomlicbNAAa8BdJLnAU7ADQBe5WfODtO6_i9TJdiNOh9MgVCoXkGTr8fRWbtk2vqzX8lp_Dq_x4knoFjdzMvaYj5Y1T7AgAAAGFSAAAAAWgBBwoAJnxhUBZLJFt8OwowssmYqaBJiTTvXg5tIl_4FrtkZZVd1PDBq2MMmQL6RIset9TDnzWp1HJPggRNgKAMRCbBi4JHfd9YgBjRD3H49CR639kY-YX4MucTA5ObvJPNS7ulPda6B4rvSwJglUKmKXpMVwVvSWONieKzMjObatAmjQK7jO8CQfOqPR2MPJdu_RfXT9mg8wCdwMXE7c14yfEeSFCUkIAJEH45Tb4Wn9f2KHi7slr9ivxPVSkTnVW7r53PNFeVk6cffKgXWH-7ZmciJZgjx_uzUJag0aFw8EeA-F8PUmtvnCOZ6NK26SlvuFcU4wCDt-rcOq6rVO2xyT3x5VQFORadXp64GKmlNIBTYmmM96rmhWOEtX-I59KxNUqieMjr-FwFMco9_Nm72kBMGuYmZKZWkDYtBPQ5pcadybmoUSZtMytZ2U5E75Aq0yVraJeSrApjKSLL3uhfZ0skgYEbhUEqKfFt95dLb8ImUAKf17yce5zUCRCnvw9HhzfKC1ggQqTGqoHwEvF19e7Hfto-cJ6rGnqg91EAN3-A8oNZ51g85F4OCVFTLLkpZAhIVYOBMCAfUIrFM9t2RUZCHZu-9Jrr44CBAbpLW3cDBonFCa58Hn7LfWri-K0WT6hFMFrmOOFvDZkw4rWe5O_i3lMmP8FxFzFIs9qWKle-WdrcaBBXqVp9q6uePt7mZ1-6EJZYWVnhC22kO5rjbjNHIWzAd-Z2lBtCARcilYctJwTDubjg78LKlFSbHkkXaGEg5qep3Y7mCiudGQzebR5SpMBv-N4YBMAPudbJSDW8H5aH91T6pfwGsomASkILmwjEp_ktK5xBqMer6GRLoWGv4mB_uBcYFfLDIxaIiFnSqiZjr31SZPDPlvSApsJ28I7na9uqEHxH8d2-W4EEPcpw9qi0YrUcF5h83-fGhvYUx5nW73yxWaH1PaRuqCZwd_sUx8BW230bpRtlKL3RcUQho7TLW9EVphlzu59aUkkJQvBg-FYVLFO8DW6Je7J93gt8paQZQJ8wHYfVLUQpPaqujyGMrLNrkQHWhkot0X-MOvJ20EsM
Requested by
Host: 48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com
URL: https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 16:16:34 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
ad.doubleclick.net/pcs/ Frame 4C61 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjsvLrSSL-EC3OElU1-hNAnSaXYkXAB71LJd7mmU3OXJpLofa5yyJrLgZQJQUsW2UGUSfI_weHAJ5QhQ32BzEa2we51TFOC_V8tX_r6qRMXVVQDBwqAOdcvG8Tbtd2DOR6QYAbADzzTpP7NViLxxEzSHe9Y915eJDgIHH2k-omhoYtHGcsX7jLenbPPiTxZXVN2b14Wnfwm2z2yQblxK4YT8DmcilhxE-KR1qf27HE5tzi-xsbCK36fQ0R_2BnLaeXHRemQ4Q_69d4GtjeHkVohtnRguZeF-r1LRGYoWxxLLPkC0Sy-qRetqPHoF0dNCqdIqckSMfTeY8eWwGKatkpsWO5gx4D-aBBuSOh84okvZWPjtg447pQbEckr_cyzokBmkNtaCzAVWs8CGNrHg6YZaEpjrzQBVGwWxxHNysBQeCmIh05LcH17nmxVvBtiddqMqJ98QcJRdZvkTj8FtRTc5gRmHrFqlGQq5jSGb_s0MzyMZIUrO0uuRiOSMIEZaC1b4PjxWNy3CD2HoHj8d9nDU5BVyLp6eVJPmcVD_WpwZEXCa2WT1wC8k9pK_8fm7Lr6xlKO-1pBodWAuoH2tHYvHcNa0VhBQTazS9aFSbUqDl7afy8kgoGuxque8-dnhx9o6F2CcloMjf88SZZBSBNfORQBa2UkduntIs0TtA_YNOcUnBhdkFx_9y02n9gDOQ81i9lQLyq3P7tEgmMWlYfC3v3Z5bX6WuNX5HyII7zJGd65cpvrO2fVfHBmI57BSkc07Q5MANKL5CAIWPEcRK3xGiqnbZkBPvUHazgPJgCPF3owb7atmJb_AvJXg68E0Q0tlxd790_xuNaGlo0Zr7TMky1GlzeF14qQQDaMRB1-r1Lw8b84lt2hNorQE7qhccn7eqTz6Yqb5bbqD5CdeiqKY4MXqcqZknRrZJDV9JawXqKYf0IgR4wPnsccW91cBHGS6MYa0GnYMlKoN1z4b3BUDBGdlYVB65PZHbp38v0SVdT9lfrOP9hs2tuvGuTJe_SingZqO66xSOUJv3h8gcHUwRu1XgqrDyKnOUNCqc7QjgBoe3cMVXzhrONlRpLW354DK7auYoX3OQ6_D8-uT_hF8udkmJrKD9a81WsgK1LVsYGVMKgBrwCMp676ojKornXRLCQ9GyF7VeXgXT6TJVe-_NhG5_4WqJr8XM5BPOIyp0AD_m0nN0LE9qVK6Pk0EVUji-eS2dfF075iiRYM05_Z8ecWDtzdHy6sf2KbXtBT7ZsRAAhIb5cOE8LBgvNDACg9U7AFDWMDLLZOURPkdOaT9y5COFNHHz2KskNVGALEf7xDBvSYBmUkxfL7MptFWIs8_LWiBA5BGRdpxXFEWbeelEvphxCBbYtv3xLTE8jzFZBoiT6gb9g9yB33Y5lu-9kJELO-t0nbkXm2h7bSkYRirA5WYuqo2HbE18RLfN9RHxgw1tkypoIrjHul2J-UpuJZPVd6DxyhognsocGg&sai=AMfl-YRMDaT0Y_gAPjLlwXRZ64HQe-3tinr8Z5H9woum_Rx6dFK6pqeGzGat95ZZNME8sYcRCr5tHikGNQjr0c-P7FB_x8qt3gTn4FI8yqrt0foQjigTDU9QZJ1nBOUdabP6zl4oSoEbfam4jvD_8VRGuPvov6IbrfEg1nyVke8-eKOxr-qVUccelv3HAHvSOxYrEdzRL0DkF_PRPWTIsQVbFUyHit5YrENApJP4o9GgfU3jqVx-LAT538beiJQq9T81S6BTac9fNpPFx0YIen65mB4moY8sjAk8lJg9woeobSS1p5gE5iXCYQ-YWJ5Fr3XPhFwBlEU9EC9yVmwqWVn5r2njD4rAUamBVVIINZJCV5CH3kfZW9x8b_sYJ2t72VHSGylbjB6t3AE7uLEFxJBzuNsGg9lCLgCu5Oc9bV0Ztyzukprc48TF72IqV6MXoUK37HycafaK9VVgS3fQPrrJ2soyY4ZUs7txnjyJYRJqTXE4tnTO8Xlwh0hp1BrJZgCbbXhY6LY&sig=Cg0ArKJSzFIDrxZidqIKEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9zbWFydC5jb20&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=299&vt=11&dtpt=196&dett=3&cstd=102&cisv=r20240118.86453&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: colunadofla.com
URL: https://colunadofla.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 16:16:34 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
collect
t.clarity.ms/ 		0
295 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.20/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.114.189.70 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://colunadofla.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://colunadofla.com
Date
Mon, 22 Jan 2024 16:16:34 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d
container.html
48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame E7D8 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401170101/pubads_impl.js?cb=31080521
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://colunadofla.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 22 Jan 2024 16:16:33 GMT
expires
Tue, 21 Jan 2025 16:16:33 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
160-3c6e1570
api.attentionxyz.com/api/tag/config/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.attentionxyz.com/api/tag/config/160-3c6e1570
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.222.118 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
118.222.117.34.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
amt-event
Access-Control-Request-Method
GET
Origin
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
amt-event
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Mon, 22 Jan 2024 16:16:34 GMT
vary
Origin, Access-Control-Request-Headers
via
1.1 google
160-3c6e1570
api.attentionxyz.com/api/tag/config/ Frame 4C61 		110 B
216 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.attentionxyz.com/api/tag/config/160-3c6e1570
Requested by
Host: attentionxyz.com
URL: https://attentionxyz.com/160-3c6e1570/amt.js?tagLabel=Dept_Agency_cm360&attrAdvertiser=11822513&attrCampaign=31208750&attrSite=7847497&attrPlacement=385568821&attrCreative=208026589&attrAd=576600420&attr1=%edclid!&attr2=j
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.222.118 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
118.222.117.34.bc.googleusercontent.com
Software
/
Resource Hash
9ed20db9dee571acb44c9bac65e974a4039edee8fbc70176d958bb3fbf685c30

Request headers

Referer
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/
Amt-Event
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJrZXkiOiJhbXQtcHJvZCJ9.8dotrQPk6rXdTZUfYiTmmCx3BKBZ0ngS9huOY_9Rk9s
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 16:16:34 GMT
via
1.1 google
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com
cache-control
max-age=14400, s-maxage=43200
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
110
pixel
googleads.g.doubleclick.net/xbbe/ Frame 5F1D 		624 B
391 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGPSu1YACMAE&v=APEucNW10CsB7QH798PUaD3kSWAw1_nBZg6soVSIhsscEfUI8e1vVcItBWybvRrokhjRoAgkLijJhDN_FBlOuImOWbcN7bIvBzJxTqyBpbhGPNBTeNFAc9QSn6cKRY_cF7sy-2R6UnZ_Yoo07WoS4NOT8hfOsruoK-hmYLvaJu3yE7xSSpbE2SjzBCOMB6U19Tka1LW9pROhUfRhiNRgYUQHfX9GkGmBqw
Requested by
Host: 48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com
URL: https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 22 Jan 2024 16:16:34 GMT
expires
Mon, 22 Jan 2024 16:16:34 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame E7D8 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: 48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com
URL: https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 16:16:34 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31485
x-xss-protection
0
server
cafe
etag
7119415641918660631
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Mon, 22 Jan 2024 16:16:34 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame E7D8 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-A48K5WqpEtlevf6Wzeq8K2oJZig__QIslUPKVZLRR18pmE-B6ITWRI3cWy8p41if75dJJCMMVq_hcu0XEFVR-LD9xmsgB81ia0RGvzOx8KAjVln2g
Requested by
Host: 48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com
URL: https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 16:16:34 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame E7D8 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/window_focus_fy2021.js
Requested by
Host: 48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com
URL: https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 09:41:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
23709
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 05 Feb 2024 09:41:25 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame E7D8 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com
URL: https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 18:29:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
78437
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8492
x-xss-protection
0
server
cafe
etag
9878124937798820110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 04 Feb 2024 18:29:17 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame E7D8 		206 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: 48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com
URL: https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 16:16:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66453
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1705495733332172"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 22 Jan 2024 16:16:34 GMT
rum
dsum-sec.casalemedia.com/ Frame 5F1D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHA69z9e2lnpzbPz_mTH0u0&google_cver=1
43 B
736 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHA69z9e2lnpzbPz_mTH0u0&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGPSu1YACMAE&v=APEucNW10CsB7QH798PUaD3kSWAw1_nBZg6soVSIhsscEfUI8e1vVcItBWybvRrokhjRoAgkLijJhDN_FBlOuImOWbcN7bIvBzJxTqyBpbhGPNBTeNFAc9QSn6cKRY_cF7sy-2R6UnZ_Yoo07WoS4NOT8hfOsruoK-hmYLvaJu3yE7xSSpbE2SjzBCOMB6U19Tka1LW9pROhUfRhiNRgYUQHfX9GkGmBqw
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 16:16:34 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=svFLwNRM7rZBJrWQykWD%2FqhZajPnYqg8xd22Y4E7hujXyWLLf4124WAftj9WSCW5SDyIiyN5z2TFbGsVhaUDHlowoUkW1yENmpFOn%2Fw6DhdXAQ6LZDr4lqZ0St6i%2BIF%2Bsvt%2F9dtiGYMfpA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
84991a261d172671-TXL
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 22 Jan 2024 16:16:34 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHA69z9e2lnpzbPz_mTH0u0&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 5F1D
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Za6U4ZN7oIWYpN0MSEQ1kAAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHA69z9e2lnpzbPz_mTH0u0&google_cver=1
43 B
730 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHA69z9e2lnpzbPz_mTH0u0&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGPSu1YACMAE&v=APEucNW10CsB7QH798PUaD3kSWAw1_nBZg6soVSIhsscEfUI8e1vVcItBWybvRrokhjRoAgkLijJhDN_FBlOuImOWbcN7bIvBzJxTqyBpbhGPNBTeNFAc9QSn6cKRY_cF7sy-2R6UnZ_Yoo07WoS4NOT8hfOsruoK-hmYLvaJu3yE7xSSpbE2SjzBCOMB6U19Tka1LW9pROhUfRhiNRgYUQHfX9GkGmBqw
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 16:16:34 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PHuorIDdy%2FpSh3UxizEY0lKD4ZYHle3mabXoLi6Zy%2FOMVh8ahnTDdMyuSTupsWsy28V32hZjCAfjq1AieT0dUaecvWJhFqkMMNphjCEaWn1WoQ7DX54Jm057nX13DwMjTcBqhfndGNorrQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
84991a267dc62671-TXL
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 22 Jan 2024 16:16:34 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHA69z9e2lnpzbPz_mTH0u0&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 5F1D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEIcvZB41U-A7JknQjC4Xb7M&google_cver=1
43 B
1009 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEIcvZB41U-A7JknQjC4Xb7M&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGPSu1YACMAE&v=APEucNW10CsB7QH798PUaD3kSWAw1_nBZg6soVSIhsscEfUI8e1vVcItBWybvRrokhjRoAgkLijJhDN_FBlOuImOWbcN7bIvBzJxTqyBpbhGPNBTeNFAc9QSn6cKRY_cF7sy-2R6UnZ_Yoo07WoS4NOT8hfOsruoK-hmYLvaJu3yE7xSSpbE2SjzBCOMB6U19Tka1LW9pROhUfRhiNRgYUQHfX9GkGmBqw
Protocol
H2
Server
185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 16:16:34 GMT
an-x-request-uuid
bc1786ea-9d21-43b1-94e5-1be359d2ec78
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
217.114.215.131; 217.114.215.131; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 22 Jan 2024 16:16:34 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEIcvZB41U-A7JknQjC4Xb7M&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 5F1D
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODA2NDE4MTQ3NDcxMjczOTk0
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODA2NDE4MTQ3NDcxMjczOTk0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGPSu1YACMAE&v=APEucNW10CsB7QH798PUaD3kSWAw1_nBZg6soVSIhsscEfUI8e1vVcItBWybvRrokhjRoAgkLijJhDN_FBlOuImOWbcN7bIvBzJxTqyBpbhGPNBTeNFAc9QSn6cKRY_cF7sy-2R6UnZ_Yoo07WoS4NOT8hfOsruoK-hmYLvaJu3yE7xSSpbE2SjzBCOMB6U19Tka1LW9pROhUfRhiNRgYUQHfX9GkGmBqw
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 16:16:34 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 22 Jan 2024 16:16:34 GMT
an-x-request-uuid
85ae754e-e72b-45c0-b49c-91c0546167f9
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODA2NDE4MTQ3NDcxMjczOTk0
x-proxy-origin
217.114.215.131; 217.114.215.131; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame E7D8 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=7607142219100&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 16:16:34 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame E7D8 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=7607142219100&version=m202309260101&ct=76&x=1&cor=797242510757915000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 16:16:34 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame E7D8 		111 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CXuBojHWKkDGKnrwTmUrTAb6dUDk4wjgZCFq1VahxKn_JaCxYCEscKJjt0nuP-9xZ3Dfi6qd6iO8UMzK05ydxA-0M61sr3uAa0ihcdoFIbpQ7PI7brD04erJVd3gYQ8BRdRjV-cqfOzRjozmc95xZ9oyRAYLWV-D9WPKcT_a_FredkRdM&dbm_d=AKAmf-CGEcR_4cXRzBwB1RvdeodM4yW2b0DKBbXEeyZhlZtQdJtP-qq0h2REFSMh6AadFp2tVMxI2EFTi4E80DO5yU4qmcMir42hfAdyF9B4YLwdfnnf-fJaX06P3vFIs6HWhzYQqCTBZJ2lOUrm8zsTcrrRgVXJxaYMEbRCO-qYd8cq3BnD1CXB1TYqf7GURTDMYt38HTcbuqdP0SCn7K8QSsuNpga8iVOedVX2BjiCPxbWRDhBhRJ1OJTCRtidB_mZSBYPMNg99hCB6rn8WuXnyNz5et8MbgcxY_lu-mzYw5K6n46_wp6Op612xTs5emZU1vaJ1Ah3onbs7w1VX4NHIesi52YV0mQR1siCnjdg5LLNYU0zRkezj_U-mUaBo1vBRfQMpnNJ4sldNtjBHNoAu_Cw7ujNcYtS-NJOJEB3XXNSXgvcHT1BpbKFbSz8WYEKrwsEMVjoUvUKCOXWZGXDqE-XaCuVzV4BiROtYGl58mrgm4oqHFDdhW9O4TIH0XksHYR1PglB9u--yFpJlDi2sEASr_zps6dav_URQzQlXuQ20FYN_W2t6HSui2l13HIyKVMPZNOACFyXLx8tBwnKUYgG3J6KJzJs63dRkcgRpLGahingEp9um9hqFeMn0AtPazakC_CcFvLVpoGIxnNcETNMQz35t3qfeDZwdizTG_fSYpD1nFNEVqCRBsU8bgz8EPd8MfJxn6c3eIMLhLtexbMdrjo6kTM6t0AYK_VzZMqghtVtON-711O0ee6kraQCAUCXJlZ7cDbdP8X5qXYGcOexu1Bvtim397ECzZQl4SpKGDT7dpAOj744F34fCWKEGBrJYnxUIXjyuLT0Wh0Efdo0HhHjSa3s4YWxNVSd2KM4AD4ReY54_339ZwtOvEIE1D4gxqVweO-eKBtqZwlE4cbXUtL9Mle5WV5U-x-WzyFFQ7WgWC4tmV5Nm7H0O-neHZJKQRBcntz63Sxu-Xsp_j0FOY4FHmMjkX-p76Uqgg8tkPhRTCJ1G6eeFYNbfmnrFmdhKWIwQxPmbZbR8EcsiHam3aO1DStLobMfKXLE50rrGjOR6xDqaDedg5nyyeW4inuzwV1CC_yLpGE4c_8NUazBmp3OWPhScNf_VDT9wk2RzWlU0_ow4d9MGVOWy0kqaeYsPY6sMwm_96m-ALIt5nVd5CEtztvzTXxw51DUlqXSTKYcMAnFukk4cp1ew2buBZsk592Ya6LSZq2qFPMyJhblN9sh4doDysNv8umVrpSiaPYlsv2DVVP1tEubVdaiYoDHDurUhSJ-AJw5QKrWrXtDOAD_co-xP61vLV1WIlS-B7ww2sBZrEPccZaEf0yvBl55JwRyAFrF9Ip57YYgA7IMiwq426L1SKc8wZFrEfWMk4yozJ113_yabc1LGYAedwcEO7YqLcq8YdylXJnn5PKW5h6kqqY8d6S_vM-jSlngjSnusSfiuqQvXpat-GIj0PdN210UmYF-8ZaBrTH5stGjQ6ezvX9kDoOvdgDtKjj-F45LRxQLDnw6dqAyQwXmC9jZ_aCb1iyVD9V2ebTdTjJsBHT5JivTtv2zP-z93epStYKSJ5SBUnqz8OzJ-IXAnVNIj3s87KwW-cMgvlAwMp1yLcN8ddCVv5VhbLWPYFMtERCiBj7-4aLoHfFBw37nfFe0gSAbh20TT9M1GnZK5ETBmCE9RCuSrfMyA6DGfd4B-cQT_mEh8mMh70HlJ9y4emupHMHF-O-Tcm8ef_qBwP3-1p3PiY-dhQ5Kr9xvrRE13YOUlys_sxzDVp_36n-K4ZaIr1A-9_8PV0LbCUnTAMaODIGSVzjNG45XHQYAsQxZbhH45E-_qAeHhPN9r6oF-CTGaGd6FkJ0hm-tFszU3afqRtKZK-8rKRhkhYlHQLDXvjmYkVwV1wZTnCIRvqOm-VXAcsAWb6iCyHrha2jMLp1Y_uumiIBWDS83PzFkjrf2DGYMr90SYkv5Rvqi2EtnI-sjT9UE6HYf6OZGbOuhGaA9R--SqrobC29yxO5g_aTs08KdBAubQGKTqDgFG9g7EpjShhS51u7TDEk9f2ublOPF-7-tC8TC3goMdPeH4C3YFno4-cozyqfdFg8DJamAp8EcWgDjlbyNwWoiLoQOrNOWjXWYkjFORI5mQL9mg4KoRm0UTO3CXw0L_PBMMjEqfM8QepngX3epdyXZTWCkgoByB7KmmX2Gydg-SsTeZlcSTVZqjGtMPIqEcXH1oeJemAnsetX4wbz9hEWnqfXcdbUx61hUrC1TNd65yiMES1gV-L8gw-sfHHP9e14W5KFPbfkrK-I90GvzazItoyqin52JvgK8uxUCeeuRxUx7JtlvRW4oQQshdecJBL9PbzuGrkb-Za6ltWfMNk6yn5-nUQvD8qUANXEygrQ7B7yZQ0PGRrrZut6WBcwwhycv8uZ2eHWJ3UynfhUJccXQbPUmN-jE3_tqgWgATxhSw9dOR6sI5diQ8-S5ktXSKO-9pcHvYBrIyr52Gxw1dYUfcmV1t6z7CU4DguKoINf2OyT_kNf_7GTn9PrflCr_yiA0vTQ4J98DvSthgbSA3swSPpzBgXG_fuarlLvGk51hdePWmMFaXyBcS0wCfZ9zZ3o0a8H75cV6LvXbZwucks0gBVICVRr46vRORppK3ssu5nUgGvwADhyD45BjRL_Vte-Z9kTCKvru5zsfP3uidVNzzT8ApCBNVd1lPlybAKsX7wfWxgj8vNQcQRxTj7lkNHdgt95qHPStzy_OPnTJ5JZlYjar1QUmzwaqqNtKBw7ocbst8dtNlpBf40vi-6LF2YsciJnLNVJXWEkYkqgpLwafdH0_OnLsMEo8tVakkgA7NweiBw2_nyCOPEqZtU6QMPSysLkNbN9cEQ3SCHRTSonnYVty0OgXtOtjGsRfX_Xno21Rp1gdYrh-Sn1UF8Pq8KevVXLix4LOtkSTPsxlk6qh6dFR7YvYfgjdEEEm8p3Ti0pk_8mKuPYhPmrphSDi5vIVOWBsxNX2uZTm7Hgxk63rA8eL_bzDSfVfYghJGCvVZfPGz8O1Uvme7SmEmKE611kq2czFYGAX1xax9nQ_HwClIzGLxOgmvXg5jEQKbUndZRPpuP7s7Y0OlPvhd8r1iMVoY4PvIlNGnmc090GgO6W2X8ku9n5RM1DjUbqjmW5oisVt8_EL9r07fqQywQHICR-1NSns9TNI_cjotjBKD4MbG-Vza4Rt0jlh7XEJNXqco3w3PO7lIbN-VYaEUvoLknvkmJwCQ23zbEY96VqJWQKrijuJ5nxeAu_6orLs7JI6SoqMCcMWSz56OOuwy6ZAeWfIOPAr9x3Fy08Lk6Wnzivb3vUD2Jn2bpV9AdYWsOFITjXrAmsnTmo12px08KAnoP1vmW8ub6ZTjAFGNiBtej5Mk5NiG9UIH1D9T4Rrkuf7DjKxoNcsyyRk9pwnOBP3xvZq_Q7QH2DwA8MyWEQlAhYQtJrKBXru8glQ5Z5PQEzhukcdc3F-KHmTlz0Nl2khHRpNTs9pupmjn7ZlNpQMRZjdPaeyzDism3AwPqP0b7D34xjUp94aYFKhNzC9UvA_dtvc1vm4KxP7ATJh7GdKVYQVwC_pArwfk1zZEd9TLtKYZC80EKoHTyaOBme4cWOhGB37PPzzL2RbxGcu8L8gRbq4C6qu5pGBsQps5qNjp-8SGA7dJsiHTqlmE7Rgl0aLeCR9g-afSzfPzsDHlk59_2RaBz7vM8rjNGyRqMCYAcp9gCNGFMB29QcT-Lzn47KqRvBc-EahWktCAQheLzaVBDTy7zNWgnHSt1cSVw6z8Ck_fm1BQ1I9yib5iC13Cdq6E4aaXGe9-fCCWpDEi5DgdH13RUOj6CCllOeP1Qt09xA7yKAP1WOh67zMvR0&cid=CAQSTgAvHhf_wQ1tnkIdcqV20niKk2ZenpkbTyY5Ul6coDZ6WVPQDs6eW3gqNZ6bWhXvtnGcivQiuIhRGPH6H4H97gQK5qkSJ2hqsZfX1RIaxBgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fcolunadofla.com%2F&ds=l&xdt=1&iif=1&cor=797242510757915000&adk=3944675603&idt=104&cac=0&dtd=6
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4bbd7300e889d424cd0f3e8b57ead3910523c901da91a3368c37c4b19156e371
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 16:16:34 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42893
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ca
tt-11382-4.seg.t.tailtarget.com/ 		83 B
335 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tt-11382-4.seg.t.tailtarget.com/ca?tZ=951616657&env=_ttq_tteurekaads
Requested by
Host: d.tailtarget.com
URL: https://d.tailtarget.com/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
99.185.102.34.bc.googleusercontent.com
Software
nginx/1.17.8 /
Resource Hash
a8cb46c35bbff9b025efae81ad117510cccedc5df75e417696109f381472b673

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://colunadofla.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 16:16:34 GMT
content-encoding
gzip
via
1.1 google
server
nginx/1.17.8
vary
Accept-Encoding, Accept-Encoding
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
application/javascript
cache-control
no-cache, private, proxy-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
skeleton.js
fw.adsafeprotected.com/rjss/st/1874223/77019481/ Frame E7D8 		270 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fw.adsafeprotected.com/rjss/st/1874223/77019481/skeleton.js?ias_dspID=3&ias_campId=1015060172&ias_pubId=pub-8170966538152543&ias_chanId=1&ias_placementId=20839934288&bidurl=https://colunadofla.com/&ias_dealId=&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0jcRkIUqPk6oUO8UzGAB1FY
Requested by
Host: colunadofla.com
URL: https://colunadofla.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.73.100.143 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-73-100-143.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ad6c79ffad86b1b363fbe442f80653301568855a475130d9908b0c8a5f7b16a2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 16:16:34 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
fw.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
express_html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame E7D8 		111 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Requested by
Host: colunadofla.com
URL: https://colunadofla.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/
Origin
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 21:44:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
66735
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39806
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:44:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 22 Jan 2024 21:44:19 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20240118/r20110914/elements/html/ Frame E7D8 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240118/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CXuBojHWKkDGKnrwTmUrTAb6dUDk4wjgZCFq1VahxKn_JaCxYCEscKJjt0nuP-9xZ3Dfi6qd6iO8UMzK05ydxA-0M61sr3uAa0ihcdoFIbpQ7PI7brD04erJVd3gYQ8BRdRjV-cqfOzRjozmc95xZ9oyRAYLWV-D9WPKcT_a_FredkRdM&dbm_d=AKAmf-CGEcR_4cXRzBwB1RvdeodM4yW2b0DKBbXEeyZhlZtQdJtP-qq0h2REFSMh6AadFp2tVMxI2EFTi4E80DO5yU4qmcMir42hfAdyF9B4YLwdfnnf-fJaX06P3vFIs6HWhzYQqCTBZJ2lOUrm8zsTcrrRgVXJxaYMEbRCO-qYd8cq3BnD1CXB1TYqf7GURTDMYt38HTcbuqdP0SCn7K8QSsuNpga8iVOedVX2BjiCPxbWRDhBhRJ1OJTCRtidB_mZSBYPMNg99hCB6rn8WuXnyNz5et8MbgcxY_lu-mzYw5K6n46_wp6Op612xTs5emZU1vaJ1Ah3onbs7w1VX4NHIesi52YV0mQR1siCnjdg5LLNYU0zRkezj_U-mUaBo1vBRfQMpnNJ4sldNtjBHNoAu_Cw7ujNcYtS-NJOJEB3XXNSXgvcHT1BpbKFbSz8WYEKrwsEMVjoUvUKCOXWZGXDqE-XaCuVzV4BiROtYGl58mrgm4oqHFDdhW9O4TIH0XksHYR1PglB9u--yFpJlDi2sEASr_zps6dav_URQzQlXuQ20FYN_W2t6HSui2l13HIyKVMPZNOACFyXLx8tBwnKUYgG3J6KJzJs63dRkcgRpLGahingEp9um9hqFeMn0AtPazakC_CcFvLVpoGIxnNcETNMQz35t3qfeDZwdizTG_fSYpD1nFNEVqCRBsU8bgz8EPd8MfJxn6c3eIMLhLtexbMdrjo6kTM6t0AYK_VzZMqghtVtON-711O0ee6kraQCAUCXJlZ7cDbdP8X5qXYGcOexu1Bvtim397ECzZQl4SpKGDT7dpAOj744F34fCWKEGBrJYnxUIXjyuLT0Wh0Efdo0HhHjSa3s4YWxNVSd2KM4AD4ReY54_339ZwtOvEIE1D4gxqVweO-eKBtqZwlE4cbXUtL9Mle5WV5U-x-WzyFFQ7WgWC4tmV5Nm7H0O-neHZJKQRBcntz63Sxu-Xsp_j0FOY4FHmMjkX-p76Uqgg8tkPhRTCJ1G6eeFYNbfmnrFmdhKWIwQxPmbZbR8EcsiHam3aO1DStLobMfKXLE50rrGjOR6xDqaDedg5nyyeW4inuzwV1CC_yLpGE4c_8NUazBmp3OWPhScNf_VDT9wk2RzWlU0_ow4d9MGVOWy0kqaeYsPY6sMwm_96m-ALIt5nVd5CEtztvzTXxw51DUlqXSTKYcMAnFukk4cp1ew2buBZsk592Ya6LSZq2qFPMyJhblN9sh4doDysNv8umVrpSiaPYlsv2DVVP1tEubVdaiYoDHDurUhSJ-AJw5QKrWrXtDOAD_co-xP61vLV1WIlS-B7ww2sBZrEPccZaEf0yvBl55JwRyAFrF9Ip57YYgA7IMiwq426L1SKc8wZFrEfWMk4yozJ113_yabc1LGYAedwcEO7YqLcq8YdylXJnn5PKW5h6kqqY8d6S_vM-jSlngjSnusSfiuqQvXpat-GIj0PdN210UmYF-8ZaBrTH5stGjQ6ezvX9kDoOvdgDtKjj-F45LRxQLDnw6dqAyQwXmC9jZ_aCb1iyVD9V2ebTdTjJsBHT5JivTtv2zP-z93epStYKSJ5SBUnqz8OzJ-IXAnVNIj3s87KwW-cMgvlAwMp1yLcN8ddCVv5VhbLWPYFMtERCiBj7-4aLoHfFBw37nfFe0gSAbh20TT9M1GnZK5ETBmCE9RCuSrfMyA6DGfd4B-cQT_mEh8mMh70HlJ9y4emupHMHF-O-Tcm8ef_qBwP3-1p3PiY-dhQ5Kr9xvrRE13YOUlys_sxzDVp_36n-K4ZaIr1A-9_8PV0LbCUnTAMaODIGSVzjNG45XHQYAsQxZbhH45E-_qAeHhPN9r6oF-CTGaGd6FkJ0hm-tFszU3afqRtKZK-8rKRhkhYlHQLDXvjmYkVwV1wZTnCIRvqOm-VXAcsAWb6iCyHrha2jMLp1Y_uumiIBWDS83PzFkjrf2DGYMr90SYkv5Rvqi2EtnI-sjT9UE6HYf6OZGbOuhGaA9R--SqrobC29yxO5g_aTs08KdBAubQGKTqDgFG9g7EpjShhS51u7TDEk9f2ublOPF-7-tC8TC3goMdPeH4C3YFno4-cozyqfdFg8DJamAp8EcWgDjlbyNwWoiLoQOrNOWjXWYkjFORI5mQL9mg4KoRm0UTO3CXw0L_PBMMjEqfM8QepngX3epdyXZTWCkgoByB7KmmX2Gydg-SsTeZlcSTVZqjGtMPIqEcXH1oeJemAnsetX4wbz9hEWnqfXcdbUx61hUrC1TNd65yiMES1gV-L8gw-sfHHP9e14W5KFPbfkrK-I90GvzazItoyqin52JvgK8uxUCeeuRxUx7JtlvRW4oQQshdecJBL9PbzuGrkb-Za6ltWfMNk6yn5-nUQvD8qUANXEygrQ7B7yZQ0PGRrrZut6WBcwwhycv8uZ2eHWJ3UynfhUJccXQbPUmN-jE3_tqgWgATxhSw9dOR6sI5diQ8-S5ktXSKO-9pcHvYBrIyr52Gxw1dYUfcmV1t6z7CU4DguKoINf2OyT_kNf_7GTn9PrflCr_yiA0vTQ4J98DvSthgbSA3swSPpzBgXG_fuarlLvGk51hdePWmMFaXyBcS0wCfZ9zZ3o0a8H75cV6LvXbZwucks0gBVICVRr46vRORppK3ssu5nUgGvwADhyD45BjRL_Vte-Z9kTCKvru5zsfP3uidVNzzT8ApCBNVd1lPlybAKsX7wfWxgj8vNQcQRxTj7lkNHdgt95qHPStzy_OPnTJ5JZlYjar1QUmzwaqqNtKBw7ocbst8dtNlpBf40vi-6LF2YsciJnLNVJXWEkYkqgpLwafdH0_OnLsMEo8tVakkgA7NweiBw2_nyCOPEqZtU6QMPSysLkNbN9cEQ3SCHRTSonnYVty0OgXtOtjGsRfX_Xno21Rp1gdYrh-Sn1UF8Pq8KevVXLix4LOtkSTPsxlk6qh6dFR7YvYfgjdEEEm8p3Ti0pk_8mKuPYhPmrphSDi5vIVOWBsxNX2uZTm7Hgxk63rA8eL_bzDSfVfYghJGCvVZfPGz8O1Uvme7SmEmKE611kq2czFYGAX1xax9nQ_HwClIzGLxOgmvXg5jEQKbUndZRPpuP7s7Y0OlPvhd8r1iMVoY4PvIlNGnmc090GgO6W2X8ku9n5RM1DjUbqjmW5oisVt8_EL9r07fqQywQHICR-1NSns9TNI_cjotjBKD4MbG-Vza4Rt0jlh7XEJNXqco3w3PO7lIbN-VYaEUvoLknvkmJwCQ23zbEY96VqJWQKrijuJ5nxeAu_6orLs7JI6SoqMCcMWSz56OOuwy6ZAeWfIOPAr9x3Fy08Lk6Wnzivb3vUD2Jn2bpV9AdYWsOFITjXrAmsnTmo12px08KAnoP1vmW8ub6ZTjAFGNiBtej5Mk5NiG9UIH1D9T4Rrkuf7DjKxoNcsyyRk9pwnOBP3xvZq_Q7QH2DwA8MyWEQlAhYQtJrKBXru8glQ5Z5PQEzhukcdc3F-KHmTlz0Nl2khHRpNTs9pupmjn7ZlNpQMRZjdPaeyzDism3AwPqP0b7D34xjUp94aYFKhNzC9UvA_dtvc1vm4KxP7ATJh7GdKVYQVwC_pArwfk1zZEd9TLtKYZC80EKoHTyaOBme4cWOhGB37PPzzL2RbxGcu8L8gRbq4C6qu5pGBsQps5qNjp-8SGA7dJsiHTqlmE7Rgl0aLeCR9g-afSzfPzsDHlk59_2RaBz7vM8rjNGyRqMCYAcp9gCNGFMB29QcT-Lzn47KqRvBc-EahWktCAQheLzaVBDTy7zNWgnHSt1cSVw6z8Ck_fm1BQ1I9yib5iC13Cdq6E4aaXGe9-fCCWpDEi5DgdH13RUOj6CCllOeP1Qt09xA7yKAP1WOh67zMvR0&cid=CAQSTgAvHhf_wQ1tnkIdcqV20niKk2ZenpkbTyY5Ul6coDZ6WVPQDs6eW3gqNZ6bWhXvtnGcivQiuIhRGPH6H4H97gQK5qkSJ2hqsZfX1RIaxBgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fcolunadofla.com%2F&ds=l&xdt=1&iif=1&cor=797242510757915000&adk=3944675603&idt=104&cac=0&dtd=6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9159ff44d7094b8c99c902b187018a7e1115252e3c0438f9d4622295cd00d287
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 18:30:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
78385
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4383
x-xss-protection
0
server
cafe
etag
1583492410672046836
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 04 Feb 2024 18:30:09 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20240118/r20110914/ Frame E7D8 		31 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240118/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CXuBojHWKkDGKnrwTmUrTAb6dUDk4wjgZCFq1VahxKn_JaCxYCEscKJjt0nuP-9xZ3Dfi6qd6iO8UMzK05ydxA-0M61sr3uAa0ihcdoFIbpQ7PI7brD04erJVd3gYQ8BRdRjV-cqfOzRjozmc95xZ9oyRAYLWV-D9WPKcT_a_FredkRdM&dbm_d=AKAmf-CGEcR_4cXRzBwB1RvdeodM4yW2b0DKBbXEeyZhlZtQdJtP-qq0h2REFSMh6AadFp2tVMxI2EFTi4E80DO5yU4qmcMir42hfAdyF9B4YLwdfnnf-fJaX06P3vFIs6HWhzYQqCTBZJ2lOUrm8zsTcrrRgVXJxaYMEbRCO-qYd8cq3BnD1CXB1TYqf7GURTDMYt38HTcbuqdP0SCn7K8QSsuNpga8iVOedVX2BjiCPxbWRDhBhRJ1OJTCRtidB_mZSBYPMNg99hCB6rn8WuXnyNz5et8MbgcxY_lu-mzYw5K6n46_wp6Op612xTs5emZU1vaJ1Ah3onbs7w1VX4NHIesi52YV0mQR1siCnjdg5LLNYU0zRkezj_U-mUaBo1vBRfQMpnNJ4sldNtjBHNoAu_Cw7ujNcYtS-NJOJEB3XXNSXgvcHT1BpbKFbSz8WYEKrwsEMVjoUvUKCOXWZGXDqE-XaCuVzV4BiROtYGl58mrgm4oqHFDdhW9O4TIH0XksHYR1PglB9u--yFpJlDi2sEASr_zps6dav_URQzQlXuQ20FYN_W2t6HSui2l13HIyKVMPZNOACFyXLx8tBwnKUYgG3J6KJzJs63dRkcgRpLGahingEp9um9hqFeMn0AtPazakC_CcFvLVpoGIxnNcETNMQz35t3qfeDZwdizTG_fSYpD1nFNEVqCRBsU8bgz8EPd8MfJxn6c3eIMLhLtexbMdrjo6kTM6t0AYK_VzZMqghtVtON-711O0ee6kraQCAUCXJlZ7cDbdP8X5qXYGcOexu1Bvtim397ECzZQl4SpKGDT7dpAOj744F34fCWKEGBrJYnxUIXjyuLT0Wh0Efdo0HhHjSa3s4YWxNVSd2KM4AD4ReY54_339ZwtOvEIE1D4gxqVweO-eKBtqZwlE4cbXUtL9Mle5WV5U-x-WzyFFQ7WgWC4tmV5Nm7H0O-neHZJKQRBcntz63Sxu-Xsp_j0FOY4FHmMjkX-p76Uqgg8tkPhRTCJ1G6eeFYNbfmnrFmdhKWIwQxPmbZbR8EcsiHam3aO1DStLobMfKXLE50rrGjOR6xDqaDedg5nyyeW4inuzwV1CC_yLpGE4c_8NUazBmp3OWPhScNf_VDT9wk2RzWlU0_ow4d9MGVOWy0kqaeYsPY6sMwm_96m-ALIt5nVd5CEtztvzTXxw51DUlqXSTKYcMAnFukk4cp1ew2buBZsk592Ya6LSZq2qFPMyJhblN9sh4doDysNv8umVrpSiaPYlsv2DVVP1tEubVdaiYoDHDurUhSJ-AJw5QKrWrXtDOAD_co-xP61vLV1WIlS-B7ww2sBZrEPccZaEf0yvBl55JwRyAFrF9Ip57YYgA7IMiwq426L1SKc8wZFrEfWMk4yozJ113_yabc1LGYAedwcEO7YqLcq8YdylXJnn5PKW5h6kqqY8d6S_vM-jSlngjSnusSfiuqQvXpat-GIj0PdN210UmYF-8ZaBrTH5stGjQ6ezvX9kDoOvdgDtKjj-F45LRxQLDnw6dqAyQwXmC9jZ_aCb1iyVD9V2ebTdTjJsBHT5JivTtv2zP-z93epStYKSJ5SBUnqz8OzJ-IXAnVNIj3s87KwW-cMgvlAwMp1yLcN8ddCVv5VhbLWPYFMtERCiBj7-4aLoHfFBw37nfFe0gSAbh20TT9M1GnZK5ETBmCE9RCuSrfMyA6DGfd4B-cQT_mEh8mMh70HlJ9y4emupHMHF-O-Tcm8ef_qBwP3-1p3PiY-dhQ5Kr9xvrRE13YOUlys_sxzDVp_36n-K4ZaIr1A-9_8PV0LbCUnTAMaODIGSVzjNG45XHQYAsQxZbhH45E-_qAeHhPN9r6oF-CTGaGd6FkJ0hm-tFszU3afqRtKZK-8rKRhkhYlHQLDXvjmYkVwV1wZTnCIRvqOm-VXAcsAWb6iCyHrha2jMLp1Y_uumiIBWDS83PzFkjrf2DGYMr90SYkv5Rvqi2EtnI-sjT9UE6HYf6OZGbOuhGaA9R--SqrobC29yxO5g_aTs08KdBAubQGKTqDgFG9g7EpjShhS51u7TDEk9f2ublOPF-7-tC8TC3goMdPeH4C3YFno4-cozyqfdFg8DJamAp8EcWgDjlbyNwWoiLoQOrNOWjXWYkjFORI5mQL9mg4KoRm0UTO3CXw0L_PBMMjEqfM8QepngX3epdyXZTWCkgoByB7KmmX2Gydg-SsTeZlcSTVZqjGtMPIqEcXH1oeJemAnsetX4wbz9hEWnqfXcdbUx61hUrC1TNd65yiMES1gV-L8gw-sfHHP9e14W5KFPbfkrK-I90GvzazItoyqin52JvgK8uxUCeeuRxUx7JtlvRW4oQQshdecJBL9PbzuGrkb-Za6ltWfMNk6yn5-nUQvD8qUANXEygrQ7B7yZQ0PGRrrZut6WBcwwhycv8uZ2eHWJ3UynfhUJccXQbPUmN-jE3_tqgWgATxhSw9dOR6sI5diQ8-S5ktXSKO-9pcHvYBrIyr52Gxw1dYUfcmV1t6z7CU4DguKoINf2OyT_kNf_7GTn9PrflCr_yiA0vTQ4J98DvSthgbSA3swSPpzBgXG_fuarlLvGk51hdePWmMFaXyBcS0wCfZ9zZ3o0a8H75cV6LvXbZwucks0gBVICVRr46vRORppK3ssu5nUgGvwADhyD45BjRL_Vte-Z9kTCKvru5zsfP3uidVNzzT8ApCBNVd1lPlybAKsX7wfWxgj8vNQcQRxTj7lkNHdgt95qHPStzy_OPnTJ5JZlYjar1QUmzwaqqNtKBw7ocbst8dtNlpBf40vi-6LF2YsciJnLNVJXWEkYkqgpLwafdH0_OnLsMEo8tVakkgA7NweiBw2_nyCOPEqZtU6QMPSysLkNbN9cEQ3SCHRTSonnYVty0OgXtOtjGsRfX_Xno21Rp1gdYrh-Sn1UF8Pq8KevVXLix4LOtkSTPsxlk6qh6dFR7YvYfgjdEEEm8p3Ti0pk_8mKuPYhPmrphSDi5vIVOWBsxNX2uZTm7Hgxk63rA8eL_bzDSfVfYghJGCvVZfPGz8O1Uvme7SmEmKE611kq2czFYGAX1xax9nQ_HwClIzGLxOgmvXg5jEQKbUndZRPpuP7s7Y0OlPvhd8r1iMVoY4PvIlNGnmc090GgO6W2X8ku9n5RM1DjUbqjmW5oisVt8_EL9r07fqQywQHICR-1NSns9TNI_cjotjBKD4MbG-Vza4Rt0jlh7XEJNXqco3w3PO7lIbN-VYaEUvoLknvkmJwCQ23zbEY96VqJWQKrijuJ5nxeAu_6orLs7JI6SoqMCcMWSz56OOuwy6ZAeWfIOPAr9x3Fy08Lk6Wnzivb3vUD2Jn2bpV9AdYWsOFITjXrAmsnTmo12px08KAnoP1vmW8ub6ZTjAFGNiBtej5Mk5NiG9UIH1D9T4Rrkuf7DjKxoNcsyyRk9pwnOBP3xvZq_Q7QH2DwA8MyWEQlAhYQtJrKBXru8glQ5Z5PQEzhukcdc3F-KHmTlz0Nl2khHRpNTs9pupmjn7ZlNpQMRZjdPaeyzDism3AwPqP0b7D34xjUp94aYFKhNzC9UvA_dtvc1vm4KxP7ATJh7GdKVYQVwC_pArwfk1zZEd9TLtKYZC80EKoHTyaOBme4cWOhGB37PPzzL2RbxGcu8L8gRbq4C6qu5pGBsQps5qNjp-8SGA7dJsiHTqlmE7Rgl0aLeCR9g-afSzfPzsDHlk59_2RaBz7vM8rjNGyRqMCYAcp9gCNGFMB29QcT-Lzn47KqRvBc-EahWktCAQheLzaVBDTy7zNWgnHSt1cSVw6z8Ck_fm1BQ1I9yib5iC13Cdq6E4aaXGe9-fCCWpDEi5DgdH13RUOj6CCllOeP1Qt09xA7yKAP1WOh67zMvR0&cid=CAQSTgAvHhf_wQ1tnkIdcqV20niKk2ZenpkbTyY5Ul6coDZ6WVPQDs6eW3gqNZ6bWhXvtnGcivQiuIhRGPH6H4H97gQK5qkSJ2hqsZfX1RIaxBgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fcolunadofla.com%2F&ds=l&xdt=1&iif=1&cor=797242510757915000&adk=3944675603&idt=104&cac=0&dtd=6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9dfbb8e1be036059aea6dd87bdbefa7ecada3617fb3f404ba4647ebbbf8160b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 18:30:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
78385
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11885
x-xss-protection
0
server
cafe
etag
16863283086342074828
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 04 Feb 2024 18:30:09 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame E7D8 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: colunadofla.com
URL: https://colunadofla.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 17:14:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
428506
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 16 Jan 2025 17:14:48 GMT
truncated
/ Frame E7D8 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
aa411e365e755452288fdcd76f77047d9add3515df614e149900b4bb6979ca39

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/png
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame E3A7 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
428506
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 17 Jan 2024 17:14:48 GMT
expires
Thu, 16 Jan 2025 17:14:48 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
index.html
s0.2mdn.net/sadbundle/10322374245016296065/ Frame 49C2 		8 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/10322374245016296065/index.html?ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0c2afe310f81e0cc65e85d2ef9550b4cdae58b8ee6317eb39b163f0c289ae2ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
58323
allow-fenced-frame-automatic-beacons
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
2375
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Mon, 22 Jan 2024 00:04:31 GMT
expires
Tue, 21 Jan 2025 00:04:31 GMT
last-modified
Wed, 06 Dec 2023 11:15:48 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame E7D8 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstEk_tIwtMGlBXFOrs7php_Kp53MevOQUk0VRkuQpAnuB7k4DGVr4my6D7Pg48a3eoPsCbmenlx-znC1JQlqwO2QnMD44R4XeG8nNgqM6LV3kj7eDp8X7sNIgPL4qq47RflIu9FmSEUL1dqEf1NdsNU_LbTABEbe4SS8_5RCY7lcofMgLX707ZlZOq8lb4rWkvAaprbh9WjoXc1tORG7iBtZQy1odKpBKt7cMKwD419z10P9plwTUBRx8fCp8dYoYuse6JX0yctol2dxYo4ZLmZ4RKkujI0rRRgdix9IeK3l0HjQCPgM14xjPjkb6Plo9MEM11H0egCmBRK6ksyFtGCbNXiyUsLyQK5kOlNOR2QYF-qwx6pPGzRszwWg8XDwhnyHl7P3FuAIjwbHnhL8s06qCoN6k05BBFgwSUO56PUr2fexOwaHznYjUh1TP-iYSaASBVTV3Kiw-v1Y3erpuicRP5RiGvv2dH8YnrZXcNmWwv5vS2aP2nve6KpBtSM3Fy_ehnYIhhOEclX4wFwH9-M6fPdcfzFgO-zasubjBzrAwgPJj1BQn7khFEwdan8n140b4d_w6z6jGFWpHepj-6SaEnHzyNQ5SoiHObrfHdpSJq2nv46vlS7b2v6Br7aTQxZ0UeGTI1xgytZUHQhZrTMf_3_ACH17-cz6iwcNMseZbDiT-V9LhdFD-BFxMMdqUTidrIXcdKg3E9Z6_1PylaJw4ZFyl_F9fzmYTXu30l1qIh_gN7CeCfsYV0uBlabVG69zBjst9YzS23NDA3cE8DeQftTawDI8g5itVe0gCT6e20_I_rFxfG47KXN7R6DuOJjyojnPGnVDi3pFX-Q__goHQODy-uZhwatPa582MScIPM89zY-Fixh4yadZz_-pAmfZupi1Tza1K6xsGB6ihsoxQuJ5mL4dcR1bIwXfcatW0hHHQqWfVTe_yt7mHqMTwAPDnAa3dSm5sHq4evLW6BfFdscDAfDwT3mhCvxy8pa_mC882mWRB9Cl75MDTzgkFzYBNbcwBryg6gQOpYdt87ADrctMBdJYACIpVlWSd0Mqpl83il80MCFtriSur528lNQg-r4yHWMa6b6QTmGvXKCw2eYDgXJ9omDw0M7kfNe8l-pnlfGoa8qSLieMrHrjt-W2g1l5CHAhMFFHoQsbgjLeL7l7u5eJ0enp6WHmEBdzjY7OGKlrubp32L_3ksxFtymTwmBH_Ej02wp5k2yH_eZQTyqDNCP7V2B8xtolrvBQfT1DJ8WUstxed1KH1FxarFVXYpsTz5uzMVqbsxC_r8AY2EL8MqWX_niSOqn42PxvffPjzOkvjVFw5-fiOq0jd--3vc4PHWpm3Ouo2aiPTAfJEOtSiZm-hdv9c81hcI9m-hcD5sftpkpRI9zqPZn4PIC9mOjhHw&sai=AMfl-YSOvuU7nQvdVgAgl1L0hE2zqDUl0xSgQeNzL9PWItIWxXzKk0GMXTXc8w2GQwMle0B1VGL1iv7hcjFM1B1rXxsJPZTIGwKpjQwZ-veT7igCX1XMD-L_duG3NhC6_kWQBozvE_Fjhtf14nMFfrNWxEJkHpKoDJxHycnuJUjk7yT3KUM242XRBkxFSL35IlWWvloXmN8aPPOuAhvttry1ORXsHkutQGP9cw_0ROCWvnN78WkQFMeeAJ7OJ8sfxuQ5pFJ9Pfwpev5c0i6UFCw_gbfNWu5NXSArYUMhuQ&sig=Cg0ArKJSzHZr0VVEza0GEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=37&cbvp=1&cstd=36&cisv=r20240118.24823&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: colunadofla.com
URL: https://colunadofla.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Mon, 22 Jan 2024 16:16:34 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
style.css
s0.2mdn.net/sadbundle/10322374245016296065/css/ Frame 49C2 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/10322374245016296065/css/style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10322374245016296065/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
507a74eb21e9a16396d226f31f5e25345a8208db821d9fc5798284c38bec5e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10322374245016296065/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Tue, 21 Jan 2025 00:04:32 GMT
date
Mon, 22 Jan 2024 00:04:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
58322
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2009
x-xss-protection
0
last-modified
Wed, 06 Dec 2023 11:15:48 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
gsap.min.js
cdnjs.cloudflare.com/ajax/libs/gsap/3.12.0/ Frame 49C2 		70 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/gsap/3.12.0/gsap.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10322374245016296065/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce56080747fb3b762486b9ccc59bc01f871c9647d354a1c27b52cdb73fc1bfe1
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 16:16:34 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
6360109
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
25267
last-modified
Tue, 01 Aug 2023 16:38:45 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"64c93515-62b3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RCarRgFoWT6%2FvDbKSp8Gs5BgIZTbrXF2xfyy0%2BCpWu3X6VjOCGFeZ47%2BJ3i0A9Fg8he2w2yX4BBmHXM8%2BhHyEr5QA56VI1vqixdUyQqNhcFhoBQhcTBJMUCQTO%2BfardvdxIGopyhP7yxRek6EGOfVNFZ"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
84991a274d623681-FRA
expires
Sat, 11 Jan 2025 16:16:34 GMT
CustomEase.min.js
cdnjs.cloudflare.com/ajax/libs/gsap/3.12.0/ Frame 49C2 		7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/gsap/3.12.0/CustomEase.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10322374245016296065/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c190eb38a3f491bcbf96b136cf4a4ab534ac1293d37d9047fd77db6365c86682
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 16:16:34 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
6165909
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
3299
last-modified
Tue, 01 Aug 2023 16:38:45 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"64c93515-ce3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EJgnx2gv5d71oGxkjI1E5NPATTrzAyUmjMCIXSnP4if4QP1znd81LwcspG64FwZ9jZS6CQ2y51Cd1HyC%2BrWpHGwMfbQ%2BeydioBh0LLJdQ57msZtPfJg29cEpew4qsTrRxQjcTgC6VF3KDNLGITsDQJAL"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
84991a274d643681-FRA
expires
Sat, 11 Jan 2025 16:16:34 GMT
dyson.svg
s0.2mdn.net/sadbundle/10322374245016296065/assets/ Frame 49C2 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/10322374245016296065/assets/dyson.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10322374245016296065/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e7b8d433b88d210c6aeb414da6fc440f45c471fad1b5aaae9f0b66c50122c62b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10322374245016296065/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Thu, 16 Jan 2025 17:50:17 GMT
date
Wed, 17 Jan 2024 17:50:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
426377
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1076
x-xss-protection
0
last-modified
Wed, 06 Dec 2023 11:15:48 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
rtbIcon.svg
s0.2mdn.net/sadbundle/10322374245016296065/assets/ Frame 49C2 		2 KB
811 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/10322374245016296065/assets/rtbIcon.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10322374245016296065/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e5e166567ad908883ca1d769c38b6f65959bb067295e5ea3c2f850ec5fa2b8d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10322374245016296065/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Sat, 18 Jan 2025 02:29:07 GMT
date
Fri, 19 Jan 2024 02:29:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
308847
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
771
x-xss-protection
0
last-modified
Wed, 06 Dec 2023 11:15:48 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
dyson-v15s-submarine-stack.svg
s0.2mdn.net/sadbundle/10322374245016296065/assets/ Frame 49C2 		9 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/10322374245016296065/assets/dyson-v15s-submarine-stack.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10322374245016296065/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8bb76b6ed760de97f8a40e71c79ce9704e965bb287761bd81fb2fb021b8609c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10322374245016296065/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Tue, 21 Jan 2025 11:25:10 GMT
date
Mon, 22 Jan 2024 11:25:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
17484
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2891
x-xss-protection
0
last-modified
Wed, 06 Dec 2023 11:15:48 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
1-min.jpg
s0.2mdn.net/sadbundle/10322374245016296065/assets/ Frame 49C2 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/10322374245016296065/assets/1-min.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10322374245016296065/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8bb76af1be9c401ef3da16e31401b74f7cb0627154925d8c9fa308fba2e1413c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10322374245016296065/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Tue, 21 Jan 2025 00:04:32 GMT
date
Mon, 22 Jan 2024 00:04:32 GMT
x-content-type-options
nosniff
age
58322
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
26291
x-xss-protection
0
last-modified
Wed, 06 Dec 2023 11:15:48 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
2-min.jpg
s0.2mdn.net/sadbundle/10322374245016296065/assets/ Frame 49C2 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/10322374245016296065/assets/2-min.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10322374245016296065/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
372360f6d3fa2133dfbf08ba93b3b55985785cb74106d75839618b7d273dd3c6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10322374245016296065/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Tue, 21 Jan 2025 00:04:32 GMT
date
Mon, 22 Jan 2024 00:04:32 GMT
x-content-type-options
nosniff
age
58322
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25258
x-xss-protection
0
last-modified
Wed, 06 Dec 2023 11:15:48 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
3-min.jpg
s0.2mdn.net/sadbundle/10322374245016296065/assets/ Frame 49C2 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/10322374245016296065/assets/3-min.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10322374245016296065/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ca4c3ad9639830e6f8f8e29775549fc24fcab33b4eeec7ae77da27c5c9e6bc80
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10322374245016296065/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Thu, 16 Jan 2025 02:24:16 GMT
date
Wed, 17 Jan 2024 02:24:16 GMT
x-content-type-options
nosniff
age
481938
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20858
x-xss-protection
0
last-modified
Wed, 06 Dec 2023 11:15:48 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
gradient.png
s0.2mdn.net/sadbundle/10322374245016296065/assets/ Frame 49C2 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/10322374245016296065/assets/gradient.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10322374245016296065/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2b67702d4e78a4b6d5981a50298b0989dea48fc7d95b5e593dfafbe96cdbb309
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10322374245016296065/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Wed, 15 Jan 2025 22:26:04 GMT
date
Tue, 16 Jan 2024 22:26:04 GMT
x-content-type-options
nosniff
age
496230
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4218
x-xss-protection
0
last-modified
Wed, 06 Dec 2023 11:15:48 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
4-min.jpg
s0.2mdn.net/sadbundle/10322374245016296065/assets/ Frame 49C2 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/10322374245016296065/assets/4-min.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10322374245016296065/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
19dc5f765d51f715497f0eadd0dede8eaa5ee17447a22db60538f60ca7c0a01d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10322374245016296065/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Tue, 21 Jan 2025 11:25:16 GMT
date
Mon, 22 Jan 2024 11:25:16 GMT
x-content-type-options
nosniff
age
17478
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32615
x-xss-protection
0
last-modified
Wed, 06 Dec 2023 11:15:48 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
overlay.png
s0.2mdn.net/sadbundle/10322374245016296065/assets/ Frame 49C2 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/10322374245016296065/assets/overlay.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10322374245016296065/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a72990ce8413aceedbfbf2f1d7ca2231c726b29a4ab1ddbca32b45ad685b4e26
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10322374245016296065/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Thu, 16 Jan 2025 02:14:10 GMT
date
Wed, 17 Jan 2024 02:14:10 GMT
x-content-type-options
nosniff
age
482544
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14477
x-xss-protection
0
last-modified
Wed, 06 Dec 2023 11:15:48 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
arrow.svg
s0.2mdn.net/sadbundle/10322374245016296065/assets/ Frame 49C2 		192 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/10322374245016296065/assets/arrow.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10322374245016296065/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fd99a285d81a12f549b741db9604416a669e2ee8accf00cd40c0b0344e9ba63f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10322374245016296065/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Tue, 21 Jan 2025 00:04:32 GMT
date
Mon, 22 Jan 2024 00:04:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
58322
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
161
x-xss-protection
0
last-modified
Wed, 06 Dec 2023 11:15:48 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
script.js
s0.2mdn.net/sadbundle/10322374245016296065/script/ Frame 49C2 		4 KB
1021 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/10322374245016296065/script/script.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10322374245016296065/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a55f386367cbcc30390435806075251b8ef4afb086409bc8e301558223398245
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10322374245016296065/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Thu, 16 Jan 2025 02:12:29 GMT
date
Wed, 17 Jan 2024 02:12:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
482645
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
982
x-xss-protection
0
last-modified
Wed, 06 Dec 2023 11:15:48 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
i_I7gtk5u389ZGUJiYlLngBTR4no54KgcGkAXYvtCUw.js
pagead2.googlesyndication.com/bg/ Frame E3A7 		51 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/i_I7gtk5u389ZGUJiYlLngBTR4no54KgcGkAXYvtCUw.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8bf23b82d939bb7f3d64650989894b9e00534789e8e782a07069005d8bed094c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 02:17:03 GMT
content-encoding
br
x-content-type-options
nosniff
age
482371
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19704
x-xss-protection
0
last-modified
Mon, 15 Jan 2024 09:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 16 Jan 2025 02:17:03 GMT
11822513
api.attentionxyz.com/api/event/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.attentionxyz.com/api/event/11822513
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.222.118 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
118.222.117.34.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
accepts,amt-event,content-type
Access-Control-Request-Method
POST
Origin
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
accepts,amt-event,content-type
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Mon, 22 Jan 2024 16:16:34 GMT
vary
Origin, Access-Control-Request-Headers
via
1.1 google
11822513
api.attentionxyz.com/api/event/ Frame 4C61 		2 B
17 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.attentionxyz.com/api/event/11822513
Requested by
Host: attentionxyz.com
URL: https://attentionxyz.com/160-3c6e1570/amt.js?tagLabel=Dept_Agency_cm360&attrAdvertiser=11822513&attrCampaign=31208750&attrSite=7847497&attrPlacement=385568821&attrCreative=208026589&attrAd=576600420&attr1=%edclid!&attr2=j
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.222.118 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
118.222.117.34.bc.googleusercontent.com
Software
/
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Accepts
application/json
Referer
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/
Amt-Event
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJrZXkiOiJhbXQtcHJvZCJ9.8dotrQPk6rXdTZUfYiTmmCx3BKBZ0ngS9huOY_9Rk9s
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 22 Jan 2024 16:16:34 GMT
via
1.1 google
vary
Origin
content-type
text/html
access-control-allow-origin
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
dysonfutura-book.woff
s0.2mdn.net/sadbundle/10322374245016296065/assets/ Frame 49C2 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/10322374245016296065/assets/dysonfutura-book.woff
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10322374245016296065/css/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c868679a384546d80661e6085c6a40e95de3be2ad0487c56e116703ffd1850bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/10322374245016296065/css/style.css
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Wed, 15 Jan 2025 23:37:24 GMT
date
Tue, 16 Jan 2024 23:37:24 GMT
x-content-type-options
nosniff
age
491950
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7928
x-xss-protection
0
last-modified
Wed, 06 Dec 2023 11:15:48 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
view
googleads4.g.doubleclick.net/pcs/ Frame E7D8 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstEk_tIwtMGlBXFOrs7php_Kp53MevOQUk0VRkuQpAnuB7k4DGVr4my6D7Pg48a3eoPsCbmenlx-znC1JQlqwO2QnMD44R4XeG8nNgqM6LV3kj7eDp8X7sNIgPL4qq47RflIu9FmSEUL1dqEf1NdsNU_LbTABEbe4SS8_5RCY7lcofMgLX707ZlZOq8lb4rWkvAaprbh9WjoXc1tORG7iBtZQy1odKpBKt7cMKwD419z10P9plwTUBRx8fCp8dYoYuse6JX0yctol2dxYo4ZLmZ4RKkujI0rRRgdix9IeK3l0HjQCPgM14xjPjkb6Plo9MEM11H0egCmBRK6ksyFtGCbNXiyUsLyQK5kOlNOR2QYF-qwx6pPGzRszwWg8XDwhnyHl7P3FuAIjwbHnhL8s06qCoN6k05BBFgwSUO56PUr2fexOwaHznYjUh1TP-iYSaASBVTV3Kiw-v1Y3erpuicRP5RiGvv2dH8YnrZXcNmWwv5vS2aP2nve6KpBtSM3Fy_ehnYIhhOEclX4wFwH9-M6fPdcfzFgO-zasubjBzrAwgPJj1BQn7khFEwdan8n140b4d_w6z6jGFWpHepj-6SaEnHzyNQ5SoiHObrfHdpSJq2nv46vlS7b2v6Br7aTQxZ0UeGTI1xgytZUHQhZrTMf_3_ACH17-cz6iwcNMseZbDiT-V9LhdFD-BFxMMdqUTidrIXcdKg3E9Z6_1PylaJw4ZFyl_F9fzmYTXu30l1qIh_gN7CeCfsYV0uBlabVG69zBjst9YzS23NDA3cE8DeQftTawDI8g5itVe0gCT6e20_I_rFxfG47KXN7R6DuOJjyojnPGnVDi3pFX-Q__goHQODy-uZhwatPa582MScIPM89zY-Fixh4yadZz_-pAmfZupi1Tza1K6xsGB6ihsoxQuJ5mL4dcR1bIwXfcatW0hHHQqWfVTe_yt7mHqMTwAPDnAa3dSm5sHq4evLW6BfFdscDAfDwT3mhCvxy8pa_mC882mWRB9Cl75MDTzgkFzYBNbcwBryg6gQOpYdt87ADrctMBdJYACIpVlWSd0Mqpl83il80MCFtriSur528lNQg-r4yHWMa6b6QTmGvXKCw2eYDgXJ9omDw0M7kfNe8l-pnlfGoa8qSLieMrHrjt-W2g1l5CHAhMFFHoQsbgjLeL7l7u5eJ0enp6WHmEBdzjY7OGKlrubp32L_3ksxFtymTwmBH_Ej02wp5k2yH_eZQTyqDNCP7V2B8xtolrvBQfT1DJ8WUstxed1KH1FxarFVXYpsTz5uzMVqbsxC_r8AY2EL8MqWX_niSOqn42PxvffPjzOkvjVFw5-fiOq0jd--3vc4PHWpm3Ouo2aiPTAfJEOtSiZm-hdv9c81hcI9m-hcD5sftpkpRI9zqPZn4PIC9mOjhHw&sai=AMfl-YSOvuU7nQvdVgAgl1L0hE2zqDUl0xSgQeNzL9PWItIWxXzKk0GMXTXc8w2GQwMle0B1VGL1iv7hcjFM1B1rXxsJPZTIGwKpjQwZ-veT7igCX1XMD-L_duG3NhC6_kWQBozvE_Fjhtf14nMFfrNWxEJkHpKoDJxHycnuJUjk7yT3KUM242XRBkxFSL35IlWWvloXmN8aPPOuAhvttry1ORXsHkutQGP9cw_0ROCWvnN78WkQFMeeAJ7OJ8sfxuQ5pFJ9Pfwpev5c0i6UFCw_gbfNWu5NXSArYUMhuQ&sig=Cg0ArKJSzHZr0VVEza0GEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=169&vt=11&dtpt=132&dett=3&cstd=36&cisv=r20240118.24823&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: colunadofla.com
URL: https://colunadofla.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 16:16:34 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame E3A7 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BU0Xj4pSuZe3SEcnpx_APlu-YwA8AAAAAOAHgBAI&bg=!fH-lfzDNAAZVxkGXdcY7ADQBe5WfOGrWvonzIuWt6qktXnrsgytIZzJLUqEDCfKl5HtJokG1bsQXTUrvRJip2z-6hSrOAgAAADtSAAAAAmgBB5kC_kt8y4MyOivocFSRna_GbzUsVIFXkbPi7hOMPuZ9PgPQ52bFbEQ8J-1efpHVNjm5lFLLD7nN3lZSyVMQ8OdoYYhsKDxwVh-UKkZ4OvVqaTVr8cDMMIGhBvWBUqhmqdJnhohAaxgtTdKRBxQgz1MSaV1-DGGaf5aOj-Klwu90uLfEjbR8r5EkxYa_LkJCCFfUHPPQGHUioyTBKxj8o30CW623RBhkhce3llxJ6bCixGEqAbxFiG_p9JmqrC9meYneum_uN8AuRhPXhcNAARLIqbPjPsf6bkaj7vWfPbtZ0zmJlfQ7sDfQKrjNvwxGFTG8DVaBBY5nELjhebYDBTGzqapKsYukGZ-AurgO7Re-64vpl4J4w9p6QeTaAaKO73-qb8v3WD-6phEMEciyBs-6f-ibgigiIV5UmCM6vtQGw4LQhR_MsMBVU-a3inFBlSfZ_2Cy6wmoyCuX528SfDbMJan4YVB293aGjpaxu9JZCsA1TnbqyAWPWC4moaloXCuDUpWOjjBjss90jXCTAitJYL9YxnYDgKEY5Kpci53Xo6Odk6WiD5jY5fntAB4g_4Cib73sMXw5MgGqPkDBhM62pt_gE6objxlNRQTZ6FCDQ_zT54vja1WgRFMcFJTVeinPm4QEZijuJPOfXbLnM8sxfid6ALqGSrKSEVFmk0EN3DaVW2GqS_kuSl0wg0xZAR5rP_600e25uR4ghER9tupZvDKNY6IMpRTmLTogHA0f6-mUj5QElTBai_c_4WQgLL1CDiAb5tvhXStCGaWjd8sxE_Mry-sVzn4pBqUCRn_n0vFQHkZvl39EvHERsNqy11_IsBkOH3uByJX3X4DRU_0cITYABqT3w18M5Wfpi8uRMkt_4xSOvQ8p-5sqhBwgJmjjrO5LZ9hDrKW_4ArTy2L9FgKX-3vasxefWVfoazYq_9VHR-xNjWXDu2X3kfaFEkITPtNlBaw7bCJQHu6BkrOaS5DYDtR_6S1HITCF-HunQqkZsd7x0vg2jhiHhM1yNis
Requested by
Host: 48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com
URL: https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 16:16:34 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
__tt.gif
t.tailtarget.com/ 		43 B
289 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.tailtarget.com/__tt.gif?tA=TT-11382-4&tE=0&tF=&tI=___de_1705940194133_3648182147&tJ=&tU=0100007FE194AE659706297502F8025D&tX=b.52&tY=1&tZ=108954148
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
99.185.102.34.bc.googleusercontent.com
Software
nginx/1.17.8 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://colunadofla.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 16:16:34 GMT
via
1.1 google
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx/1.17.8
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
image/gif
cache-control
no-cache, private, proxy-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Thu, 01 Jan 1970 00:00:01 GMT
/
4funevyslk.execute-api.sa-east-1.amazonaws.com/ 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://4funevyslk.execute-api.sa-east-1.amazonaws.com/?hash=3b3465aa4b7ae7631900e5ab3dbd7fe2&t=2
Requested by
Host: rtads.s3.sa-east-1.amazonaws.com
URL: https://rtads.s3.sa-east-1.amazonaws.com/rt.js?hash=3b3465aa4b7ae7631900e5ab3dbd7fe2&t=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.207.143.148 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-207-143-148.sa-east-1.compute.amazonaws.com
Software
/
Resource Hash
e4e05b04e7bd1147f1f2913f7ea7c9278f19b6540e54f6085a474047df1c19f3

Request headers

Referer
https://colunadofla.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/x-www-form-urlencoded;

Response headers

access-control-allow-origin
*
date
Mon, 22 Jan 2024 16:16:35 GMT
access-control-expose-headers
*
content-length
2816
apigw-requestid
R8wzijgiGjQEPSw=
content-type
text/plain; charset=utf-8
container.html
48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame DA11 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401170101/pubads_impl.js?cb=31080521
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://colunadofla.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 22 Jan 2024 16:16:33 GMT
expires
Tue, 21 Jan 2025 16:16:33 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
4.js
static.adsafeprotected.com/ Frame E7D8
Redirect Chain
  • https://fw.adsafeprotected.com/rfw/st/1874223/77019481/4.js?ias_dspID=3&ias_campId=1015060172&ias_pubId=pub-8170966538152543&ias_chanId=1&ias_placementId=20839934288&bidurl=https://colunadofla.com/...
  • https://static.adsafeprotected.com/4.js?ias_xappb=&adContainerId=brand_safety_4pSuZe3SEcnpx_APlu-YwA8&cbFunctionName=goog_wrapCb_4pSuZe3SEcnpx_APlu-YwA8&true_pb=
1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/4.js?ias_xappb=&adContainerId=brand_safety_4pSuZe3SEcnpx_APlu-YwA8&cbFunctionName=goog_wrapCb_4pSuZe3SEcnpx_APlu-YwA8&true_pb=
Requested by
Host: 48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com
URL: https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
2600:9000:2450:e000:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5431bf3cd2099a41e143f4ccab7ee74d223ea22941dfd9061c5d241ed05afade

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id
chJzWGuhkrqyagXtH_ztVZhv7KoeCC.y
content-encoding
gzip
via
1.1 9f4aebedb96f04eed26848dbf2d55694.cloudfront.net (CloudFront)
date
Thu, 18 Jan 2024 21:47:27 GMT
x-amz-cf-pop
CDG50-P4
age
325748
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
PENDING
last-modified
Thu, 11 Jan 2024 21:47:25 GMT
server
AmazonS3
etag
W/"eb639ea9c60fa52fae8bd853911ab0a9"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800
x-amz-cf-id
851rZoAzi_mRdr4ryLQsTpzUPQdSTYnUQ1cTgU38X7VtxDWBh3UQ4g==

Redirect headers

pragma
no-cache
date
Mon, 22 Jan 2024 16:16:34 GMT
server
nginx
x-server-name
app02.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://static.adsafeprotected.com/4.js?ias_xappb=&adContainerId=brand_safety_4pSuZe3SEcnpx_APlu-YwA8&cbFunctionName=goog_wrapCb_4pSuZe3SEcnpx_APlu-YwA8&true_pb=
cache-control
no-cache
content-length
0
sca.17.6.2.js
static.adsafeprotected.com/ Frame 4E37 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: 48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com
URL: https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2450:e000:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 27 Dec 2023 10:50:17 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding
gzip
via
1.1 9f4aebedb96f04eed26848dbf2d55694.cloudfront.net (CloudFront)
x-amz-cf-pop
CDG50-P4
age
2265978
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
3c_tDdjamm1C9NcD8SAezp6XqclUeorgiMoXUFuvzKzR1smkGWmCdQ==
dt
dt.adsafeprotected.com/ Frame E7D8 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1874223&asId=e6e6cb43-d112-5d96-5a03-45b5fbae2e9d&tv=%7Bc:22ZZYY,pingTime:-3,time:30,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:11%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:30,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:11,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B25~0%5D,as:%5B25~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u26PcEG+11%7C12%7C13%7C14%7C15%7C16%7C171%7C172%7C173%7C18%7C19%7C1a*.1874223-77019481%7C1a1%7C1a2%7C1a3%7C1b,idMap:1a*,rmeas:1,rend:0,renddet:na,siq:12%7D&br=c
Requested by
Host: 48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com
URL: https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:7d2:94c5:1ce1:2c8f Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 16:16:34 GMT
server
nginx
x-server-name
dt11.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame E7D8 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1874223&asId=e6e6cb43-d112-5d96-5a03-45b5fbae2e9d&tv=%7Bc:22ZZZ0,pingTime:-6,time:32,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:32,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:11,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B27~0%5D,as:%5B27~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u26PcEG+11%7C12%7C13%7C14%7C15%7C16%7C171%7C172%7C173%7C18%7C19%7C1a*.1874223-77019481%7C1a1%7C1a2%7C1a3%7C1b,idMap:1a*,rmeas:1,rend:0,renddet:na,siq:12%7D&tpiLookup=ao:colunadofla.com*&br=c
Requested by
Host: 48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com
URL: https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:7d2:94c5:1ce1:2c8f Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 16:16:34 GMT
server
nginx
x-server-name
dt12.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
pixel
googleads.g.doubleclick.net/xbbe/ Frame 0A04 		624 B
245 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CMD3swEQ28u5ARijme6CAjAB&v=APEucNVkabyECYbA6t9BUbMZmZ845RHEkTdyMvoqp36Q9GQ2elL6LCAadIY9fe0wLU3pSsQTkd6UoMEHpXME6TECmatFY-CzIU3OP6CBOjFwOJeZ_pOLSj9MdXiFisMgA3tng3ZAshOlSa5j6cQCwlTSVCjCi9R2QXyrkXXLkSCH1RacdZVA5-OT2TFFTeOJYwGTZejh4VZD4mQduqW_lYGhOrDVsFxIKQ
Requested by
Host: 48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com
URL: https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 22 Jan 2024 16:16:34 GMT
expires
Mon, 22 Jan 2024 16:16:34 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame DA11 		172 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Requested by
Host: colunadofla.com
URL: https://colunadofla.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/
Origin
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 23:49:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
59250
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61485
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:43:57 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 22 Jan 2024 23:49:04 GMT
omrhp_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20240118/r20110914/elements/html/ Frame DA11 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240118/r20110914/elements/html/omrhp_fy2021.js
Requested by
Host: colunadofla.com
URL: https://colunadofla.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef34301455784e8a56ecc7a80985d6fd317ddd8328b6232dc0bc3223d79c91c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 18:37:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
77926
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3206
x-xss-protection
0
server
cafe
etag
12640889860211258669
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 04 Feb 2024 18:37:48 GMT
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20240118/r20110914/ Frame DA11 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240118/r20110914/abg_lite_fy2021.js
Requested by
Host: colunadofla.com
URL: https://colunadofla.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 18:32:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
78266
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9276
x-xss-protection
0
server
cafe
etag
3558958386372919956
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 04 Feb 2024 18:32:08 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame DA11 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: colunadofla.com
URL: https://colunadofla.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 17:14:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
428506
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 16 Jan 2025 17:14:48 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame DA11 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/window_focus_fy2021.js
Requested by
Host: 48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com
URL: https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 09:41:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
23709
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 05 Feb 2024 09:41:25 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame DA11 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com
URL: https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 18:29:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
78437
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8492
x-xss-protection
0
server
cafe
etag
9878124937798820110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 04 Feb 2024 18:29:17 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame DA11 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DAMRDSeLWiNGg0O4LMI-5to07-sB40GJVes9CFZWvbH0WHzKI_TT2UKLCG2-xzJ51SC_sMBX12xwZxoo5g4eYZmkecSR6xGWsKpWYlyXBehZPJfN0
Requested by
Host: 48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com
URL: https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 16:16:34 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame DA11 		206 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: 48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com
URL: https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 16:16:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66453
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1705495733332172"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 22 Jan 2024 16:16:34 GMT
dt
dt.adsafeprotected.com/ Frame E7D8 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1874223&asId=e6e6cb43-d112-5d96-5a03-45b5fbae2e9d&tv=%7Bc:22ZZZc,pingTime:-2,time:44,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:449,beZ:450,mfA:452,cmA:452,inA:453,inZ:455,prA:455,prZ:458,si:460,poA:461,poZ:473,cmZ:473,mfZ:473,loA:480,loZ:482,ltA:493,ltZ:493%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:300.250,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:11%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:44,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:11,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B39~0%5D,as:%5B39~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u26PcEG+11%7C12%7C13%7C14%7C15%7C16%7C171%7C172%7C173%7C18%7C19%7C1a*.1874223-77019481%7C1a1%7C1a2%7C1a3%7C1b,idMap:1a*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:0,renddet:na,siq:12,sinceFw:32,readyFired:true%7D&br=c
Requested by
Host: 48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com
URL: https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:7d2:94c5:1ce1:2c8f Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 16:16:34 GMT
server
nginx
x-server-name
dt17.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202401170101&jk=294181521280792&bg=!fH-lfzDNAAa8BdJLnAU7ADQBe5WfOC5ybFBeNQibVccneSx360uawSedXqyE8uCm7QlsP0_gkQ8hb4ccP2Iikftqn2t5AgAAAGFSAAAAAWgBBwoAb823pWEh99Aa3h293EoUHBNiZE1xO3JlCRTUVCLpNpefbju6GcCRcUB6s_WAhFVIRPp30L1YUJpvrpOaCUfq5FMsatf2t_NI8s-CD4X5fnqk97fk6tZxbG566Cidx9CB2rVH3Ha1fuLbdHvO5qDk95kCuMg-cMpRYCsyf_g1Uv4Mb0j9i0Mp0o1WZaT9pdwmg_EiOnMl_ACdBjZ80CE4eQCGGJrrUuT8cZUkDCJ0o1H51Dz9OTu7jHauANMzz4CRfiixx07Q3bptIYRry_SbiZD2hbrvD9_Kpy-IJguSeGgY3341WdP90ci3jfGFngg_8g3G3DUTrRDDKToWE4CRMI5VdPX-4Y6HxdUAmKdXB29KpgvhdWDFJ-5kDGTxksu4csBGsPGvrMulgnYOwjY1g9XsdVJsYxyJ5zvacITaN-r3E8PNJtKvK413--vJp8499OiDyaUOCbRZk6joTyUNp9_BNKT_-H0EzTZ2hJ5K3Mi-LYTIOPmF1SFvEjMI70huDjoP9Kfj7Y5qoVsYoBz-ZQl4SihiFepPIv8C69e-7zsJ4tnjO_HE9sJRWbY3ynEFCfBwpia0L_B1sxhB3YypoJ6S3xctvNx3Y2g6LvYLRatTdU-TxlRxE95uwA7rkv_yiakjArNJNSCpw1umUZhaTsfsHoqPazacRUPs3GxbcvRsVVmOqgcT6_922ODNcSWc9FqwSgej071ft5XiobhbWN8DXvkhGoARowIcTbCK121_mfLdNUxghxZIg70-9yicL6_2iBDQxzxu4aNpPxMdztg9grNngXA6kGUrrz5whv-HcG1AW7ks6SNPlmRlhoBZrMr2a9MQn1vaBFt0fBnY1YOG5OiHMH_gyeA2Y_YAjY7rXUrjCLfRq3fSOTQ5CPtM64qvdtCHPm2kSAStwEOsjbbytsG1st0jcvC3srabDZ6rvm_dYHuMVzRoUQGR81ojKQAuF1As5qso7qujmp3tKIs6Vl8-zIix1Mgj5EBj_OOdL9ph7tqnzyn-5jzNESdfTAt4N7uvjGPOvzuo7pEKq24qLRosMMmFzbv6uN-9yWdqDbA4rA5tDmopaw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://colunadofla.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 5BBD 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
428506
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 17 Jan 2024 17:14:48 GMT
expires
Thu, 16 Jan 2025 17:14:48 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame DA11 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d10d13439e9b8fbb9782ee37cca7b50e04c8cdee301e1549c18bda85da3b0b77

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/png
300x250.html
s0.2mdn.net/sadbundle/3246924247423529428/ Frame E048 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/3246924247423529428/300x250.html?e=69&leftOffset=0&topOffset=0&c=mDasyO7XEQ&t=1&renderingType=2&ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0cdcfa51bf7c0951161cf2e242a6ebfda64367f3aabce61b9a3a92b68baa0b49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
allow-fenced-frame-automatic-beacons
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
1654
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Mon, 22 Jan 2024 16:16:34 GMT
expires
Tue, 21 Jan 2025 16:16:34 GMT
last-modified
Mon, 06 Nov 2023 16:08:19 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
ad.doubleclick.net/pcs/ Frame DA11 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjst5Daon5lFyhDK_rj27K5GZ58R9EUnZHyYqvGkqSaGOpwhlfagMF2PMTBadADTcqAXkCis4zYjNGjSj6S_7hlDNyq25BIw3W8RD5kWESWSv3ZWq9z9_hqX2PWsQJ0_Tz8eMkhv_yRE3QDZFgoxdeXk_j5OFUFnYtp4JaUWd2ye0QfTDyKkUosRbXYuCZ_f5LcLjNYUTIOzgdZ1jxgB2KyyMXjZ7jeAy_3VRORsOEX2d3A3uVQ9yL2rS13r-CwG2uvFAWSaMHfGv2dPVvSotmgAX8uA94r_6VmKRO0_qAP8kGI5apv12Q0EmHkCGSpsqCKnvYanT2pFxf8ZGfYR361Xs_EZKYR7mMb9OD4qw9kpsepA113j2aNy3vOUPnHsUqRTubUEtiw4O7bNP3Sh3KW0w-80wnOshIQBIe2ZfsjhhSaD0ehtmI4IyOMHZ6_bW-oxTQWvCOCZiHuThNCE33PPUO-ii1bSkE_4n0ImvoPaigIbXlJWBHP6RyALCd3fbjcn5m72gZgGhq17yLOE14O3gCxkVu1nG3840Dp7xrgM4CsxL1DHSTJHtdni2t3t_239hLvueqt_WS_DkBgKTdmb9NmZLeRWl0u-w0Rpbj6d-XK5E3Yx0B4SMFIm0Dwrgs6eEXRoFwjMca5620_VlKV1sExpgNclwc9CxLsazYWYKZ6sl3n2JrDOd_YPxzuqAkTDLiYIIZ8NM6dxzUjbGaJa-lgKK-jxIAq1jns6G_rEi4554ghCCJIkmULx6QQjpjN5l0sll9oTzrCQexaLZRWzrkKgSPcKtJW9q_xKjhJeSpaySKxvmGZwphcrn0UfKR648dk37a75oHc4xx4w2jBfTPBShxSUJajhFV_5mi7qMm30_Q-r8c0OT_CIrQIiJ9-CwljZRFAs46t_Tf0JAi57V6wFrdB2J0U8BWFmY-S6ZrlOtfEYfwIQiUr9tkApPe2YlLoJ9Jnj2aRjDGDebUpa-gL0VVViBLY8l_EpD0z5ikTUZtYWXk6RA9TYYToNCYlWgMbzbyfe0Oesg2i0_KO5lfGqhmeA8ELtJ2oPxazl4Doj8LMv6w2snNXGt24RV-OwVY5ogxunOcJUUn9UXQroWhLNCMxWp6QbW0JYcbDtVk7P1P1uNyAjJtIoWy3-IPBhZnU3k4ph84vFgqwDSEmaqHrsiBEyZ9tgpFTNS9bzcuC2eBH_i2L3aiq3NB4TsVPCzoapMo-9efe8MeWpNRs3UCeyWHHWt1sWsuht6RCwvgsfrcik35K6inzTDExPWKEBzv_8fqRCo3vpIEhK2RFp61i_leMcDYl4U-GcfCQq-aTJLXZnJv5-9MhiDDM7qw-tdV5kYgwl6heQu8E4yCuOqOVOaYL_oeQbMQg2zURfPavPL6EQgrPBB-cjAY0zkbEFC9YHLik-hpG9lg7vI084efsVkGnYggPLeMD9qhvsjKd1NGfyzUqO_EkQ&sai=AMfl-YRpTNAe723E6Z7txcWi_qEByuh35M0LOvUP2BUaigO5pIJ6gjbpttL73VlAaY9rTm8zDIj5dOfgRQGyYul7j_xzYSw9dFZyZ_dLBVGo-LKjKa2lALAgDLncdoAQ_K4AxUkTIbb4g28dB1_SXEpq6kx7vVCJ6WyOVVhOLR1_HENl38ub4CkcORBGMPFJqi9-rJrrECv7JvZiJmiuvhNFFG_d3YdO3ktpwSsDT2c_dcksqueVM2dqcooMM7dNwVyE3LWCm9bBmvNxbfGSi_hEUuoakaxZE-joM9XlGcyB4jdnDt0cnD6eTnI4qyKjVwMDsGRDUSNEyvJr6_cogvDjaz7gQdstk-jO1tj6HYwC0Qx7_u2JOd0_3LYF2wVEIO2sgfjAP5NyQQHrl5LoStir2IKgHaymmTOTWDDbATdCukvQzoO3x0f92xcwHm_pBeweYGzxcVty0-tvpRlxL5qH-RdBYsf93nf5zGjv19OUOa-pu6H1m5X5u9wcGulllO6TmnSqxG047cJT&sig=Cg0ArKJSzDzQY0nAMMb_EAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9ydGwuZGU&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=55&cbvp=1&cstd=47&cisv=r20240118.94818&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: colunadofla.com
URL: https://colunadofla.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Mon, 22 Jan 2024 16:16:34 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
rum
dsum-sec.casalemedia.com/ Frame 0A04
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHA69z9e2lnpzbPz_mTH0u0&google_cver=1
43 B
738 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHA69z9e2lnpzbPz_mTH0u0&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMD3swEQ28u5ARijme6CAjAB&v=APEucNVkabyECYbA6t9BUbMZmZ845RHEkTdyMvoqp36Q9GQ2elL6LCAadIY9fe0wLU3pSsQTkd6UoMEHpXME6TECmatFY-CzIU3OP6CBOjFwOJeZ_pOLSj9MdXiFisMgA3tng3ZAshOlSa5j6cQCwlTSVCjCi9R2QXyrkXXLkSCH1RacdZVA5-OT2TFFTeOJYwGTZejh4VZD4mQduqW_lYGhOrDVsFxIKQ
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 16:16:34 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M%2B3iZAO95qI%2FEZ1Ecr4I4dOnqOwIAKD3hureUfFDc4VixkIEXvKqlUJvqda4MB2kOmp0CPgNwnYYhj%2BIcuY3dVUeu2HD1Ff6jZJY41Um7KPY5q2gfmfdPYslBWZN%2BznRx%2FiLq7GOfCVW%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
84991a293b2e2671-TXL
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 22 Jan 2024 16:16:34 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHA69z9e2lnpzbPz_mTH0u0&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 0A04
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Za6U4ZN7oIWYpN0MSEQ1kAAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHA69z9e2lnpzbPz_mTH0u0&google_cver=1
43 B
736 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHA69z9e2lnpzbPz_mTH0u0&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMD3swEQ28u5ARijme6CAjAB&v=APEucNVkabyECYbA6t9BUbMZmZ845RHEkTdyMvoqp36Q9GQ2elL6LCAadIY9fe0wLU3pSsQTkd6UoMEHpXME6TECmatFY-CzIU3OP6CBOjFwOJeZ_pOLSj9MdXiFisMgA3tng3ZAshOlSa5j6cQCwlTSVCjCi9R2QXyrkXXLkSCH1RacdZVA5-OT2TFFTeOJYwGTZejh4VZD4mQduqW_lYGhOrDVsFxIKQ
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 16:16:34 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BzKz8eUCODJpIZFdbmZoDJY7aNOL6Cl%2FPubctCWcURGN9YkL3NuiE8VNwPX7PgfJLyKP18OFfEbdnhj%2FcV4Hrx1Ts1Sb1IDpvyQIY8EmydSNX%2FNfIor4cMQ3tH2Ng3oh7unkBY%2Bgh1Uc0A%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
84991a298bc62671-TXL
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 22 Jan 2024 16:16:34 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHA69z9e2lnpzbPz_mTH0u0&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 0A04
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEIcvZB41U-A7JknQjC4Xb7M&google_cver=1
43 B
1007 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEIcvZB41U-A7JknQjC4Xb7M&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMD3swEQ28u5ARijme6CAjAB&v=APEucNVkabyECYbA6t9BUbMZmZ845RHEkTdyMvoqp36Q9GQ2elL6LCAadIY9fe0wLU3pSsQTkd6UoMEHpXME6TECmatFY-CzIU3OP6CBOjFwOJeZ_pOLSj9MdXiFisMgA3tng3ZAshOlSa5j6cQCwlTSVCjCi9R2QXyrkXXLkSCH1RacdZVA5-OT2TFFTeOJYwGTZejh4VZD4mQduqW_lYGhOrDVsFxIKQ
Protocol
H2
Server
185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 16:16:34 GMT
an-x-request-uuid
b0ecf730-66d2-4fd5-b83f-3f4c24e5ca24
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
217.114.215.131; 217.114.215.131; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 22 Jan 2024 16:16:34 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEIcvZB41U-A7JknQjC4Xb7M&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 0A04
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODA2NDE4MTQ3NDcxMjczOTk0
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODA2NDE4MTQ3NDcxMjczOTk0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMD3swEQ28u5ARijme6CAjAB&v=APEucNVkabyECYbA6t9BUbMZmZ845RHEkTdyMvoqp36Q9GQ2elL6LCAadIY9fe0wLU3pSsQTkd6UoMEHpXME6TECmatFY-CzIU3OP6CBOjFwOJeZ_pOLSj9MdXiFisMgA3tng3ZAshOlSa5j6cQCwlTSVCjCi9R2QXyrkXXLkSCH1RacdZVA5-OT2TFFTeOJYwGTZejh4VZD4mQduqW_lYGhOrDVsFxIKQ
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 16:16:34 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 22 Jan 2024 16:16:34 GMT
an-x-request-uuid
357f1b12-6258-4106-8863-cc9e92ef8d09
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODA2NDE4MTQ3NDcxMjczOTk0
x-proxy-origin
217.114.215.131; 217.114.215.131; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
pagead2.googlesyndication.com/bg/ Frame 5BBD 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 10:08:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
22082
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15219
x-xss-protection
0
last-modified
Mon, 15 Jan 2024 09:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 21 Jan 2025 10:08:32 GMT
createjs_2019.11.15_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame E048 		236 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3246924247423529428/300x250.html?e=69&leftOffset=0&topOffset=0&c=mDasyO7XEQ&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/3246924247423529428/300x250.html?e=69&leftOffset=0&topOffset=0&c=mDasyO7XEQ&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 16:16:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64275
x-xss-protection
0
last-modified
Fri, 15 Nov 2019 19:16:20 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 22 Jan 2024 16:16:34 GMT
300x250.js
s0.2mdn.net/sadbundle/3246924247423529428/ Frame E048 		141 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/3246924247423529428/300x250.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3246924247423529428/300x250.html?e=69&leftOffset=0&topOffset=0&c=mDasyO7XEQ&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bf89bd783d6b836aeaaa801080e2fc096e835f3a9bcfe17af07cfe76546a4a09
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/3246924247423529428/300x250.html?e=69&leftOffset=0&topOffset=0&c=mDasyO7XEQ&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Thu, 16 Jan 2025 02:17:49 GMT
date
Wed, 17 Jan 2024 02:17:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
482325
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
26162
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 16:08:19 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
Enabler_01_250.js
s0.2mdn.net/879366/ Frame E048 		120 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_250.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3246924247423529428/300x250.html?e=69&leftOffset=0&topOffset=0&c=mDasyO7XEQ&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
31d02f43dd0c7fc5c0d95db087a23f1c2d729c93f10450884c8da6b415f7839b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/3246924247423529428/300x250.html?e=69&leftOffset=0&topOffset=0&c=mDasyO7XEQ&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 11:17:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
17950
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42247
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 21:28:42 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 23 Jan 2024 11:17:24 GMT
clicktag.js
s0.2mdn.net/sadbundle/3246924247423529428/ Frame E048 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/3246924247423529428/clicktag.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3246924247423529428/300x250.html?e=69&leftOffset=0&topOffset=0&c=mDasyO7XEQ&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ea51f498a2e11e522503ca4033674ae7233a3d2a5e5fe9c07491f5fbe5883ac7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/3246924247423529428/300x250.html?e=69&leftOffset=0&topOffset=0&c=mDasyO7XEQ&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Wed, 15 Jan 2025 17:55:58 GMT
date
Tue, 16 Jan 2024 17:55:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
512436
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
995
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 16:08:19 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5BBD 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=B5ths4pSuZeXXBo6S7_UPgpS7wAkAAAAAOAHgBAI&bg=!ExClEF_NAAa8BdJLnAU7ADQBe5WfOCiHE8mXzM9U06BXXQ1FR5bloriZlKWHI4ZQELZnXS2PgF11tF5eyGYyN0G_KfKHAgAAAClSAAAAAWgBB5kDEOyYvpmnbLyALGnNN9KlIbXUoevI-yVetX0HhJGcVxPMit7kIHfkrf8TmKzBua4TrYRR4KtAJj97Le4obuXNRFakMy1y3oXe7m3UMZyrobNtcRoVEo-cPLmu6HSR8PJ-QBrMQ_70OvqY3kVs9awni5-Dv0d_1WgT1Pm6AW51hBfxsyKzzw9gQfUfWaOBXZfeeGZmNDfHhq0XEw4nSd9puG9r9fzm7PpUNisr_4OTstxJ8XKrkLHKj1AicrQ0pIHm_g__Ju5KzW5eKHos48e3kwPjgHxgHqIP3ZJ2PMRh1U9PIz9jk7OAHKkHPe7Zs2N4j-E2XiZYQn2mv3gXwyY63ZxD1PRLLEA0JdnANzUaVPuikfVCPKFUXWyoXH5T2C1b7LpU3AHKAWXxW-YVFKRA8-FyahAgyiT8xdyzYsOA1pYSkYj6-EpwliMfESSfA-8V5PtFSQJUajFe_lfx-hzbdtjH3iekGvZ6BuAybOX3eLOyUBsenOskF4d0r-2-6nFCCVjXFYqZ-VkbVMz5Tk60Je5zBTSif8CTZ9h3wv-hEkYv_Yi-6WI08Dcgdyd06HeBNLBDcJqM_5MPbJY4PW2pOxhsa1mljXz9t3EdrXbTZl7SUD8PCMt0VgEWHm7t8OCTNN-zMLUNLRwB5Lm5W-c42tGRKQvashF5PeN29N6hwxQruP9g00mitCC-ZotVgjbrR1aWozkfUqHzzavpdRk5ngL91MC7swxSSy8eOgsqNjRvoRL-Wey-zCjQ2EfI4__f_yShopmPS0kPP2UriW1qSLCjaXZNVfS8vr5QSbj0B6IT8aCwZ9cBCK34rngR83WxPq9gfqGSPE5gKMrgnkvV4DljzpkVcEmtFtbcmR63BwpyHIEoGskWKcIryLPdElmYAEVuR-8s61FfnqIYSAi01VXRNriwIrYG_Elet52wiuiXe2qmyBPVlI7tlAdWfhiyfCtZ_X5pvjGI5xZPc_ZwM-WJBvzktd-tncNAjXlvgALUCrN1oSjthUvrQW3K5AeD_HlC44q6_23M5RjK7lffPs0
Requested by
Host: 48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com
URL: https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 16:16:34 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
ad.doubleclick.net/pcs/ Frame DA11 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjst5Daon5lFyhDK_rj27K5GZ58R9EUnZHyYqvGkqSaGOpwhlfagMF2PMTBadADTcqAXkCis4zYjNGjSj6S_7hlDNyq25BIw3W8RD5kWESWSv3ZWq9z9_hqX2PWsQJ0_Tz8eMkhv_yRE3QDZFgoxdeXk_j5OFUFnYtp4JaUWd2ye0QfTDyKkUosRbXYuCZ_f5LcLjNYUTIOzgdZ1jxgB2KyyMXjZ7jeAy_3VRORsOEX2d3A3uVQ9yL2rS13r-CwG2uvFAWSaMHfGv2dPVvSotmgAX8uA94r_6VmKRO0_qAP8kGI5apv12Q0EmHkCGSpsqCKnvYanT2pFxf8ZGfYR361Xs_EZKYR7mMb9OD4qw9kpsepA113j2aNy3vOUPnHsUqRTubUEtiw4O7bNP3Sh3KW0w-80wnOshIQBIe2ZfsjhhSaD0ehtmI4IyOMHZ6_bW-oxTQWvCOCZiHuThNCE33PPUO-ii1bSkE_4n0ImvoPaigIbXlJWBHP6RyALCd3fbjcn5m72gZgGhq17yLOE14O3gCxkVu1nG3840Dp7xrgM4CsxL1DHSTJHtdni2t3t_239hLvueqt_WS_DkBgKTdmb9NmZLeRWl0u-w0Rpbj6d-XK5E3Yx0B4SMFIm0Dwrgs6eEXRoFwjMca5620_VlKV1sExpgNclwc9CxLsazYWYKZ6sl3n2JrDOd_YPxzuqAkTDLiYIIZ8NM6dxzUjbGaJa-lgKK-jxIAq1jns6G_rEi4554ghCCJIkmULx6QQjpjN5l0sll9oTzrCQexaLZRWzrkKgSPcKtJW9q_xKjhJeSpaySKxvmGZwphcrn0UfKR648dk37a75oHc4xx4w2jBfTPBShxSUJajhFV_5mi7qMm30_Q-r8c0OT_CIrQIiJ9-CwljZRFAs46t_Tf0JAi57V6wFrdB2J0U8BWFmY-S6ZrlOtfEYfwIQiUr9tkApPe2YlLoJ9Jnj2aRjDGDebUpa-gL0VVViBLY8l_EpD0z5ikTUZtYWXk6RA9TYYToNCYlWgMbzbyfe0Oesg2i0_KO5lfGqhmeA8ELtJ2oPxazl4Doj8LMv6w2snNXGt24RV-OwVY5ogxunOcJUUn9UXQroWhLNCMxWp6QbW0JYcbDtVk7P1P1uNyAjJtIoWy3-IPBhZnU3k4ph84vFgqwDSEmaqHrsiBEyZ9tgpFTNS9bzcuC2eBH_i2L3aiq3NB4TsVPCzoapMo-9efe8MeWpNRs3UCeyWHHWt1sWsuht6RCwvgsfrcik35K6inzTDExPWKEBzv_8fqRCo3vpIEhK2RFp61i_leMcDYl4U-GcfCQq-aTJLXZnJv5-9MhiDDM7qw-tdV5kYgwl6heQu8E4yCuOqOVOaYL_oeQbMQg2zURfPavPL6EQgrPBB-cjAY0zkbEFC9YHLik-hpG9lg7vI084efsVkGnYggPLeMD9qhvsjKd1NGfyzUqO_EkQ&sai=AMfl-YRpTNAe723E6Z7txcWi_qEByuh35M0LOvUP2BUaigO5pIJ6gjbpttL73VlAaY9rTm8zDIj5dOfgRQGyYul7j_xzYSw9dFZyZ_dLBVGo-LKjKa2lALAgDLncdoAQ_K4AxUkTIbb4g28dB1_SXEpq6kx7vVCJ6WyOVVhOLR1_HENl38ub4CkcORBGMPFJqi9-rJrrECv7JvZiJmiuvhNFFG_d3YdO3ktpwSsDT2c_dcksqueVM2dqcooMM7dNwVyE3LWCm9bBmvNxbfGSi_hEUuoakaxZE-joM9XlGcyB4jdnDt0cnD6eTnI4qyKjVwMDsGRDUSNEyvJr6_cogvDjaz7gQdstk-jO1tj6HYwC0Qx7_u2JOd0_3LYF2wVEIO2sgfjAP5NyQQHrl5LoStir2IKgHaymmTOTWDDbATdCukvQzoO3x0f92xcwHm_pBeweYGzxcVty0-tvpRlxL5qH-RdBYsf93nf5zGjv19OUOa-pu6H1m5X5u9wcGulllO6TmnSqxG047cJT&sig=Cg0ArKJSzDzQY0nAMMb_EAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9ydGwuZGU&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=175&vt=11&dtpt=120&dett=3&cstd=47&cisv=r20240118.94818&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: colunadofla.com
URL: https://colunadofla.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 16:16:34 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
container.html
48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame B57D 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401170101/pubads_impl.js?cb=31080521
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://colunadofla.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 22 Jan 2024 16:16:33 GMT
expires
Tue, 21 Jan 2025 16:16:33 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame 96E1 		624 B
245 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CLSETBC6jZEBGLaEw-ABMAE&v=APEucNXVg3LYZgPVINqBaRx-AmFvRUIipjNHVUrzjAgu27R2e3xr3YiqnlIsTnIWiaB89sA_jERKYHZDrcbm96KPPIrmSjwikuqj_IwiNUBMVDFfA4iAUlhvSXPUUWrGUGyxn2aF8Bv4KlEAe0O0n4usiP9ocnJipjAvHDq-Q2H5ods59nqB84_jhQte43AMIEblBBZjg1YBvhRIPSudGsMt1ZqSzZeqpg
Requested by
Host: 48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com
URL: https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 22 Jan 2024 16:16:34 GMT
expires
Mon, 22 Jan 2024 16:16:34 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame B57D 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: 48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com
URL: https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 16:16:34 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31485
x-xss-protection
0
server
cafe
etag
7119415641918660631
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Mon, 22 Jan 2024 16:16:34 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame B57D 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BMro7w0a66YdJUboIK3p_YYHEYo8j1Paw9fr6olEVsuKsGULufbI3lIR-JtSV19VTYc63fhfMukkyo16c8yb2XQ61VN4AFJ26_LllBcHQlEvpyJe8
Requested by
Host: 48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com
URL: https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 16:16:34 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame B57D 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/window_focus_fy2021.js
Requested by
Host: 48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com
URL: https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 09:41:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
23709
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 05 Feb 2024 09:41:25 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame B57D 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com
URL: https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 18:29:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
78437
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8492
x-xss-protection
0
server
cafe
etag
9878124937798820110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 04 Feb 2024 18:29:17 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame B57D 		206 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: 48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com
URL: https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 16:16:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66453
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1705495733332172"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 22 Jan 2024 16:16:34 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame E048 		8 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_250&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4f6bc8a60f49ac5dddf6fd0c24154365852936219dcdd2d3a8e6ff2212e9fc5f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 16:16:34 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5880
x-xss-protection
0
_img.jpg
s0.2mdn.net/sadbundle/3246924247423529428/ Frame E048 		45 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/3246924247423529428/_img.jpg?1698745863931
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
60ee486be9faf989f46472517ee3598f7d62842fa1774657d9c97f217ab14b95
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/3246924247423529428/300x250.html?e=69&leftOffset=0&topOffset=0&c=mDasyO7XEQ&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Thu, 16 Jan 2025 02:22:30 GMT
date
Wed, 17 Jan 2024 02:22:30 GMT
x-content-type-options
nosniff
age
482044
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
45756
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 16:08:19 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
korn.jpg
s0.2mdn.net/sadbundle/3246924247423529428/ Frame E048 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/3246924247423529428/korn.jpg?1698745863931
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61bb6a12927ad37b7421b359b93b32d4c6bd48de246ff47b7c56d8b1e1986d76
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/3246924247423529428/300x250.html?e=69&leftOffset=0&topOffset=0&c=mDasyO7XEQ&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Thu, 16 Jan 2025 22:42:32 GMT
date
Wed, 17 Jan 2024 22:42:32 GMT
x-content-type-options
nosniff
age
408842
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23000
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 16:08:19 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
rum
dsum-sec.casalemedia.com/ Frame 96E1
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHA69z9e2lnpzbPz_mTH0u0&google_cver=1
43 B
734 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHA69z9e2lnpzbPz_mTH0u0&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLSETBC6jZEBGLaEw-ABMAE&v=APEucNXVg3LYZgPVINqBaRx-AmFvRUIipjNHVUrzjAgu27R2e3xr3YiqnlIsTnIWiaB89sA_jERKYHZDrcbm96KPPIrmSjwikuqj_IwiNUBMVDFfA4iAUlhvSXPUUWrGUGyxn2aF8Bv4KlEAe0O0n4usiP9ocnJipjAvHDq-Q2H5ods59nqB84_jhQte43AMIEblBBZjg1YBvhRIPSudGsMt1ZqSzZeqpg
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 16:16:35 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f2jQczKndrnYQP6dXu1RnHSiD1xOaAb6kg88qoVScVuBBGjbvr0Bk%2F23MdjG3uWmF4tBLn2Ks3Aqslq9xNNM8M2nQsxP%2BTng09E%2B%2BkkPZpdwxdBuVycY0HKb%2FDzGkeagkyHRciOPslio7Q%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
84991a2a7d7d2671-TXL
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 22 Jan 2024 16:16:34 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHA69z9e2lnpzbPz_mTH0u0&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 96E1
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Za6U4ZN7oIWYpN0MSEQ1kAAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHA69z9e2lnpzbPz_mTH0u0&google_cver=1
43 B
736 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHA69z9e2lnpzbPz_mTH0u0&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLSETBC6jZEBGLaEw-ABMAE&v=APEucNXVg3LYZgPVINqBaRx-AmFvRUIipjNHVUrzjAgu27R2e3xr3YiqnlIsTnIWiaB89sA_jERKYHZDrcbm96KPPIrmSjwikuqj_IwiNUBMVDFfA4iAUlhvSXPUUWrGUGyxn2aF8Bv4KlEAe0O0n4usiP9ocnJipjAvHDq-Q2H5ods59nqB84_jhQte43AMIEblBBZjg1YBvhRIPSudGsMt1ZqSzZeqpg
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 16:16:35 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5QjHVA81b9%2BgY6%2BDcSc6x5a0ECmJFC4%2Fq5H9lGnISTtQHZc6EpulLQ8gHuVdwxxsBlhwN2hVc9YZsp%2BR%2FiV8rY692xlPz5HDysHA7mcZpWrP1Vb%2BEvGpOkM0vdOZL0pSruiSh2vEfChnwA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
84991a2afe672671-TXL
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 22 Jan 2024 16:16:34 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHA69z9e2lnpzbPz_mTH0u0&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 96E1
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEIcvZB41U-A7JknQjC4Xb7M&google_cver=1
43 B
1010 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEIcvZB41U-A7JknQjC4Xb7M&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLSETBC6jZEBGLaEw-ABMAE&v=APEucNXVg3LYZgPVINqBaRx-AmFvRUIipjNHVUrzjAgu27R2e3xr3YiqnlIsTnIWiaB89sA_jERKYHZDrcbm96KPPIrmSjwikuqj_IwiNUBMVDFfA4iAUlhvSXPUUWrGUGyxn2aF8Bv4KlEAe0O0n4usiP9ocnJipjAvHDq-Q2H5ods59nqB84_jhQte43AMIEblBBZjg1YBvhRIPSudGsMt1ZqSzZeqpg
Protocol
H2
Server
185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 16:16:34 GMT
an-x-request-uuid
b7ffebbd-167a-4820-a59e-59d09e36cf66
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
217.114.215.131; 217.114.215.131; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 22 Jan 2024 16:16:34 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEIcvZB41U-A7JknQjC4Xb7M&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 96E1
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODA2NDE4MTQ3NDcxMjczOTk0
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODA2NDE4MTQ3NDcxMjczOTk0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLSETBC6jZEBGLaEw-ABMAE&v=APEucNXVg3LYZgPVINqBaRx-AmFvRUIipjNHVUrzjAgu27R2e3xr3YiqnlIsTnIWiaB89sA_jERKYHZDrcbm96KPPIrmSjwikuqj_IwiNUBMVDFfA4iAUlhvSXPUUWrGUGyxn2aF8Bv4KlEAe0O0n4usiP9ocnJipjAvHDq-Q2H5ods59nqB84_jhQte43AMIEblBBZjg1YBvhRIPSudGsMt1ZqSzZeqpg
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 16:16:34 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 22 Jan 2024 16:16:34 GMT
an-x-request-uuid
71b9a94b-2946-4dcb-a37e-9a1b4d1a68a5
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODA2NDE4MTQ3NDcxMjczOTk0
x-proxy-origin
217.114.215.131; 217.114.215.131; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
logo.png
s0.2mdn.net/sadbundle/3246924247423529428/ Frame E048 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/3246924247423529428/logo.png?1698745863931
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
35000276f83199c7bf1b7cdd6cd4e2e964922951185291bfeb7accc8c83f2408
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/3246924247423529428/300x250.html?e=69&leftOffset=0&topOffset=0&c=mDasyO7XEQ&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Thu, 16 Jan 2025 14:18:09 GMT
date
Wed, 17 Jan 2024 14:18:09 GMT
x-content-type-options
nosniff
age
439105
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27208
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 16:08:19 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
gen_204
pagead2.googlesyndication.com/pagead/ Frame B57D 		0
24 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=5180653536184&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 16:16:35 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame B57D 		0
24 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=5180653536184&version=m202309260101&ct=76&x=1&cor=3881728451157259300
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 16:16:35 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame B57D 		110 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BN7IAYopNFwbKSEM1CJvjKbvwaW30JewpL-YjnV2b4qyZf1Pmas76CxUCygVBq4eSov9DW53hw4LW_IUHWuyGXYsuUOBtXbQmtrHx2BMCAxpzSOulzBZ99yvMGkq3SJoW_XydgDcUP8yWdH3wrGBO7PkzfKFE8EywcJKn3tGNqxyl-vC8&dbm_d=AKAmf-D9WGk1zcNVW4cvOGXWDrYq5CZSlAV4nmTm0xDvYLSdjqhUlmhf3caqq93Lv_F2h5AGqfCWp9DaU0gwF9hD-K1Tnuax8-Exa0hxMjF0IHuPzEVOTOQBIwHzj5asAZ05q5yHoTFgxyhCaMN3a3JUwZrgaUX_rkeapg8kb7pbJosBV3e04npKvok1v9VtYlBHsrBO2pQoTEgUXlIdnRZtiarUgC_Z_4yzd3o8xIRZ9X9tbbIlJrRboSlyEP6cxepy8jIMHBDdlYv2t6APWNCHxyTMCi60RbcD3dCvkgny39qo8SAwNdGxmpQWdpg5ELaLN_dtkQLX1q7XMPzNtyAPk8BMs7rJ2bjpY_Jqbj84XSngShkKJ7WH8y4qizOINxJUiijDKRCZSZrPFJuCkDxROUWCA_xE6BteFlZy5patWbPGGx00-DyyotxgT3-frbkDI9ZA1i5SCePAqKmIFKJR1yzFG1Ac1Tz8zav0ivI4TigvKJx5so2GW5uZ1mggrngH68jBuSEIzS85_SqiUW9a77U7E2No7yvo3DkV2M-DeMtqm7o7yUQOl7amljYvESTojuqmU0qrYl71EZDq8MbNoPtMNlL6YYviCFEzy_1lyceyGd1Ha9a-0rsOWwXQxud4H_YJ5KXwhY8n3ElrHAvhVOGqgIS4XkTcTHDhulp1iFFySKEQMMrB6SYMIhuQ41THK3mheJO67NvzhM8BR6Ka_cL7dqmRaqHS1CC4pqnQDDOQXue4ke71lug5mITz5ZJpmpB6q-BR3rLYpnCBZxRazCxypTIJztXmosJa2PHYNClWJDhOybWW_-04fiAkuzaUcIkPBeC64mDOcfHR1JhOBzyNRaFlCfbcmr3MyL5pV3qKYypX7fmICBF3M5U-Ob_CJ47OaZ36xvTFsCmKUoSdaojsx3O5zJ_67c21NBt9RPzEM8lMNOKu_ptltq-el_Pv00zyo-teg9FGGbRGPJrb0MUpBY2FSKM6Op6VZbYJsCH7Mkeei5xnOOOdlgJh5nF3i0NqScBGUwM_KsnhanAjEY7eCwsTCVnyCJu4j8hEIE-tfNyKfI_P0ycoEUPNjf0uktdWEIYtC4jHCq3JcFwG0Yy84LvFYDTyYT_vjJCotuRC73orOaSsKcXSTkM7ytefdio62251bk1TJxtQ1lYZtY-9rG_g9NCM3ZB3CqdQlp2A8VCg72n2pvX8YddnT-avVcU2lr0gZUgL-hgYodA5tcG68vcdKiyAJCC-BIw1Q9mdSjFVHa0wa7z-I6TGQKLnvA6uppXPWxkeoXo_uEmVkMbj3ywjaAxfjoi98th0XCmmFjt4FROVOnLALTml4Y14Kt_9yvTnW7WI3ZTx3RXdnHYcQJO29xAqgoGh-uxVGTIpOO4FwTbaNGgogmNbNjYehhyHIec1O_aGIAzrDrTdvH0zP4USbj9UzmZeWciS0Txd3t6cdkJYiX_VO36NpeTXLVDCMHpeZb1O35dWqUwJfRUfXLaNNx7sZNxFdbSH1jF6h_-vjUKDesGoOD9Kl_KTKdhAhfQ5hjpJz1xNgcIozZRZiSQI6I375IDF83FdB_s28G9uHZqyP36Jzg6WDDdFn-6rRhJ_zI4SjAK9SdqagMRfigmXFPTzaq3DOCVFjktSrWXZVn-bRcymySCYJxlFABNnec7YGBI7DpftAQno4b7A2JP96Hvtv9CAYcsL10N9cTWGvY7btVwhMJnTsutPsqLiTw5fNfBNN0nXzl67k-RlFWiQxdmH02-FuVyRk77-YBCwSklBkNTrLoh-KNrfq6Y-eGix6c2Uh-4SUiJ_iOhqmH3WJFvyTrC9o3MjJa74LN6Srhf2TdHPOfXcbS2Rn5Pf4E_CyJd7iGq7sWXnQfUJ8hlKHThtWtaHhu9iPZiCi7rTG-Z24m2ddo0R6djTbNCbrVpFIpF5lKgrzF2Y8uFqaO7KQZqj2gKHMgtHPj1LBbZj06afw6m4EkeG1jK35YudAsGliIX1aCzw5DhzBEBZvXkn1fSLogmAqyX8_Z3jpXiwsiD4Aot4YVbPk_15UUQH4xnKJ4SXserw64KjIs5ai1Za28veQQrrFnmKs8nz1j7twjsiCbnsZ1_SqFHsBroCM09yRGplp_NrN1iiX0MlUI8fVihqWRSqnmivwnkVBWFDeKRhZNWhHIXWu_UOcDnbAvilSurO2OuRZx16Tgi1XK-tYV4g57uMGY3-H3IAMcHsAVHPYxnh5XtLNDtOp2osh2JEns8PxBxmvA_qhf46klDzS_VIlD3lvunL6vS9Gr9TQFLD5drVkdMiIoDkG5BDS0yHIhVnUEkvcS_406YVIb0sXFcgniDikWd1b1saM9Qh1r32_m1CUpSOrLnfcYS7EtbEKEvdlOBnDRlIMCS5t0QEqAoC_X_9xtAM8D54R3uLCMgCUHQt8dthuKFHuj023i23ZtIhJ-aJ-zxafTPerdwY-8GKd_4ysN63tsIk-0b2sRS73MbK7yMxxKQNbd_dwU4jV6npHWwheY3TevPy67MwE9rRNBnGu4YqmU9cDbK-_b7yxqK5819N2xYeaWrsDW7UDxO6ffXJTF7kQblcRHPI-juSajEUlu_ccEF1puzu4W2jBuCNxA_VijPsXUoAs9kTb869WXhbNkak915q_wZs8lNubxOdE6X9Zk3KL8JYYPQeBKgCpZ2q1oDXUujZfj9RB1a1gD5kqtfHFp1Y6jSvs1yeARxP38V8RsTouhMYOEJfww2sQIN-5CzmoIfmWLdfHV2wOE7FpvPsGxCReGcgsReSpFANlF9CkVxjNnAb4Dzy_mSUomKD3-bJY54XCqopbPOLamT8v__rUvBRxXr4UGElhG028cR7tU67wbptV7jAkhycDKXNgkZqMlNtyi6acLUgkZUXfNkZWTx-9b8dWAdYQwVTjoXqMPay5vhQh3TDdQOjGPio7a6RRkfLkLl0wXFKj4e8VXHXGyTEuMdibQAw0xTCjzFI2Q_Jg0EoH65x7TFvH1hsVe7sBhI820EhIcgtptbJocu98MuKVKpIV3PlKxkzK-qASJm6Uo-0QB7HSdJEWAlaQ-XLnL0AWjpNMkniaq-vLhSciX9TzHLMv8KQqWM2mg1oqjghP_Zr5cvSCTsx0YqOvZiqRlj4mQIGpQwYeuoH8IHbjdXX-jH-iP6Qk6kcOjoEejdeVyTksLfm1NTbWH-0sSN_ChyxaRow0D7YMKCQ68VWpOu4hkyuB_bvanLSV6lbnvtg65X2t91NKi1PIjKrb_V56dslWzRp7ch3a3fI1NfVFNttfmo8kFlp8o_dLyuVzcS_pL3Xk9Ccmqkq-idp8Hj3JWOMv2DYNlMOmNjQ3aYDOkaH2PVnpwRJUzADcIKbMiIAyqFZgMOuLO3TnuJNnaIGZHN2EJpvAkGDq7Yn_NDSVTxW8imfL_KsnQcrJTPD2-lBnITE6HHnLy8Pxo05XkCaUR0rvzXd-WMib5pFhQXE6aazHvCxWhvaKGIda8xbb4lO_J_G1sRywciBGzL3wJ_658sWEoxafxwTxQ0eE4O-bh8PHSeiVm9pn7mMxMX6giKGYkK2DN3bBRxJjqHmZQ943pIbbpKiAhJEnfuTCY2UD09lG0zBnuXrX0eWoC3bcr4FIeBTB4Dru__6hHsgJSFXwHpXK5CywyUO_Cd_pVU0GRtkNnyRtx0gGkOATYwxuHZt3rpDLh1YFyCcPYX2OZykh79U-tADbp4GlAwRTMHWJ4SnuYNmj4MAYoQcaqAUBuSppmdXv2BJzyxmVNOfWnqjmxR5PbIUwE31JApu8slbysPk_mf6KK9J46p5PxQF7zOHiUVYUofxv9TYxI4weIWTCku_IBmmsom2qi8vu8_Bxu8K8KphSeW22-LlZfWLxV4Lpx_uu4A&cid=CAQSTgAvHhf_F10R54y21wfYu6RZfrDdnIUkkxXM8rtQhBhHjsL3o8bzwpBcu4DoLwQiAYlac50OxFiVwJs5rTFIMqKokKo99aQ76rNkXrI54hgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fcolunadofla.com%2F&ds=l&xdt=1&iif=1&cor=3881728451157259300&adk=943508964&idt=83&cac=0&dtd=6
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c697f8b1f82783e81c52b3c29d4b99d4d0f2c041a7671f7a44b2451d260e9999
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 16:16:34 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42612
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
plus.png
s0.2mdn.net/sadbundle/3246924247423529428/ Frame E048 		137 B
173 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/3246924247423529428/plus.png?1698745863931
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1f83d57c4d06966676c266a3195b7ff0e8561ab8f2f61383951cdb22f4adbad9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/3246924247423529428/300x250.html?e=69&leftOffset=0&topOffset=0&c=mDasyO7XEQ&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Mon, 20 Jan 2025 00:49:20 GMT
date
Sun, 21 Jan 2024 00:49:20 GMT
x-content-type-options
nosniff
age
142034
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
137
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 16:08:19 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
activeview
pagead2.googlesyndication.com/pcs/ Frame 4C61 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsss8USeZCNQiFuyFcsodP1Ffkl_jFduOsF0BzVhZpuO2mJGltI_lySaBwhkco5irpRhQyEtBZQPQntIIo7IFs2FXJRSQ84vctD_jNmONGP9sgv-ietdLddp-adDq5_Ae14V24EprOkpK-uZUZxFBDQj-0oY&sai=AMfl-YSll7JFeVx6MX-CBmRxBKGpN4TDLhkd838RbFboyNDxV_rLoDtqNQ-nBnvHHY0UBMYiy9WHYMBs_SBERNOVSO36rmEwX4AzK5DG-tNs_AmmhoJb9v5KSC-alJHwEyMgwlp74HfBzM7RpwCVMnKF&sig=Cg0ArKJSzA631yQlxmeZEAE&cid=CAQSTgAvHhf_knF-Jcx0z0_s3gdsb1oJWFcGEhWWzz7w2IR7jHP-Q1Tz4ADIF-rWHc7V-ij45onVcSZ6y8P5ixP_XC2UarrqINE6MGnsrpAb8RgB&id=lidar2&mcvt=1003&p=195,1005,245,1325&mtos=0,1003,1003,1003,1003&tos=0,1003,0,0,0&v=20240117&bin=7&avms=nio&bs=0,0&mc=0.99&if=1&vu=1&app=0&itpl=20&adk=4268202871&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1705940193743&rpt=199&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 16:16:35 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame E048 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 16:16:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 22 Jan 2024 16:16:34 GMT
dt
dt.adsafeprotected.com/ Frame E7D8 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1874223&asId=e6e6cb43-d112-5d96-5a03-45b5fbae2e9d&tv=%7Bc:230053,pingTime:-10,time:407,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtNjB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMjAuMC42MDk5LjIyNCBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1705940194985%7C%7C7cac4aebe1e9134074d5d149684dafff%7C%7C09dd4f7e094d0daae996260c074cbdea%7C%7C0b480eee79b487c575ed2a74d7da8504%7C%7Cf4cdcd9069ea861df1e3cf4f029554b6%7C%7C153719d1b3935e26d7bb3a1c11de9e6f%7C%7Cf983d3b6a2d84ca9e6797bff05e5ae15%7C%7C5e8f8af22261d4362678b01414798b10%7C%7C1663701684,im:%7Bpci:%7Btdr:358%7D%7D%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:7d2:94c5:1ce1:2c8f Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 16:16:35 GMT
server
nginx
x-server-name
dt22.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
pagead2.googlesyndication.com/bg/ Frame ADC0 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 10:08:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
22083
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15219
x-xss-protection
0
last-modified
Mon, 15 Jan 2024 09:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 21 Jan 2025 10:08:32 GMT
skeleton.js
fw.adsafeprotected.com/rjss/st/1350098/69352127/ Frame B57D 		270 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fw.adsafeprotected.com/rjss/st/1350098/69352127/skeleton.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=1015282671&ias_pubId=pub-8170966538152543&ias_chanId=1&ias_placementId=20884453817&bidurl=https://colunadofla.com/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0h2Fxzks1FKGQ6QNc8lo01K
Requested by
Host: colunadofla.com
URL: https://colunadofla.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.73.100.143 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-73-100-143.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
f6772ebadab521c4f3abbb5c9741024a00ad6682892b9e8e125844e85ee9507a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 16:16:35 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
fw.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
express_html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame B57D 		111 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Requested by
Host: colunadofla.com
URL: https://colunadofla.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/
Origin
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 21:44:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
66736
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39806
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:44:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 22 Jan 2024 21:44:19 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20240118/r20110914/elements/html/ Frame B57D 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240118/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BN7IAYopNFwbKSEM1CJvjKbvwaW30JewpL-YjnV2b4qyZf1Pmas76CxUCygVBq4eSov9DW53hw4LW_IUHWuyGXYsuUOBtXbQmtrHx2BMCAxpzSOulzBZ99yvMGkq3SJoW_XydgDcUP8yWdH3wrGBO7PkzfKFE8EywcJKn3tGNqxyl-vC8&dbm_d=AKAmf-D9WGk1zcNVW4cvOGXWDrYq5CZSlAV4nmTm0xDvYLSdjqhUlmhf3caqq93Lv_F2h5AGqfCWp9DaU0gwF9hD-K1Tnuax8-Exa0hxMjF0IHuPzEVOTOQBIwHzj5asAZ05q5yHoTFgxyhCaMN3a3JUwZrgaUX_rkeapg8kb7pbJosBV3e04npKvok1v9VtYlBHsrBO2pQoTEgUXlIdnRZtiarUgC_Z_4yzd3o8xIRZ9X9tbbIlJrRboSlyEP6cxepy8jIMHBDdlYv2t6APWNCHxyTMCi60RbcD3dCvkgny39qo8SAwNdGxmpQWdpg5ELaLN_dtkQLX1q7XMPzNtyAPk8BMs7rJ2bjpY_Jqbj84XSngShkKJ7WH8y4qizOINxJUiijDKRCZSZrPFJuCkDxROUWCA_xE6BteFlZy5patWbPGGx00-DyyotxgT3-frbkDI9ZA1i5SCePAqKmIFKJR1yzFG1Ac1Tz8zav0ivI4TigvKJx5so2GW5uZ1mggrngH68jBuSEIzS85_SqiUW9a77U7E2No7yvo3DkV2M-DeMtqm7o7yUQOl7amljYvESTojuqmU0qrYl71EZDq8MbNoPtMNlL6YYviCFEzy_1lyceyGd1Ha9a-0rsOWwXQxud4H_YJ5KXwhY8n3ElrHAvhVOGqgIS4XkTcTHDhulp1iFFySKEQMMrB6SYMIhuQ41THK3mheJO67NvzhM8BR6Ka_cL7dqmRaqHS1CC4pqnQDDOQXue4ke71lug5mITz5ZJpmpB6q-BR3rLYpnCBZxRazCxypTIJztXmosJa2PHYNClWJDhOybWW_-04fiAkuzaUcIkPBeC64mDOcfHR1JhOBzyNRaFlCfbcmr3MyL5pV3qKYypX7fmICBF3M5U-Ob_CJ47OaZ36xvTFsCmKUoSdaojsx3O5zJ_67c21NBt9RPzEM8lMNOKu_ptltq-el_Pv00zyo-teg9FGGbRGPJrb0MUpBY2FSKM6Op6VZbYJsCH7Mkeei5xnOOOdlgJh5nF3i0NqScBGUwM_KsnhanAjEY7eCwsTCVnyCJu4j8hEIE-tfNyKfI_P0ycoEUPNjf0uktdWEIYtC4jHCq3JcFwG0Yy84LvFYDTyYT_vjJCotuRC73orOaSsKcXSTkM7ytefdio62251bk1TJxtQ1lYZtY-9rG_g9NCM3ZB3CqdQlp2A8VCg72n2pvX8YddnT-avVcU2lr0gZUgL-hgYodA5tcG68vcdKiyAJCC-BIw1Q9mdSjFVHa0wa7z-I6TGQKLnvA6uppXPWxkeoXo_uEmVkMbj3ywjaAxfjoi98th0XCmmFjt4FROVOnLALTml4Y14Kt_9yvTnW7WI3ZTx3RXdnHYcQJO29xAqgoGh-uxVGTIpOO4FwTbaNGgogmNbNjYehhyHIec1O_aGIAzrDrTdvH0zP4USbj9UzmZeWciS0Txd3t6cdkJYiX_VO36NpeTXLVDCMHpeZb1O35dWqUwJfRUfXLaNNx7sZNxFdbSH1jF6h_-vjUKDesGoOD9Kl_KTKdhAhfQ5hjpJz1xNgcIozZRZiSQI6I375IDF83FdB_s28G9uHZqyP36Jzg6WDDdFn-6rRhJ_zI4SjAK9SdqagMRfigmXFPTzaq3DOCVFjktSrWXZVn-bRcymySCYJxlFABNnec7YGBI7DpftAQno4b7A2JP96Hvtv9CAYcsL10N9cTWGvY7btVwhMJnTsutPsqLiTw5fNfBNN0nXzl67k-RlFWiQxdmH02-FuVyRk77-YBCwSklBkNTrLoh-KNrfq6Y-eGix6c2Uh-4SUiJ_iOhqmH3WJFvyTrC9o3MjJa74LN6Srhf2TdHPOfXcbS2Rn5Pf4E_CyJd7iGq7sWXnQfUJ8hlKHThtWtaHhu9iPZiCi7rTG-Z24m2ddo0R6djTbNCbrVpFIpF5lKgrzF2Y8uFqaO7KQZqj2gKHMgtHPj1LBbZj06afw6m4EkeG1jK35YudAsGliIX1aCzw5DhzBEBZvXkn1fSLogmAqyX8_Z3jpXiwsiD4Aot4YVbPk_15UUQH4xnKJ4SXserw64KjIs5ai1Za28veQQrrFnmKs8nz1j7twjsiCbnsZ1_SqFHsBroCM09yRGplp_NrN1iiX0MlUI8fVihqWRSqnmivwnkVBWFDeKRhZNWhHIXWu_UOcDnbAvilSurO2OuRZx16Tgi1XK-tYV4g57uMGY3-H3IAMcHsAVHPYxnh5XtLNDtOp2osh2JEns8PxBxmvA_qhf46klDzS_VIlD3lvunL6vS9Gr9TQFLD5drVkdMiIoDkG5BDS0yHIhVnUEkvcS_406YVIb0sXFcgniDikWd1b1saM9Qh1r32_m1CUpSOrLnfcYS7EtbEKEvdlOBnDRlIMCS5t0QEqAoC_X_9xtAM8D54R3uLCMgCUHQt8dthuKFHuj023i23ZtIhJ-aJ-zxafTPerdwY-8GKd_4ysN63tsIk-0b2sRS73MbK7yMxxKQNbd_dwU4jV6npHWwheY3TevPy67MwE9rRNBnGu4YqmU9cDbK-_b7yxqK5819N2xYeaWrsDW7UDxO6ffXJTF7kQblcRHPI-juSajEUlu_ccEF1puzu4W2jBuCNxA_VijPsXUoAs9kTb869WXhbNkak915q_wZs8lNubxOdE6X9Zk3KL8JYYPQeBKgCpZ2q1oDXUujZfj9RB1a1gD5kqtfHFp1Y6jSvs1yeARxP38V8RsTouhMYOEJfww2sQIN-5CzmoIfmWLdfHV2wOE7FpvPsGxCReGcgsReSpFANlF9CkVxjNnAb4Dzy_mSUomKD3-bJY54XCqopbPOLamT8v__rUvBRxXr4UGElhG028cR7tU67wbptV7jAkhycDKXNgkZqMlNtyi6acLUgkZUXfNkZWTx-9b8dWAdYQwVTjoXqMPay5vhQh3TDdQOjGPio7a6RRkfLkLl0wXFKj4e8VXHXGyTEuMdibQAw0xTCjzFI2Q_Jg0EoH65x7TFvH1hsVe7sBhI820EhIcgtptbJocu98MuKVKpIV3PlKxkzK-qASJm6Uo-0QB7HSdJEWAlaQ-XLnL0AWjpNMkniaq-vLhSciX9TzHLMv8KQqWM2mg1oqjghP_Zr5cvSCTsx0YqOvZiqRlj4mQIGpQwYeuoH8IHbjdXX-jH-iP6Qk6kcOjoEejdeVyTksLfm1NTbWH-0sSN_ChyxaRow0D7YMKCQ68VWpOu4hkyuB_bvanLSV6lbnvtg65X2t91NKi1PIjKrb_V56dslWzRp7ch3a3fI1NfVFNttfmo8kFlp8o_dLyuVzcS_pL3Xk9Ccmqkq-idp8Hj3JWOMv2DYNlMOmNjQ3aYDOkaH2PVnpwRJUzADcIKbMiIAyqFZgMOuLO3TnuJNnaIGZHN2EJpvAkGDq7Yn_NDSVTxW8imfL_KsnQcrJTPD2-lBnITE6HHnLy8Pxo05XkCaUR0rvzXd-WMib5pFhQXE6aazHvCxWhvaKGIda8xbb4lO_J_G1sRywciBGzL3wJ_658sWEoxafxwTxQ0eE4O-bh8PHSeiVm9pn7mMxMX6giKGYkK2DN3bBRxJjqHmZQ943pIbbpKiAhJEnfuTCY2UD09lG0zBnuXrX0eWoC3bcr4FIeBTB4Dru__6hHsgJSFXwHpXK5CywyUO_Cd_pVU0GRtkNnyRtx0gGkOATYwxuHZt3rpDLh1YFyCcPYX2OZykh79U-tADbp4GlAwRTMHWJ4SnuYNmj4MAYoQcaqAUBuSppmdXv2BJzyxmVNOfWnqjmxR5PbIUwE31JApu8slbysPk_mf6KK9J46p5PxQF7zOHiUVYUofxv9TYxI4weIWTCku_IBmmsom2qi8vu8_Bxu8K8KphSeW22-LlZfWLxV4Lpx_uu4A&cid=CAQSTgAvHhf_F10R54y21wfYu6RZfrDdnIUkkxXM8rtQhBhHjsL3o8bzwpBcu4DoLwQiAYlac50OxFiVwJs5rTFIMqKokKo99aQ76rNkXrI54hgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fcolunadofla.com%2F&ds=l&xdt=1&iif=1&cor=3881728451157259300&adk=943508964&idt=83&cac=0&dtd=6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9159ff44d7094b8c99c902b187018a7e1115252e3c0438f9d4622295cd00d287
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 18:30:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
78386
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4383
x-xss-protection
0
server
cafe
etag
1583492410672046836
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 04 Feb 2024 18:30:09 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20240118/r20110914/ Frame B57D 		31 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240118/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BN7IAYopNFwbKSEM1CJvjKbvwaW30JewpL-YjnV2b4qyZf1Pmas76CxUCygVBq4eSov9DW53hw4LW_IUHWuyGXYsuUOBtXbQmtrHx2BMCAxpzSOulzBZ99yvMGkq3SJoW_XydgDcUP8yWdH3wrGBO7PkzfKFE8EywcJKn3tGNqxyl-vC8&dbm_d=AKAmf-D9WGk1zcNVW4cvOGXWDrYq5CZSlAV4nmTm0xDvYLSdjqhUlmhf3caqq93Lv_F2h5AGqfCWp9DaU0gwF9hD-K1Tnuax8-Exa0hxMjF0IHuPzEVOTOQBIwHzj5asAZ05q5yHoTFgxyhCaMN3a3JUwZrgaUX_rkeapg8kb7pbJosBV3e04npKvok1v9VtYlBHsrBO2pQoTEgUXlIdnRZtiarUgC_Z_4yzd3o8xIRZ9X9tbbIlJrRboSlyEP6cxepy8jIMHBDdlYv2t6APWNCHxyTMCi60RbcD3dCvkgny39qo8SAwNdGxmpQWdpg5ELaLN_dtkQLX1q7XMPzNtyAPk8BMs7rJ2bjpY_Jqbj84XSngShkKJ7WH8y4qizOINxJUiijDKRCZSZrPFJuCkDxROUWCA_xE6BteFlZy5patWbPGGx00-DyyotxgT3-frbkDI9ZA1i5SCePAqKmIFKJR1yzFG1Ac1Tz8zav0ivI4TigvKJx5so2GW5uZ1mggrngH68jBuSEIzS85_SqiUW9a77U7E2No7yvo3DkV2M-DeMtqm7o7yUQOl7amljYvESTojuqmU0qrYl71EZDq8MbNoPtMNlL6YYviCFEzy_1lyceyGd1Ha9a-0rsOWwXQxud4H_YJ5KXwhY8n3ElrHAvhVOGqgIS4XkTcTHDhulp1iFFySKEQMMrB6SYMIhuQ41THK3mheJO67NvzhM8BR6Ka_cL7dqmRaqHS1CC4pqnQDDOQXue4ke71lug5mITz5ZJpmpB6q-BR3rLYpnCBZxRazCxypTIJztXmosJa2PHYNClWJDhOybWW_-04fiAkuzaUcIkPBeC64mDOcfHR1JhOBzyNRaFlCfbcmr3MyL5pV3qKYypX7fmICBF3M5U-Ob_CJ47OaZ36xvTFsCmKUoSdaojsx3O5zJ_67c21NBt9RPzEM8lMNOKu_ptltq-el_Pv00zyo-teg9FGGbRGPJrb0MUpBY2FSKM6Op6VZbYJsCH7Mkeei5xnOOOdlgJh5nF3i0NqScBGUwM_KsnhanAjEY7eCwsTCVnyCJu4j8hEIE-tfNyKfI_P0ycoEUPNjf0uktdWEIYtC4jHCq3JcFwG0Yy84LvFYDTyYT_vjJCotuRC73orOaSsKcXSTkM7ytefdio62251bk1TJxtQ1lYZtY-9rG_g9NCM3ZB3CqdQlp2A8VCg72n2pvX8YddnT-avVcU2lr0gZUgL-hgYodA5tcG68vcdKiyAJCC-BIw1Q9mdSjFVHa0wa7z-I6TGQKLnvA6uppXPWxkeoXo_uEmVkMbj3ywjaAxfjoi98th0XCmmFjt4FROVOnLALTml4Y14Kt_9yvTnW7WI3ZTx3RXdnHYcQJO29xAqgoGh-uxVGTIpOO4FwTbaNGgogmNbNjYehhyHIec1O_aGIAzrDrTdvH0zP4USbj9UzmZeWciS0Txd3t6cdkJYiX_VO36NpeTXLVDCMHpeZb1O35dWqUwJfRUfXLaNNx7sZNxFdbSH1jF6h_-vjUKDesGoOD9Kl_KTKdhAhfQ5hjpJz1xNgcIozZRZiSQI6I375IDF83FdB_s28G9uHZqyP36Jzg6WDDdFn-6rRhJ_zI4SjAK9SdqagMRfigmXFPTzaq3DOCVFjktSrWXZVn-bRcymySCYJxlFABNnec7YGBI7DpftAQno4b7A2JP96Hvtv9CAYcsL10N9cTWGvY7btVwhMJnTsutPsqLiTw5fNfBNN0nXzl67k-RlFWiQxdmH02-FuVyRk77-YBCwSklBkNTrLoh-KNrfq6Y-eGix6c2Uh-4SUiJ_iOhqmH3WJFvyTrC9o3MjJa74LN6Srhf2TdHPOfXcbS2Rn5Pf4E_CyJd7iGq7sWXnQfUJ8hlKHThtWtaHhu9iPZiCi7rTG-Z24m2ddo0R6djTbNCbrVpFIpF5lKgrzF2Y8uFqaO7KQZqj2gKHMgtHPj1LBbZj06afw6m4EkeG1jK35YudAsGliIX1aCzw5DhzBEBZvXkn1fSLogmAqyX8_Z3jpXiwsiD4Aot4YVbPk_15UUQH4xnKJ4SXserw64KjIs5ai1Za28veQQrrFnmKs8nz1j7twjsiCbnsZ1_SqFHsBroCM09yRGplp_NrN1iiX0MlUI8fVihqWRSqnmivwnkVBWFDeKRhZNWhHIXWu_UOcDnbAvilSurO2OuRZx16Tgi1XK-tYV4g57uMGY3-H3IAMcHsAVHPYxnh5XtLNDtOp2osh2JEns8PxBxmvA_qhf46klDzS_VIlD3lvunL6vS9Gr9TQFLD5drVkdMiIoDkG5BDS0yHIhVnUEkvcS_406YVIb0sXFcgniDikWd1b1saM9Qh1r32_m1CUpSOrLnfcYS7EtbEKEvdlOBnDRlIMCS5t0QEqAoC_X_9xtAM8D54R3uLCMgCUHQt8dthuKFHuj023i23ZtIhJ-aJ-zxafTPerdwY-8GKd_4ysN63tsIk-0b2sRS73MbK7yMxxKQNbd_dwU4jV6npHWwheY3TevPy67MwE9rRNBnGu4YqmU9cDbK-_b7yxqK5819N2xYeaWrsDW7UDxO6ffXJTF7kQblcRHPI-juSajEUlu_ccEF1puzu4W2jBuCNxA_VijPsXUoAs9kTb869WXhbNkak915q_wZs8lNubxOdE6X9Zk3KL8JYYPQeBKgCpZ2q1oDXUujZfj9RB1a1gD5kqtfHFp1Y6jSvs1yeARxP38V8RsTouhMYOEJfww2sQIN-5CzmoIfmWLdfHV2wOE7FpvPsGxCReGcgsReSpFANlF9CkVxjNnAb4Dzy_mSUomKD3-bJY54XCqopbPOLamT8v__rUvBRxXr4UGElhG028cR7tU67wbptV7jAkhycDKXNgkZqMlNtyi6acLUgkZUXfNkZWTx-9b8dWAdYQwVTjoXqMPay5vhQh3TDdQOjGPio7a6RRkfLkLl0wXFKj4e8VXHXGyTEuMdibQAw0xTCjzFI2Q_Jg0EoH65x7TFvH1hsVe7sBhI820EhIcgtptbJocu98MuKVKpIV3PlKxkzK-qASJm6Uo-0QB7HSdJEWAlaQ-XLnL0AWjpNMkniaq-vLhSciX9TzHLMv8KQqWM2mg1oqjghP_Zr5cvSCTsx0YqOvZiqRlj4mQIGpQwYeuoH8IHbjdXX-jH-iP6Qk6kcOjoEejdeVyTksLfm1NTbWH-0sSN_ChyxaRow0D7YMKCQ68VWpOu4hkyuB_bvanLSV6lbnvtg65X2t91NKi1PIjKrb_V56dslWzRp7ch3a3fI1NfVFNttfmo8kFlp8o_dLyuVzcS_pL3Xk9Ccmqkq-idp8Hj3JWOMv2DYNlMOmNjQ3aYDOkaH2PVnpwRJUzADcIKbMiIAyqFZgMOuLO3TnuJNnaIGZHN2EJpvAkGDq7Yn_NDSVTxW8imfL_KsnQcrJTPD2-lBnITE6HHnLy8Pxo05XkCaUR0rvzXd-WMib5pFhQXE6aazHvCxWhvaKGIda8xbb4lO_J_G1sRywciBGzL3wJ_658sWEoxafxwTxQ0eE4O-bh8PHSeiVm9pn7mMxMX6giKGYkK2DN3bBRxJjqHmZQ943pIbbpKiAhJEnfuTCY2UD09lG0zBnuXrX0eWoC3bcr4FIeBTB4Dru__6hHsgJSFXwHpXK5CywyUO_Cd_pVU0GRtkNnyRtx0gGkOATYwxuHZt3rpDLh1YFyCcPYX2OZykh79U-tADbp4GlAwRTMHWJ4SnuYNmj4MAYoQcaqAUBuSppmdXv2BJzyxmVNOfWnqjmxR5PbIUwE31JApu8slbysPk_mf6KK9J46p5PxQF7zOHiUVYUofxv9TYxI4weIWTCku_IBmmsom2qi8vu8_Bxu8K8KphSeW22-LlZfWLxV4Lpx_uu4A&cid=CAQSTgAvHhf_F10R54y21wfYu6RZfrDdnIUkkxXM8rtQhBhHjsL3o8bzwpBcu4DoLwQiAYlac50OxFiVwJs5rTFIMqKokKo99aQ76rNkXrI54hgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fcolunadofla.com%2F&ds=l&xdt=1&iif=1&cor=3881728451157259300&adk=943508964&idt=83&cac=0&dtd=6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9dfbb8e1be036059aea6dd87bdbefa7ecada3617fb3f404ba4647ebbbf8160b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 18:30:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
78386
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11885
x-xss-protection
0
server
cafe
etag
16863283086342074828
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 04 Feb 2024 18:30:09 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame B57D 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: colunadofla.com
URL: https://colunadofla.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 17:14:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
428507
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 16 Jan 2025 17:14:48 GMT
truncated
/ Frame B57D 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9cf86c10974e62704e743362cf42dee66e4fb00250f8661322ea0d9ee3ebf9c8

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/png
index.html
s0.2mdn.net/sadbundle/14153027799838875023/300%20x%20250_NEW/_export/ Frame B009 		97 KB
21 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/14153027799838875023/300%20x%20250_NEW/_export/index.html?ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9ac1966d4413f7cec47f7c3be288014ee9cf2b50d24ca55c530a718a0dad2cd5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
453090
allow-fenced-frame-automatic-beacons
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
21436
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Wed, 17 Jan 2024 10:25:05 GMT
expires
Thu, 16 Jan 2025 10:25:05 GMT
last-modified
Thu, 20 Apr 2023 13:17:10 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame B57D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssdtRczl4tbqt4-k8GmuclyiARLCV78GaGPfzEOgfQIn_Heq-qsHRoX9ScdOV1XawZGPX4AYIo38Y2WohhJpaA3EndXU-ui1un6VCF-1aHfrg8VU3Q_egQgIKzA9FeSXQ1hNLqhag3MzZ83uLvHwVjUHZQMw8ZkNz5LQGEhKDQrnyiZZ3gKTp6zBJlQEbmpT4oBQuFY4di-UB0QGdtHFynHAgXKxkzKtPOerC3SlC6LKdMmykMx8DVsmHpxTPjyUfHz4LUfBkvN0A8ELU-fTNEfAhctSkDhQdDkW4K_q3STDuYzTpN2cQBu8t-RurxFR171z5RArPfqkFTvCOv5QGw4ElItzw_NBFvIBzU4xO4dJcXnE6xvbCa6alNzI5uJf0C-hf1-GZT5XSs3DZ4uGtGZTqdJX8OqYIAO2B6n4s3KVzqSAfMiG8FXhSjpnViht5292ZAcjRyzCQlhOst0jldSVxdHWJ_qtPAqsAcLwavzdH5ypeP68iVPG2F4NOATD5awxiANKOEFHD-NepKApXD2NauqndvRPtDp5oYiJXyG4asfCo345ZR0g_dsfp1u6h0gaQ0DvxFOVV6zc68axFSBE7oLNyT_yH2uv49Jw7x-fWSTGRrgdIhtblCxxZ-gCdrZ_CoGsuyUymH1pLhM0BqsCilPVIW1U1A1b-wFyf2xbQupo9sTIQ3aN18fkP6Y03zVY3c90jXLUnrSTpP9ZzgJ2KXnVqhEd04AiBWahaTwNsxaos5roXWCVR1SQbdQonmAeH4FP03agIGSOWC5fwrTlGsY1HgrTzH94gfjxbbkf3joOOHO9GsXEZbBUTk_8G_2k3RN8QLTBYryez0ofeKuqEt7Hz7KT6ee0DHUPYVZjFOsSmyoLrp7AXi2XjrdWPYwAnlStvmA7k7nlwFKhCPlSv1GkYpMGfWiTQEDx_Sz1klNubhOrUnN15n6z59xHBC7rqgrDwiO23iCZF1WAWTRzH5qjjR4qwLttstgHhleAqAuwi-3SIdR3cW3xRTF7a_9mUPMHxg5n3VAxAry5izqFPz30jm-cvZeVGoTRDkF-YSNRBVFEQW7UVUPBHUqOONLJPDsKyd0LBjgqS1TByiwYlD-d56q6WunEn_vpukLwJPcFsn66iMsx4pJCnXGwuH32uCxLDaC3YCgX6x183rT44z5MWt-cYc9JlBL9Gmq3w_GwH2MFFfF8TXsL1BukC3oCa_Ja_AMzZyPc0DzKE32NKwoaLwU0zyPLenqa-8CgQ0ryFu7FyxUaBCx6MeSMjL6XhyblnSHBul6hIW3w47qYNSVQxTYd3C0B-wUBDa0_yHwviqqhBmKkpRSyMOpfciM3f6JZ0Rg0FoYGRLRFUb_2zt1kDeppcMUJnMpYwPs02eZK_ZuENXngnnhqbRBz2njb2gol5Cpqdk1Yy5N4taoLv6b8hM7&sai=AMfl-YQ3FgzOmqTkBoevMdfWGxtbfWMdKMRqajdDSxanYApjwe0_S1elpWGN2OYlGQ2Ma-7kMlGdTfsbzLeizsgFrxbLY-nTQ4DwjxYtvlMF15S5N-RNdpMroL-qkfUo_gfMP7CkqQPiJj-KjmW6nxWn_ziI-U8qWE_W13fhDfH60BOiSc7ejVdO_tYpZ4hXfKdyLa1jM7-Wuf5AJErOEL24IDVhn7HZy3G1PaQaaLwehU2l8d2_mc__SKdQlW-wTvAUZpnK-b7ejnnW9kdrpE1EqwHOa3S1tv76daC5VKpRQ2MIptzDc12RTzNk6_Yyi2U&sig=Cg0ArKJSzJMk34l5gyZJEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=47&cbvp=1&cstd=47&cisv=r20240118.38386&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: colunadofla.com
URL: https://colunadofla.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Mon, 22 Jan 2024 16:16:35 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
93656
tags.bluekai.com/site/ Frame B57D 		62 B
574 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/93656?limit=0&phint=event%3Dimp&phint=aid%3D6531095&phint=cid%3D29364893&phint=crid%3D190458184&phint=pid%3D359274924
Requested by
Host: 48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com
URL: https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
72.246.169.24 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a72-246-169-24.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date
Mon, 22 Jan 2024 16:16:35 GMT
content-length
62
bk-server
b514
content-type
image/gif
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 97E6 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
428507
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 17 Jan 2024 17:14:48 GMT
expires
Thu, 16 Jan 2025 17:14:48 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
bridge3.613.0_en.html
imasdk.googleapis.com/js/core/ Frame 2A88 		753 KB
241 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.613.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e0fe83d875faf394978cd04227fb30838db2f4a9bd67e6862e6845c6eee1a09e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://colunadofla.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
481625
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
246576
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Wed, 17 Jan 2024 02:29:30 GMT
expires
Thu, 16 Jan 2025 02:29:30 GMT
last-modified
Mon, 15 Jan 2024 20:36:05 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://colunadofla.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 16:16:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 22 Jan 2024 16:16:35 GMT
volume_off.png
www.gstatic.com/dfp/native/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/dfp/native/volume_off.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c7a1125f0f178a5bd59ac15910b5e06e94821f182ac6006071c2409cde0f2a2b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://colunadofla.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 02:25:20 GMT
x-content-type-options
nosniff
last-modified
Thu, 02 Nov 2023 22:48:00 GMT
server
sffe
age
481875
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2684
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Thu, 16 Jan 2025 02:25:20 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 630B 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 16:02:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
874
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13893
x-xss-protection
0
last-modified
Wed, 09 Aug 2023 15:57:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Mon, 22 Jan 2024 17:02:01 GMT
4.js
static.adsafeprotected.com/ Frame B57D
Redirect Chain
  • https://fw.adsafeprotected.com/rfw/st/1350098/69352127/4.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=1015282671&ias_pubId=pub-8170966538152543&ias_chanId=1&ias_placementId=20884453817&bidurl=ht...
  • https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_4pSuZdHiOprKx_AP08ScmAg&cbFunctionName=goog_wrapCb_4pSuZdHiOprKx_AP08ScmAg&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpass...
1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_4pSuZdHiOprKx_AP08ScmAg&cbFunctionName=goog_wrapCb_4pSuZdHiOprKx_AP08ScmAg&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_300x250.js
Requested by
Host: 48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com
URL: https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
2600:9000:2450:e000:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5431bf3cd2099a41e143f4ccab7ee74d223ea22941dfd9061c5d241ed05afade

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id
chJzWGuhkrqyagXtH_ztVZhv7KoeCC.y
content-encoding
gzip
via
1.1 9f4aebedb96f04eed26848dbf2d55694.cloudfront.net (CloudFront)
date
Thu, 18 Jan 2024 21:47:27 GMT
x-amz-cf-pop
CDG50-P4
age
325749
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
PENDING
last-modified
Thu, 11 Jan 2024 21:47:25 GMT
server
AmazonS3
etag
W/"eb639ea9c60fa52fae8bd853911ab0a9"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800
x-amz-cf-id
sAZXNsOWMcywbuYgqYq94D9qhr6PCGGw8tQJcE12fy3N9_Q-I67j1Q==

Redirect headers

pragma
no-cache
date
Mon, 22 Jan 2024 16:16:35 GMT
server
nginx
x-server-name
app09.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_4pSuZdHiOprKx_AP08ScmAg&cbFunctionName=goog_wrapCb_4pSuZdHiOprKx_AP08ScmAg&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_300x250.js
cache-control
no-cache
content-length
0
sca.17.6.2.js
static.adsafeprotected.com/ Frame DAF3 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: 48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com
URL: https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2450:e000:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 27 Dec 2023 10:50:17 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding
gzip
via
1.1 9f4aebedb96f04eed26848dbf2d55694.cloudfront.net (CloudFront)
x-amz-cf-pop
CDG50-P4
age
2265979
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
OgN3UMFgAkUCyMlKiQZK2tys7dJE2WuQPNm7H2l-FmhNZsIxM8T65A==
DcmEnabler_01_247.js
s0.2mdn.net/879366/ Frame B009 		29 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/DcmEnabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14153027799838875023/300%20x%20250_NEW/_export/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14153027799838875023/300%20x%20250_NEW/_export/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 20:32:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
71026
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10136
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 22 Jan 2024 20:32:49 GMT
dt
dt.adsafeprotected.com/ Frame B57D 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1350098&asId=25b9d9e9-1d95-accb-ba98-1e1a95dac902&tv=%7Bc:23008h,pingTime:-3,time:72,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:18%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:72,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:18,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B69~0%5D,as:%5B69~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u26PcNj+11%7C12%7C13%7C14%7C15%7C16%7C171%7C172%7C173%7C18%7C191%7C192%7C193%7C194%7C1a1%7C1a2%7C1a311%7C1b*.1350098-69352127%7C1b1%7C1b2%7C1b3%7C1c%7C1d,idMap:1b*,rmeas:1,rend:0,renddet:DIV,siq:18%7D&br=c
Requested by
Host: 48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com
URL: https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:7d2:94c5:1ce1:2c8f Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 16:16:35 GMT
server
nginx
x-server-name
dt26.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame B57D 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1350098&asId=25b9d9e9-1d95-accb-ba98-1e1a95dac902&tv=%7Bc:23008i,pingTime:-6,time:73,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:73,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:18,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B69~0%5D,as:%5B69~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u26PcNj+11%7C12%7C13%7C14%7C15%7C16%7C171%7C172%7C173%7C18%7C191%7C192%7C193%7C194%7C1a1%7C1a2%7C1a311%7C1b*.1350098-69352127%7C1b1%7C1b2%7C1b3%7C1c%7C1d,idMap:1b*,rmeas:1,rend:0,renddet:DIV,siq:18%7D&tpiLookup=ao:colunadofla.com*&br=c
Requested by
Host: 48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com
URL: https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:7d2:94c5:1ce1:2c8f Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 16:16:35 GMT
server
nginx
x-server-name
dt27.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
11822513
api.attentionxyz.com/api/event/ Frame 4C61 		2 B
17 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.attentionxyz.com/api/event/11822513
Requested by
Host: attentionxyz.com
URL: https://attentionxyz.com/160-3c6e1570/amt.js?tagLabel=Dept_Agency_cm360&attrAdvertiser=11822513&attrCampaign=31208750&attrSite=7847497&attrPlacement=385568821&attrCreative=208026589&attrAd=576600420&attr1=%edclid!&attr2=j
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.222.118 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
118.222.117.34.bc.googleusercontent.com
Software
/
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Accepts
application/json
Referer
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/
Amt-Event
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJrZXkiOiJhbXQtcHJvZCJ9.8dotrQPk6rXdTZUfYiTmmCx3BKBZ0ngS9huOY_9Rk9s
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 22 Jan 2024 16:16:35 GMT
via
1.1 google
vary
Origin
content-type
text/html
access-control-allow-origin
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
11822513
api.attentionxyz.com/api/event/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.attentionxyz.com/api/event/11822513
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.222.118 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
118.222.117.34.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
accepts,amt-event,content-type
Access-Control-Request-Method
POST
Origin
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
accepts,amt-event,content-type
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Mon, 22 Jan 2024 16:16:35 GMT
vary
Origin, Access-Control-Request-Headers
via
1.1 google
dt
dt.adsafeprotected.com/ Frame B57D 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1350098&asId=25b9d9e9-1d95-accb-ba98-1e1a95dac902&tv=%7Bc:23008U,pingTime:-2,time:111,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:292,beZ:293,mfA:295,cmA:295,inA:296,inZ:298,prA:298,prZ:307,si:310,poA:311,poZ:324,cmZ:324,mfZ:324,loA:365,loZ:367,ltA:403,ltZ:403%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:300.250,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:18%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:111,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:18,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B107~0%5D,as:%5B107~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u26PcEG+11%7C12%7C13%7C14%7C15%7C16%7C171%7C172%7C173%7C18%7C191%7C192%7C193%7C194%7C1a.1874223-77019481%7C1a1%7C1a2%7C1a311%7C1b*.1350098-69352127%7C1b1%7C1b2%7C1b3%7C1c%7C1d,idMap:1b*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:0,renddet:DIV,siq:18,sinceFw:92,readyFired:true%7D&br=c
Requested by
Host: 48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com
URL: https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:7d2:94c5:1ce1:2c8f Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 16:16:35 GMT
server
nginx
x-server-name
dt12.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
i_I7gtk5u389ZGUJiYlLngBTR4no54KgcGkAXYvtCUw.js
pagead2.googlesyndication.com/bg/ Frame 97E6 		51 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/i_I7gtk5u389ZGUJiYlLngBTR4no54KgcGkAXYvtCUw.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8bf23b82d939bb7f3d64650989894b9e00534789e8e782a07069005d8bed094c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 02:17:03 GMT
content-encoding
br
x-content-type-options
nosniff
age
482372
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19704
x-xss-protection
0
last-modified
Mon, 15 Jan 2024 09:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 16 Jan 2025 02:17:03 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame B57D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssdtRczl4tbqt4-k8GmuclyiARLCV78GaGPfzEOgfQIn_Heq-qsHRoX9ScdOV1XawZGPX4AYIo38Y2WohhJpaA3EndXU-ui1un6VCF-1aHfrg8VU3Q_egQgIKzA9FeSXQ1hNLqhag3MzZ83uLvHwVjUHZQMw8ZkNz5LQGEhKDQrnyiZZ3gKTp6zBJlQEbmpT4oBQuFY4di-UB0QGdtHFynHAgXKxkzKtPOerC3SlC6LKdMmykMx8DVsmHpxTPjyUfHz4LUfBkvN0A8ELU-fTNEfAhctSkDhQdDkW4K_q3STDuYzTpN2cQBu8t-RurxFR171z5RArPfqkFTvCOv5QGw4ElItzw_NBFvIBzU4xO4dJcXnE6xvbCa6alNzI5uJf0C-hf1-GZT5XSs3DZ4uGtGZTqdJX8OqYIAO2B6n4s3KVzqSAfMiG8FXhSjpnViht5292ZAcjRyzCQlhOst0jldSVxdHWJ_qtPAqsAcLwavzdH5ypeP68iVPG2F4NOATD5awxiANKOEFHD-NepKApXD2NauqndvRPtDp5oYiJXyG4asfCo345ZR0g_dsfp1u6h0gaQ0DvxFOVV6zc68axFSBE7oLNyT_yH2uv49Jw7x-fWSTGRrgdIhtblCxxZ-gCdrZ_CoGsuyUymH1pLhM0BqsCilPVIW1U1A1b-wFyf2xbQupo9sTIQ3aN18fkP6Y03zVY3c90jXLUnrSTpP9ZzgJ2KXnVqhEd04AiBWahaTwNsxaos5roXWCVR1SQbdQonmAeH4FP03agIGSOWC5fwrTlGsY1HgrTzH94gfjxbbkf3joOOHO9GsXEZbBUTk_8G_2k3RN8QLTBYryez0ofeKuqEt7Hz7KT6ee0DHUPYVZjFOsSmyoLrp7AXi2XjrdWPYwAnlStvmA7k7nlwFKhCPlSv1GkYpMGfWiTQEDx_Sz1klNubhOrUnN15n6z59xHBC7rqgrDwiO23iCZF1WAWTRzH5qjjR4qwLttstgHhleAqAuwi-3SIdR3cW3xRTF7a_9mUPMHxg5n3VAxAry5izqFPz30jm-cvZeVGoTRDkF-YSNRBVFEQW7UVUPBHUqOONLJPDsKyd0LBjgqS1TByiwYlD-d56q6WunEn_vpukLwJPcFsn66iMsx4pJCnXGwuH32uCxLDaC3YCgX6x183rT44z5MWt-cYc9JlBL9Gmq3w_GwH2MFFfF8TXsL1BukC3oCa_Ja_AMzZyPc0DzKE32NKwoaLwU0zyPLenqa-8CgQ0ryFu7FyxUaBCx6MeSMjL6XhyblnSHBul6hIW3w47qYNSVQxTYd3C0B-wUBDa0_yHwviqqhBmKkpRSyMOpfciM3f6JZ0Rg0FoYGRLRFUb_2zt1kDeppcMUJnMpYwPs02eZK_ZuENXngnnhqbRBz2njb2gol5Cpqdk1Yy5N4taoLv6b8hM7&sai=AMfl-YQ3FgzOmqTkBoevMdfWGxtbfWMdKMRqajdDSxanYApjwe0_S1elpWGN2OYlGQ2Ma-7kMlGdTfsbzLeizsgFrxbLY-nTQ4DwjxYtvlMF15S5N-RNdpMroL-qkfUo_gfMP7CkqQPiJj-KjmW6nxWn_ziI-U8qWE_W13fhDfH60BOiSc7ejVdO_tYpZ4hXfKdyLa1jM7-Wuf5AJErOEL24IDVhn7HZy3G1PaQaaLwehU2l8d2_mc__SKdQlW-wTvAUZpnK-b7ejnnW9kdrpE1EqwHOa3S1tv76daC5VKpRQ2MIptzDc12RTzNk6_Yyi2U&sig=Cg0ArKJSzJMk34l5gyZJEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=237&vt=11&dtpt=190&dett=3&cstd=47&cisv=r20240118.38386&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: colunadofla.com
URL: https://colunadofla.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 16:16:35 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
ads
pubads.g.doubleclick.net/gampad/ Frame 2A88 		54 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21715141650%2C22515816402%2Fcolunadofla.com&description_url=https%3A%2F%2Fcolunadofla.com%2F&tfcd=0&npa=0&sz=480x360&cust_params=Version%3D1.02%26place%3Dslider-video&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=246245919430165&sdkv=h.3.613.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&u_so=l&ctv=0&mpt=google%2Fcodepen-demo-&mpv=1.0.0&sdki=445&ptt=20&adk=3345778178&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.613.0&sid=CC1D397C-6AEC-402C-8404-B66FF84B06BC&nel=0&eid=44754608%2C44772139%2C44777649%2C44781409%2C44804291%2C44809548&url=https%3A%2F%2Fcolunadofla.com%2F&dt=1705940195277&cookie=ID%3D6f8bb4d8d5daab8e%3AT%3D1705940193%3ART%3D1705940193%3AS%3DALNI_MabyPYiRGrw77FkmPH3BbgaKSbb8A&gpic=UID%3D00000d4791ce9989%3AT%3D1705940193%3ART%3D1705940193%3AS%3DALNI_Mbwzh-ASU3E86lVBStuIsJ6xByECg&scor=2971179659358169&ged=ve4_td3_tt0_pd3_la3000_er5684.632.5841.932_vi0.0.1200.1600_vp0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.613.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
cafe /
Resource Hash
925a1524e21ee86526ce6afa23ac2408d2ea45adf8da204726be194f170995ce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 16:16:35 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7164
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 5422 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401170101/pubads_impl.js?cb=31080521
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://colunadofla.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 22 Jan 2024 16:16:33 GMT
expires
Tue, 21 Jan 2025 16:16:33 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
CTA.png
s0.2mdn.net/sadbundle/14153027799838875023/300%20x%20250_NEW/_export/ Frame B009 		683 B
719 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/14153027799838875023/300%20x%20250_NEW/_export/CTA.png
Requested by
Host: 48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com
URL: https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fcf9b4aeaed63c90b87405f2e74b08c3317077d24f2c8999a865d3d6323aa7a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14153027799838875023/300%20x%20250_NEW/_export/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Mon, 20 Jan 2025 23:04:46 GMT
date
Sun, 21 Jan 2024 23:04:46 GMT
x-content-type-options
nosniff
age
61909
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
683
x-xss-protection
0
last-modified
Thu, 20 Apr 2023 13:17:10 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
Text2.png
s0.2mdn.net/sadbundle/14153027799838875023/300%20x%20250_NEW/_export/ Frame B009 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/14153027799838875023/300%20x%20250_NEW/_export/Text2.png
Requested by
Host: 48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com
URL: https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a03772619be364a1b7ed76e03b8533cbe7349d5ebae356251f9374dcaa18ae96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14153027799838875023/300%20x%20250_NEW/_export/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Thu, 16 Jan 2025 02:31:56 GMT
date
Wed, 17 Jan 2024 02:31:56 GMT
x-content-type-options
nosniff
age
481479
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4399
x-xss-protection
0
last-modified
Thu, 20 Apr 2023 13:17:10 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
Text3.png
s0.2mdn.net/sadbundle/14153027799838875023/300%20x%20250_NEW/_export/ Frame B009 		867 B
904 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/14153027799838875023/300%20x%20250_NEW/_export/Text3.png
Requested by
Host: 48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com
URL: https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
308eb8b554a35b4a32b0a5837749cc8b31e14762014465d64d56ecb26aea49c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14153027799838875023/300%20x%20250_NEW/_export/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Mon, 20 Jan 2025 00:51:06 GMT
date
Sun, 21 Jan 2024 00:51:06 GMT
x-content-type-options
nosniff
age
141929
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
867
x-xss-protection
0
last-modified
Thu, 20 Apr 2023 13:17:10 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
Text1.png
s0.2mdn.net/sadbundle/14153027799838875023/300%20x%20250_NEW/_export/ Frame B009 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/14153027799838875023/300%20x%20250_NEW/_export/Text1.png
Requested by
Host: 48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com
URL: https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
98bc0ff841905cab19f5547a968e3b460b66db494f718b085a0e20278703ce68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14153027799838875023/300%20x%20250_NEW/_export/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Wed, 15 Jan 2025 23:34:39 GMT
date
Tue, 16 Jan 2024 23:34:39 GMT
x-content-type-options
nosniff
age
492116
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3112
x-xss-protection
0
last-modified
Thu, 20 Apr 2023 13:17:10 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
logo.png
s0.2mdn.net/sadbundle/14153027799838875023/300%20x%20250_NEW/_export/ Frame B009 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/14153027799838875023/300%20x%20250_NEW/_export/logo.png
Requested by
Host: 48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com
URL: https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f7d21ca9da27fae5aa39640a9982cd2d897be961f98bf7c352c7845313c262c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14153027799838875023/300%20x%20250_NEW/_export/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Thu, 16 Jan 2025 15:00:06 GMT
date
Wed, 17 Jan 2024 15:00:06 GMT
x-content-type-options
nosniff
age
436589
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1595
x-xss-protection
0
last-modified
Thu, 20 Apr 2023 13:17:10 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
BG.png
s0.2mdn.net/sadbundle/14153027799838875023/300%20x%20250_NEW/_export/ Frame B009 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/14153027799838875023/300%20x%20250_NEW/_export/BG.png
Requested by
Host: 48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com
URL: https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ba831bae8033d6f477c431e945b399a3c11d6b13da160fe81d0aa67530889c1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14153027799838875023/300%20x%20250_NEW/_export/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Thu, 16 Jan 2025 02:25:05 GMT
date
Wed, 17 Jan 2024 02:25:05 GMT
x-content-type-options
nosniff
age
481890
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16570
x-xss-protection
0
last-modified
Thu, 20 Apr 2023 13:17:10 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
gen_204
pagead2.googlesyndication.com/pagead/ Frame 97E6 		0
24 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=B1eM84pSuZdHiOprKx_AP08ScmAgAAAAAOAHgBAI&bg=!ZmWlZSrNAAZVxkGXdcY7ADQBe5WfOFRQYFQRxIk8OsYFvG7-D-8RbcVIS1aPLmo0jr1l-AStRurQPRB0BquTZpP5vLb-AgAAADtSAAAAAmgBB5kDFe-YaygMBS-0PWFdnQPCBh9pNoD4UntdoyaZ4SGPduLewt4sF9wzFikl10p5gcyjnkGPRhG9drI7I3ZJgmnXgMS5noPdp7vptHVyX7peS1g9H38JfR62ZQUkIIsqZq-uUsfRgQfQKyWRhLD53QppLYyGlGoC26Yp25aNy8Bl1yX04TY7SQSte4J5xk5LlkScE-TDskLnD73IvLMTQM2ksxN9D7t6essw_UmrpepIIArMRTsLoKa0PqwBtxJHC_cF130x_FcXqRKCXAdy2KatZliJgtqvb0Rwk6b5ckj84hF5fxheplsQY42O8X31PNwphlIjBXw_bdcPB5Uwq1kqQB6agAFszLqVyG0ympptWcA4JbGZ2h_ree5I1jVDOF4IjEhvT8d8JfmCFBkCzsyp710-5tkqpb5IJymXd1b5-CkjMWVap7vWZ1vY0wGfqAib6riibhO0sDwyQouWCciflsW8Xqcrs_Jig84x1OoFQewH-aDVj85lmEe2xu4P6p3cm-HD99WF6u0dIeqCVn6sT3M4zBwfUELaBr56bFJoXK6M4uskV-5_yRzXFKAslGyS2vEeGLKyag_A6BtfdeDTa3QO3F9iWQxBFgzUYNsfrXzxlh833NYc8_cpdTldAzl5CgRxVgw21rND7L_mDxsviFSDDFpz3bCr6Pncemvk38VYU-4HTROExEv1YadkUriXvpsvCOHjlyFuaMi_a-0RHcgGzndWTmeGYogErUpQrV9NRIbE7kHAKowvM1oGcXw3i_E6MzG09o4Oryc-cKBAzt9kn-aqRTSaRhiMxLMG9KLFNg3-qYzHMnzTtvZojn_YhvbB41oRGkzV-pKBGABpdPtsjQsGJli2p5yH3AnjlYz-5Uru15qkyBK-kYm8CG3k-iyzh5c6gLlh4VC9qToBgPSSLBdiRLnOgx4aWDpjq_YB98NmJxBCyaKLJqfq_u6HkD9xf6hfssSBAXi8luUxrOk_ip6JwBIxBe63hyMAvwvL3P0EHwf8R33eBP_sWlg-tBlCaQWD252qB1YujZVlyMB9Kpo7AA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 16:16:35 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame E7D8 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssNGjjZtl_idj8S1MlDo8A984I715MBVuoF2cahW6zkU9YpqGZ9LP-o010a3gK6t-oak3oEU2QJMq369lq2HRSi-c3NfHRNNDWDi0U7zlt1bHa4M18LP8rk0DbIqUWl9-e8SMBgQik3xAu8Rl5sD693NY6z&sai=AMfl-YQhaYFEe4CM-4ZF_LhOqFPtb5pHej4bT71fQZojvHwxT4Sc_jyfnC8JrClITkmDB2XZhVMPScfh36opBIdAMUmnFVqkKOhzl-prU9A2UDcKAKaf1cx6dPorMSMr43AURYTtIGoRmhb1HiW4R0I0&sig=Cg0ArKJSzJbq7ZYArIKtEAE&cid=CAQSTgAvHhf_wQ1tnkIdcqV20niKk2ZenpkbTyY5Ul6coDZ6WVPQDs6eW3gqNZ6bWhXvtnGcivQiuIhRGPH6H4H97gQK5qkSJ2hqsZfX1RIaxBgB&id=lidar2&mcvt=1000&p=179,1030,429,1330&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240117&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=4175623571&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1705940194129&rpt=241&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 16:16:35 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 3A2F 		640 B
265 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOrkQEQupmXARjPlIz8ATAB&v=APEucNXx0i22ejfWOMZBF5hldoSSbSRmcJkYYn3VBauFyoE8JCKgYGnJOrtKmKaZuUddEKgikfg2nPdwWvXJBgMwKZui-zvQsh__wJFQgi_oKLfEeYADQOX2tFNq8U_Q1mu1o0NmZF69hokqMPGa_LIOmOcScexsSMkxAKEPHx2aYVIbouGYqhMjgfdpSb1FC5W3ixnM0QHr2fwi9BDelpuNPIWSJcZugQ
Requested by
Host: 48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com
URL: https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 22 Jan 2024 16:16:35 GMT
expires
Mon, 22 Jan 2024 16:16:35 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 5422 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: 48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com
URL: https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 16:16:35 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31485
x-xss-protection
0
server
cafe
etag
7119415641918660631
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Mon, 22 Jan 2024 16:16:35 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5422 		42 B
67 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-D-olXdya-Hn9swn-qsI6ewrbmx6ZBazVzE7UEBztfmbvsHNeSdNdzNzHXSfYNvUzIjyfGYt7IwrJoUzSHn6C6Y9MGlSKmw-9V8jtoUFqJY_OVfFaI
Requested by
Host: 48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com
URL: https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 16:16:35 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adj
fw.adsafeprotected.com/rjss/bgd/1474271/76103297/xbbe/creative/ Frame 5422 		278 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fw.adsafeprotected.com/rjss/bgd/1474271/76103297/xbbe/creative/adj?p=APEucNWeGIYUrziJdMiOe2DejPKfxOYFRkfknzdL8iWDZcUCCrzjlRk&d=CokBAKAmf-CveTb4HALS97R_G6Dg4fdl8iowPcxjdD4fy4o-PdUoIDdtRWfNP7utTKzETqYByavJ2XxG7EnLKIywom1VqIC_m8FFxT1umBgdsnn6UkHLRhlYRC_ojqVL8pMhS9KvLJ7S-a7mDgRSuzAxx02V-jIWMan12ug7KxypuReI4NvAf-PXf8ISiRcAoCZ_4Nrloz5rYi7fVq7qZTzxKYic4a0wBFM9IqL0atxqz0_zg8IFDlvMxT2wjMCksPAVLqUdpfZWEO8h1MfnLfjSrd2tsO6C2bQvcDnJr5WcInGmR90YL324gTYwJc7tCCroOdm805nL1zqvXRU_Mp0s-GqvFUMlNSgafb5FRej7SYWQSZLxmGov712KClRKjISTU01zqSYvShL2pRR8fUHY1x0HmBc10jw9nKUULLjUiOmOpnrbDxwXHufd9VIKvdGwO0ib_IJsD_JL9aozJfb-Ti8uC9GeY-QZ8wFPYwBEf784ZruOvuvDHR0wTmauw2xvo_HyReLY0iDEPeHcE57F0kyEU4P43vfkmw4dxb_CbmCa6B09GbOPY00r9c3ArXVwteenXugMiKq5OVo5xM2Bu_LT59LNSgnja0RvnXXHLqBtS5LK7gLNjtQIqz5aNJknyXKvgHYnEF2TLpdFfjuVLjbWBBFfJQaU-PL1Baz4qYaYmKSYicJZCvSyWjEemWKBxOaquub4UnjxUSSHtHhqq7GTYWpzEbg3a23ry1lMYJ42hd122q-MA9_erzH2ufczRRYhM4QAqguQe7uDeCrprDO5U8q_IPuxZlSZFgGPDW8Va4M8TswzMqqGAv9JDhN8h4oNTJoKf3U3-0nk5KUAgvMLipYPXaM7Zj1fVjmBsztH1yH9WzER5n-tSNYIbsKD6fvKhlkqsrjj1oglb_6uGkztmUgNdZmdK-43sP5dfBO31h9nbFbXSjVtta2KH9JPvHsVsp5bO080qj7PRQY7xuZa6FuByO4Ddim5UizqFqsqXwKWITzpWLaUXkxASyKwD7Eo6X_8Bz74JNliWg19EnTJyEcRPsh48SphLYFbLncYUw67Tpl_XTz8unX-IRMvyoset8FZ7p4dPPQCt9x-BzaiYaFFkQM70kS2N68w5uzn0YL5aiP2zOqxRJiEOzmIre1zR3Y5mNwnBCLctgHQzq_xl9P47anAoDHzz8OcFn718_LjVWIH141hP8LOvObrI1-jMsrX6v47tFt6ea_YDYEt02sfKL-vs_3xTqYG1S817CI-oJ-o1c1KvRGLh-4q7uPqjzTqkTH7UB9p-UQ9g4MmvzAKZV4dMwxj22qVmDAnkXp6zsOgL14PsnUXM7v1JhhH578MnpLauLIUHkS_AAXXXNDSA1jsGPNeYrA6AE0JvFASRSWOsLldmSJPDrgpn8sTUJgBesC7hS-xKvNk-RofNkzkCKCrskRnN6DyEPdxE8bDhXqgnerh18hOpvfq3lhBxU6t0qiUEUl051Bxbh-cHAwiDiAXBohjlJSczxLo3vdoI_iDmIojaAAKiGfRul1D7kOHOQkEobMiouF-VvQEo3ziHjsP4qI7NVU64xE1IPhX7fgPEbdY4rF7EgvFhhm6grdczUegrkwGqoGw0RLgm2uHCYcdgzTpgYRTnS2gU8qm_G3W5Ddf1LgTzKZbpXEoWk4Ofub0xRB-NqciAPU73OqFvEjhpxUdEGwSyWVPNu1sQxFF3rYfLyq6_Kr9Cf964153m5TSNaSLEnE8bAeOjVfJIXQBkQwg59er0-p5UYfuprBgEPviPBZwGNCao34PNfO0Jv9LntWsStQYTaIyZNKd6SyJe8z1y1RbWibxqCgrWFXiSAG9i0vaqQ_Tfwp33UP5l2y3rsfKWbsKasNPLhxc5BSV2pt-DIqC0VifhztMntqbz9NVnZGa5NJmNpkXh3yrNwgqUM_zmdcX21LLeM-HkGfQJ9wgJV1C39NNRosaVf68w9-5VfriOPw8gAUMcm-rd4_TbveXght8ky-Kc75RcAv-hQ-ZtLJ0MxMLqBzPuH0uMYEsDVCoU7hmrr4LMEAF4XxW4fZuLjY6KSPLrJTbBABg4JHQHW-s7J7jZ6wVZV7yVyLCCx1rKXKhL2weLkkm3M5-GjqPztKQaAxjF_bRmNiqrMaej5D_GEXkbvY7Qyd6flDaMLI5NxPDGIlFXIJMsTZ7UYbt00HHWYJwKCzd5BSwmVAWoKdLiOHoHqRkkHD6ZwhOjeKfDzlLxwZg-givGrYw9e7xYTLaqiGvatjGs-8hQGOuRNm7eIef7sYTZS5D7W7INW7yGFOgz1e2egWGNIYCYaahixVSeiiX1-bRrVn6gJijSr9Sz67AuhKaiATSQzPHFMe_8wibkkjZ4eEIWW_5WM7NTq4U8wxARZKOuieOczWTiOl_9DT38ItOX5uMDh54u8HstUkd7U6ygjGXiMEBxoAtbfUn8vbGQZfLlVd2bhwu0Kgdb5uv6Jnu_Z5e0FPT8y7xktg3SOtrTPd2Nm2t5QfR47x0L8wx0uyUybfJpwVLimLqWavdPWLgdcjV1iH-GvD5GfU7ULxcnX2HuNa8qohjK7aLXBOhIFpskZACF19nr3fvKW-qR8gxMxRa2VQdMTaIdzjCg8fIod2vG96U4YMEXEZYVeCz0tiKl7N2I1LcewYgOn8RHB7SudbhEOeShKUec7sRQOEbWk66MMdWNQfDnaWU6eupESj8Dy4GI-VmDmpTDXFDoZFFJaSk_-_HPhh52vlxE9fJCd-uo_uMokRVt8VWUN73zkQ05E5r140DN5LWMTwPqQpbjXLnruBVFA3DxAq2YkzzPELQ39-bdtjo2tjRh4dnbqNm-OM3BVUzfPD25cIRD6GY-4mgdqY4HhcAO59Mk_ZXH25I_2dF5X9WbFfudmKvPb_alTdQnGTFDPdB7dKXzV5h7ExJ6i3iH7y2dII4n5ytLdDDCzLRQGRTpK_fPsZg5q9xso7VCjoFAQDbxQQCKDOcxI3zoh8TV-yI34y6bGmFCAs6_GLfe8wbck3nuhYFmERAMEKJi7qB5Zsx5OSZhRAWWaJjPsKu8SDP2-muGcZAEjg0g_yS5XsXD39Kif3svOlSTzE2QFRJRsHbh1FBkm1AlaI8hadeTWQTtciJH-ZCf6kjYCfccLJ16m0Pdx8iiNTgp6bV7wROcU6S6tAGCTm1hpSZB4Xo2Wbqs9sVQyl-4BJfETm2BH0Q-on7HW-V9U0BfcnvOMe3mZfInmF7gwcrw8xX3G8gfDbTU1Sa7L3nhZhMPltrm9SsHMa3pf61h-mBFcf-5E9J5dPIAC2_v04_gT12obG2QsvXZpxKBQEHx4djH6-iOxsKwR0RI6JMKEG-MMzrADYz5zjBS3-fDeQCmSIaw__OkHNZ21bvM146ApjHEU78U3lnGTeZ1B1CdD2VIjSflGySfevN5_3d_nQjKEN3y0hB_S35QQHf8VF56urEqf3Ba-L5tfUS6IPvPBZKggFY8ZjOhAmSU5sUsc_Gi682TAMxgVcW64Y_KQDN6Qi5_TbKcchJC4VY-83x0LnA-bTNW2O9HT7aDIGDpv-LD0rxqUuBU9if3qlbXFwfvKRTu7JAe9RjOom15zYPi4pBXSeD0TzECrOzqpAesKJlV-tHJlp1KdDB0tAK0mw8C86desllM660izKlhvdleDfxQjB4pNby8CY9hcRve2W1OFVG32-E9TaSnLpi22_XrlSo2jKa0drqHMA-pdIi-mfHNes-mF8VWC-D7gInAVaVecyYzGZCNQmZZP-WLI_RxGnC51z4VzVoWdBO6oU0XCGRdLQyjZNgu5zTu7kA4A8EngHFLf9Y-YIudnwmVw7gefucIK3EOVf0pGouOcUzelszEPr5zzkJp4zFzAq7Dr91rAQBEx2kmxuab6uF31nn_Sd2bekkcOYSfC6rvBXS8KQnapvlx5zO9svglN4ieJSrgpjYTXlw3359jJgUPbM45TqK9ZztbM82NAejGl1XQz4MmeMK4Fc08ZdnK7xCRY0Dj_jkq5Wf74UvKN7JxP43FZRYjUR4R4FfHP_n1hwepP1wdKNYcmjcfZH_Uaq8K0nTtvGR3-dt3HG1IqKJD7j-itxAP8wmyW62o1tZ72edDU32GlUIBBJPAC8eF_-TgalCXVFDcN7N6VZtOFNzDMPvJ7f8XvFgs25H4BT-k0XwfrF9z9HnsJxGo-E9mYY5i9gbiUeXi6RS832Sf0V1gsxQKsHuOKdatRgBYAE&bundleId=&ias_dspID=3&ias_campId=1012200182&ias_pubId=pub-8170966538152543&ias_chanId=1&ias_placementId=20123185343&bidurl=https://colunadofla.com/&ias_dealId=&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0gp_7qIEEu_j0mI7XzmWMmQ
Requested by
Host: 48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com
URL: https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.73.100.143 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-73-100-143.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
91cb02bfb33928a99d6c3457c7fa8df349a398fddbc9d1f0b8b16213964ec014

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 16:16:35 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
fw.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame 5422 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/window_focus_fy2021.js
Requested by
Host: 48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com
URL: https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 09:41:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
23710
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 05 Feb 2024 09:41:25 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame 5422 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com
URL: https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 18:29:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
78438
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8492
x-xss-protection
0
server
cafe
etag
9878124937798820110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 04 Feb 2024 18:29:17 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 5422 		206 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: 48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com
URL: https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 16:16:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66453
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1705495733332172"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 22 Jan 2024 16:16:35 GMT
sd
us-u.openx.net/w/1.0/ Frame 3A2F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECqC4sGok-8c3ONfxFpLRHI&google_cver=1
43 B
105 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECqC4sGok-8c3ONfxFpLRHI&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOrkQEQupmXARjPlIz8ATAB&v=APEucNXx0i22ejfWOMZBF5hldoSSbSRmcJkYYn3VBauFyoE8JCKgYGnJOrtKmKaZuUddEKgikfg2nPdwWvXJBgMwKZui-zvQsh__wJFQgi_oKLfEeYADQOX2tFNq8U_Q1mu1o0NmZF69hokqMPGa_LIOmOcScexsSMkxAKEPHx2aYVIbouGYqhMjgfdpSb1FC5W3ixnM0QHr2fwi9BDelpuNPIWSJcZugQ
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 16:16:35 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 22 Jan 2024 16:16:35 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECqC4sGok-8c3ONfxFpLRHI&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cm
us-u.openx.net/w/1.0/ Frame 3A2F 		43 B
295 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOrkQEQupmXARjPlIz8ATAB&v=APEucNXx0i22ejfWOMZBF5hldoSSbSRmcJkYYn3VBauFyoE8JCKgYGnJOrtKmKaZuUddEKgikfg2nPdwWvXJBgMwKZui-zvQsh__wJFQgi_oKLfEeYADQOX2tFNq8U_Q1mu1o0NmZF69hokqMPGa_LIOmOcScexsSMkxAKEPHx2aYVIbouGYqhMjgfdpSb1FC5W3ixnM0QHr2fwi9BDelpuNPIWSJcZugQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 16:16:35 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
um
sync.teads.tv/ Frame 3A2F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESEOyEfaKH1WAzjE5uXpLbAPc&google_cver=1
23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESEOyEfaKH1WAzjE5uXpLbAPc&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOrkQEQupmXARjPlIz8ATAB&v=APEucNXx0i22ejfWOMZBF5hldoSSbSRmcJkYYn3VBauFyoE8JCKgYGnJOrtKmKaZuUddEKgikfg2nPdwWvXJBgMwKZui-zvQsh__wJFQgi_oKLfEeYADQOX2tFNq8U_Q1mu1o0NmZF69hokqMPGa_LIOmOcScexsSMkxAKEPHx2aYVIbouGYqhMjgfdpSb1FC5W3ixnM0QHr2fwi9BDelpuNPIWSJcZugQ
Protocol
H2
Server
2.16.97.41 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-16-97-41.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Mon, 22 Jan 2024 16:16:35 GMT
pragma
no-cache
date
Mon, 22 Jan 2024 16:16:35 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 22 Jan 2024 16:16:35 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um?eid=3&uid=CAESEOyEfaKH1WAzjE5uXpLbAPc&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
um
sync.teads.tv/ Frame 3A2F 		23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOrkQEQupmXARjPlIz8ATAB&v=APEucNXx0i22ejfWOMZBF5hldoSSbSRmcJkYYn3VBauFyoE8JCKgYGnJOrtKmKaZuUddEKgikfg2nPdwWvXJBgMwKZui-zvQsh__wJFQgi_oKLfEeYADQOX2tFNq8U_Q1mu1o0NmZF69hokqMPGa_LIOmOcScexsSMkxAKEPHx2aYVIbouGYqhMjgfdpSb1FC5W3ixnM0QHr2fwi9BDelpuNPIWSJcZugQ
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.97.41 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-16-97-41.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Mon, 22 Jan 2024 16:16:35 GMT
pragma
no-cache
date
Mon, 22 Jan 2024 16:16:35 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5422 		0
24 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=6779239937536&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 16:16:35 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5422 		0
24 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=6779239937536&version=m202309260101&ct=76&x=1&cor=6785805083957074000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 16:16:35 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 5422 		16 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AjDy9beIw4GlS0IbLvSfj6EYk06d5RT4GSv62n9Tr0d_OeZa-TBdRS1y-SKfKCCFBruezxsFwYGQJvmR6tlPcBQjknVtd72VLVnXIISQwIdJhY2jPJgy3XEFkAW5LeH0QL3UZjo7hJIbLoOeZliuwzIGfnPGhZCrZp2p6xqlqCMNDzj7k&cry=1&dbm_d=AKAmf-Ac8quSLdXlEK27pUUCSNjaBLUqZgT6IT4d1lbNcGyPBJRVZLD0ibKfmALIE5dVwgGd0XJuxFSkKTTGAvkCU80_Azz3nTAgeEday5wAloZXJvB5wQshsJ86ILNwVA2PmPDaKozr1SMAzTgZqMK96DesoWz2mGiEgd9U6Y2-uMFUjXR9YMnhTMYoXhP5TetCEVDCHffPjHt0y7lx2NXicJFV1e7HrJ4O76dNA-DVoQfE1Q-Q43RFCOySeg07tsOsv8ernnS1AX7moNNNAudTSPUqsYeGgFBqna8t2e8gDqUarqG61uyrq7dDGUGJTsuEBLMR9QIrlT-lY44TUEx8BzgqB5Kt-c8yjgf6ImXjuIRz9o085kRGvE43Qlwk-tjy56TSzPczEKlWjn_tw-O2Nbc1Txu8C1E8Y9ePpE56g5s8NgptnBeKOWvx9T5PsCjCYToGN-OkFEmrUb6S-XVYa7C7lDy5G2mhFKbPkChV6ieg3owdonSkFWGtNssArhLeuNVQX2ofQU6XVIOUWNjbHlUl8pTMv_UIk3tg9NsJ7bfkRG16aYgH7T9lZfQzTlhiHUwu6bNGBcEDM9B061KBNpxfEAYA_09UtJf1IqjA7mh_A32DdxWcQxbGAHFixuHo_P2tWUd61cdQxlAIrjIzFodiJWmkq_v5hAyC2o_0rz2PRkRx3NSHvVNOqCy0FgfeoWJy9SEEy2NUj6rilx7QVj6Q80NQyrow6eOcaS17_HI1NYFzNRlXaYGQrgmOc-dPau-71djjh1jRAhwu16yYCpElG7_6HRXbbwLKzeKrlXUrtN5X2CaYfBHp_XD_X9qeQeuVhpGQyYOowSgpbM9Qo151EcGY-tmLfRvMlko3fbqqbTLifcadK1lryphY6IJckeu35vJe_WLg3LlnIm-e7pPey_pj_4xTJ2q01KovgdBJBJkO49cxZ8XDZyEmKXGVyGHhqlwkqoxfZYmbqXyz8zGAt46ZHhVmfWHhhP3g_M50R5c_wzLxmxJtXb0TcUjnVeu8dM-3XYeU_QFUWJI7bO3PKdHqTi1xxQCkHsF5Um3XsKdyAsJmp-EP-rGOyRWMSwWWsci19cpIMI4kNgLC-Q1XrNPCeBWGLXBXnAEiyeL8O54EChwJfu8FQEtJB5z-BX9wf65YB30Uat7UifAsgjlzBqAGtVR5AEC6g1g_0RQF9lYJt5VsSL6YSXJMaif0UPEBPnJr-syfjeMh25SHwQrYYMGgeGcJmkBnpYaVf6DiZKqsLuQZc3WV0ud38qIlSPmjDtdRZP4bjO7egPkIzsaeZWZn5x6XcYJ5cgjOBiePdjA7HHzdoni9kEHUGKj_BK3M8r2xjO1JneawspF2wSFwY13pgnmvNekQK07rZtqoJvS4G72a4S_FzjC_XZrH4itJNevsVlseWd1svli1JAhyu8O9g82s-3Y6tOxNzJLil1_YZlEO43MPhdYMg2xj8HCOw5ZGw___YAaM-VE3vXVKgr6OiESQpt9WS-bba9gCOUwymtMb4uqkJ2Ggb5QMrJNBUWwQzaO_8m1Co9qqH1jlBQ-C6C9ICMlDmnsww2zYu4AsjAmjtKcUPFx0uQxAT7iSArUjprh57c7Z_scNbu6IxeuZVMRUHo9IyxYU8WDoNZFBQ2U3rGHFoiIDpRhLs-uU8pPYdvby9IRB7Ip4INcJeuUrow8-dCu3Ji_in74M_hoz7VDiE92KylUObqtUckurWcmtr048qNGaDLQZfY4j4Uwcwfvdknz8bOKwXG617VKTh1Dh-dz06cPSyobPmNu_RKrAOdV13afBCNuiyWpodOKi8CsppxQdhvMw5pTef9HU8KIkmGKbsHWp3VUX0x2KjzNKOPysOt-5eSyBAZNibrS1JOwzrpG6a5S4266-jccdLM1_ptjXmfy3jBI13t62XKrkq4SmpW-yrtLHglZyKxayNhEOriTnc3eR3caLy7ato1b6ViG5qhbfcqEuPoR5N1UeclibaXDkAW-ez3vL6rzBVkzS3LZx7dS6JysFMCiYurlJHRpAnjgT8D3mDilIBdY6asbnGtnm5t8tC03wOc-urCtryERT_q_FK-dOL6svX3Isp4joUqbKlzzldcdm0g3ZZyKovyK4FalYUGywrwqbZUFhBFRQbEj9zukQ_s2KC4sBRoPTzDQGegIDsAGyIyiFAdbaB9byiwovo0ygPR0Q_-_v45h6KjFwbegVFkx3VK1n-TW-BvQtTENhZy2fw_0yA6ZqfPmd_gKiAW7mv2dRs4UBQoUyTxh2ejhKbYG7iXS3lddc9jRg4XPYTcXbsf9C9jSxj1n68d0gydAeWbMLo-nWKLCwYIKq5rdFFDDTt9Pi_yGKEeLyLMc0I0SvJwAIltg5DL4E2dOTg8HktElWpIWCybM0h3JXc_TazgDixl1XZTtZRB3RlpTb_7DkPmjJ3fNqGjov-4MRprralUkR7ZqBvU2hMqT_JGuKZkjmm1NR3YcWvJTF2yuprYUyRwzzhe3pRTK7eLuJlCXYiXZ4TwALO_iTEK4k1WzyqVzjtVm0BWktY0p_UyVjhdwJOjmvx49etcfJqBLo9zgcFt6-6SO5ME5Dw3gdfwS4_cvogLrVVENz4p9KIOWZtDDSQibmKCxY3ImHTRjBtpilM90zKHT619ZKp41P3qB5BOxFetB9MoJ5OPEuqh61TrQzImuCybkJNMyGeEeE1KZiAkBTox46E_fIIE9aUe0Y1BjO7lB_x1_GAltGW4h9EfNAx6HKYVl09ridS7QY4-H5t0UP73V0Hkhs1lEuqCIYZWJr2wtOosW-ytG2Auj9VeM2mut-TopQf8Vgu97BRG3NvtDpGBoRlmmv6_swwmQWPLMo3dugpnea-Qk63Hhv79BkQ0xyDqBkJKMiOPYiVugaEkFygHhZZx5jCdOCGTFG1qmFTCWu7GUUHLLUmCiPb8DmWRrMAeUBduLza4L0Dn5vbbDnXfbWP8-pwtjZt5qqXkyA_WWCzCSUhWz5ZJovWTEqmgxeykQTo2_2n3bucYfOD6nAQOJEXHmNtbBuDzQg3WI7dQBfqZ5q3a8gwYe9ZREAHcZoxC2yTlmZN5SUc3gy4gvAAIkfsKznrTvM9m_-l3pWYQhkxq08kJkxyxZOoG96JCQyWbRC0pWXYYVsAQOC5pD7Dis_L7EgYXxnYybqKAjpfKu3JBrS90JiAXFkPxGnbBDQGs2PksfzFnvDT6Yn39SKJP6S2pmxXUfx0ebLDJkngIGBM2VCoBM80Z2W2ofwwfMN8Drl-g5r2F6THXB-UvWrfw&cid=CAQSTwAvHhf_k4GpQl1RQ3DezelWbThTcwzD7ye3_F7xYLNuR-AU_pNF8H6xfc_R57CcRqPhPZmGOYvYG4lHl4ukUvN9kn9FdYLMUCrB7jinWrUYAQ&dv3_ver=m202309260101&rfl=https%3A%2F%2Fcolunadofla.com%2F&ds=l&xdt=1&iif=1&cor=6785805083957074000&adk=4188270524&idt=133&cac=0&dtd=11
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6dc6adc5cdfc68bdbd329f401683fd3a50cf03f5c3eb35d20eb3cadeda248b76
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 16:16:35 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12398
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 5422 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AjDy9beIw4GlS0IbLvSfj6EYk06d5RT4GSv62n9Tr0d_OeZa-TBdRS1y-SKfKCCFBruezxsFwYGQJvmR6tlPcBQjknVtd72VLVnXIISQwIdJhY2jPJgy3XEFkAW5LeH0QL3UZjo7hJIbLoOeZliuwzIGfnPGhZCrZp2p6xqlqCMNDzj7k&cry=1&dbm_d=AKAmf-Ac8quSLdXlEK27pUUCSNjaBLUqZgT6IT4d1lbNcGyPBJRVZLD0ibKfmALIE5dVwgGd0XJuxFSkKTTGAvkCU80_Azz3nTAgeEday5wAloZXJvB5wQshsJ86ILNwVA2PmPDaKozr1SMAzTgZqMK96DesoWz2mGiEgd9U6Y2-uMFUjXR9YMnhTMYoXhP5TetCEVDCHffPjHt0y7lx2NXicJFV1e7HrJ4O76dNA-DVoQfE1Q-Q43RFCOySeg07tsOsv8ernnS1AX7moNNNAudTSPUqsYeGgFBqna8t2e8gDqUarqG61uyrq7dDGUGJTsuEBLMR9QIrlT-lY44TUEx8BzgqB5Kt-c8yjgf6ImXjuIRz9o085kRGvE43Qlwk-tjy56TSzPczEKlWjn_tw-O2Nbc1Txu8C1E8Y9ePpE56g5s8NgptnBeKOWvx9T5PsCjCYToGN-OkFEmrUb6S-XVYa7C7lDy5G2mhFKbPkChV6ieg3owdonSkFWGtNssArhLeuNVQX2ofQU6XVIOUWNjbHlUl8pTMv_UIk3tg9NsJ7bfkRG16aYgH7T9lZfQzTlhiHUwu6bNGBcEDM9B061KBNpxfEAYA_09UtJf1IqjA7mh_A32DdxWcQxbGAHFixuHo_P2tWUd61cdQxlAIrjIzFodiJWmkq_v5hAyC2o_0rz2PRkRx3NSHvVNOqCy0FgfeoWJy9SEEy2NUj6rilx7QVj6Q80NQyrow6eOcaS17_HI1NYFzNRlXaYGQrgmOc-dPau-71djjh1jRAhwu16yYCpElG7_6HRXbbwLKzeKrlXUrtN5X2CaYfBHp_XD_X9qeQeuVhpGQyYOowSgpbM9Qo151EcGY-tmLfRvMlko3fbqqbTLifcadK1lryphY6IJckeu35vJe_WLg3LlnIm-e7pPey_pj_4xTJ2q01KovgdBJBJkO49cxZ8XDZyEmKXGVyGHhqlwkqoxfZYmbqXyz8zGAt46ZHhVmfWHhhP3g_M50R5c_wzLxmxJtXb0TcUjnVeu8dM-3XYeU_QFUWJI7bO3PKdHqTi1xxQCkHsF5Um3XsKdyAsJmp-EP-rGOyRWMSwWWsci19cpIMI4kNgLC-Q1XrNPCeBWGLXBXnAEiyeL8O54EChwJfu8FQEtJB5z-BX9wf65YB30Uat7UifAsgjlzBqAGtVR5AEC6g1g_0RQF9lYJt5VsSL6YSXJMaif0UPEBPnJr-syfjeMh25SHwQrYYMGgeGcJmkBnpYaVf6DiZKqsLuQZc3WV0ud38qIlSPmjDtdRZP4bjO7egPkIzsaeZWZn5x6XcYJ5cgjOBiePdjA7HHzdoni9kEHUGKj_BK3M8r2xjO1JneawspF2wSFwY13pgnmvNekQK07rZtqoJvS4G72a4S_FzjC_XZrH4itJNevsVlseWd1svli1JAhyu8O9g82s-3Y6tOxNzJLil1_YZlEO43MPhdYMg2xj8HCOw5ZGw___YAaM-VE3vXVKgr6OiESQpt9WS-bba9gCOUwymtMb4uqkJ2Ggb5QMrJNBUWwQzaO_8m1Co9qqH1jlBQ-C6C9ICMlDmnsww2zYu4AsjAmjtKcUPFx0uQxAT7iSArUjprh57c7Z_scNbu6IxeuZVMRUHo9IyxYU8WDoNZFBQ2U3rGHFoiIDpRhLs-uU8pPYdvby9IRB7Ip4INcJeuUrow8-dCu3Ji_in74M_hoz7VDiE92KylUObqtUckurWcmtr048qNGaDLQZfY4j4Uwcwfvdknz8bOKwXG617VKTh1Dh-dz06cPSyobPmNu_RKrAOdV13afBCNuiyWpodOKi8CsppxQdhvMw5pTef9HU8KIkmGKbsHWp3VUX0x2KjzNKOPysOt-5eSyBAZNibrS1JOwzrpG6a5S4266-jccdLM1_ptjXmfy3jBI13t62XKrkq4SmpW-yrtLHglZyKxayNhEOriTnc3eR3caLy7ato1b6ViG5qhbfcqEuPoR5N1UeclibaXDkAW-ez3vL6rzBVkzS3LZx7dS6JysFMCiYurlJHRpAnjgT8D3mDilIBdY6asbnGtnm5t8tC03wOc-urCtryERT_q_FK-dOL6svX3Isp4joUqbKlzzldcdm0g3ZZyKovyK4FalYUGywrwqbZUFhBFRQbEj9zukQ_s2KC4sBRoPTzDQGegIDsAGyIyiFAdbaB9byiwovo0ygPR0Q_-_v45h6KjFwbegVFkx3VK1n-TW-BvQtTENhZy2fw_0yA6ZqfPmd_gKiAW7mv2dRs4UBQoUyTxh2ejhKbYG7iXS3lddc9jRg4XPYTcXbsf9C9jSxj1n68d0gydAeWbMLo-nWKLCwYIKq5rdFFDDTt9Pi_yGKEeLyLMc0I0SvJwAIltg5DL4E2dOTg8HktElWpIWCybM0h3JXc_TazgDixl1XZTtZRB3RlpTb_7DkPmjJ3fNqGjov-4MRprralUkR7ZqBvU2hMqT_JGuKZkjmm1NR3YcWvJTF2yuprYUyRwzzhe3pRTK7eLuJlCXYiXZ4TwALO_iTEK4k1WzyqVzjtVm0BWktY0p_UyVjhdwJOjmvx49etcfJqBLo9zgcFt6-6SO5ME5Dw3gdfwS4_cvogLrVVENz4p9KIOWZtDDSQibmKCxY3ImHTRjBtpilM90zKHT619ZKp41P3qB5BOxFetB9MoJ5OPEuqh61TrQzImuCybkJNMyGeEeE1KZiAkBTox46E_fIIE9aUe0Y1BjO7lB_x1_GAltGW4h9EfNAx6HKYVl09ridS7QY4-H5t0UP73V0Hkhs1lEuqCIYZWJr2wtOosW-ytG2Auj9VeM2mut-TopQf8Vgu97BRG3NvtDpGBoRlmmv6_swwmQWPLMo3dugpnea-Qk63Hhv79BkQ0xyDqBkJKMiOPYiVugaEkFygHhZZx5jCdOCGTFG1qmFTCWu7GUUHLLUmCiPb8DmWRrMAeUBduLza4L0Dn5vbbDnXfbWP8-pwtjZt5qqXkyA_WWCzCSUhWz5ZJovWTEqmgxeykQTo2_2n3bucYfOD6nAQOJEXHmNtbBuDzQg3WI7dQBfqZ5q3a8gwYe9ZREAHcZoxC2yTlmZN5SUc3gy4gvAAIkfsKznrTvM9m_-l3pWYQhkxq08kJkxyxZOoG96JCQyWbRC0pWXYYVsAQOC5pD7Dis_L7EgYXxnYybqKAjpfKu3JBrS90JiAXFkPxGnbBDQGs2PksfzFnvDT6Yn39SKJP6S2pmxXUfx0ebLDJkngIGBM2VCoBM80Z2W2ofwwfMN8Drl-g5r2F6THXB-UvWrfw&cid=CAQSTwAvHhf_k4GpQl1RQ3DezelWbThTcwzD7ye3_F7xYLNuR-AU_pNF8H6xfc_R57CcRqPhPZmGOYvYG4lHl4ukUvN9kn9FdYLMUCrB7jinWrUYAQ&dv3_ver=m202309260101&rfl=https%3A%2F%2Fcolunadofla.com%2F&ds=l&xdt=1&iif=1&cor=6785805083957074000&adk=4188270524&idt=133&cac=0&dtd=11
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 17:14:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
428507
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 16 Jan 2025 17:14:48 GMT
adj
bid.g.doubleclick.net/xbbe/creative/ Frame 5422
Redirect Chain
  • https://fw.adsafeprotected.com/rfw/bgd/1474271/76103297/xbbe/creative/adj?p=APEucNWeGIYUrziJdMiOe2DejPKfxOYFRkfknzdL8iWDZcUCCrzjlRk&d=CokBAKAmf-CveTb4HALS97R_G6Dg4fdl8iowPcxjdD4fy4o-PdUoIDdtRWfNP7u...
  • https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNWeGIYUrziJdMiOe2DejPKfxOYFRkfknzdL8iWDZcUCCrzjlRk&d=CokBAKAmf-CveTb4HALS97R_G6Dg4fdl8iowPcxjdD4fy4o-PdUoIDdtRWfNP7utTKzETqYByavJ2XxG7EnLKIywo...
74 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNWeGIYUrziJdMiOe2DejPKfxOYFRkfknzdL8iWDZcUCCrzjlRk&d=CokBAKAmf-CveTb4HALS97R_G6Dg4fdl8iowPcxjdD4fy4o-PdUoIDdtRWfNP7utTKzETqYByavJ2XxG7EnLKIywom1VqIC_m8FFxT1umBgdsnn6UkHLRhlYRC_ojqVL8pMhS9KvLJ7S-a7mDgRSuzAxx02V-jIWMan12ug7KxypuReI4NvAf-PXf8ISiRcAoCZ_4Nrloz5rYi7fVq7qZTzxKYic4a0wBFM9IqL0atxqz0_zg8IFDlvMxT2wjMCksPAVLqUdpfZWEO8h1MfnLfjSrd2tsO6C2bQvcDnJr5WcInGmR90YL324gTYwJc7tCCroOdm805nL1zqvXRU_Mp0s-GqvFUMlNSgafb5FRej7SYWQSZLxmGov712KClRKjISTU01zqSYvShL2pRR8fUHY1x0HmBc10jw9nKUULLjUiOmOpnrbDxwXHufd9VIKvdGwO0ib_IJsD_JL9aozJfb-Ti8uC9GeY-QZ8wFPYwBEf784ZruOvuvDHR0wTmauw2xvo_HyReLY0iDEPeHcE57F0kyEU4P43vfkmw4dxb_CbmCa6B09GbOPY00r9c3ArXVwteenXugMiKq5OVo5xM2Bu_LT59LNSgnja0RvnXXHLqBtS5LK7gLNjtQIqz5aNJknyXKvgHYnEF2TLpdFfjuVLjbWBBFfJQaU-PL1Baz4qYaYmKSYicJZCvSyWjEemWKBxOaquub4UnjxUSSHtHhqq7GTYWpzEbg3a23ry1lMYJ42hd122q-MA9_erzH2ufczRRYhM4QAqguQe7uDeCrprDO5U8q_IPuxZlSZFgGPDW8Va4M8TswzMqqGAv9JDhN8h4oNTJoKf3U3-0nk5KUAgvMLipYPXaM7Zj1fVjmBsztH1yH9WzER5n-tSNYIbsKD6fvKhlkqsrjj1oglb_6uGkztmUgNdZmdK-43sP5dfBO31h9nbFbXSjVtta2KH9JPvHsVsp5bO080qj7PRQY7xuZa6FuByO4Ddim5UizqFqsqXwKWITzpWLaUXkxASyKwD7Eo6X_8Bz74JNliWg19EnTJyEcRPsh48SphLYFbLncYUw67Tpl_XTz8unX-IRMvyoset8FZ7p4dPPQCt9x-BzaiYaFFkQM70kS2N68w5uzn0YL5aiP2zOqxRJiEOzmIre1zR3Y5mNwnBCLctgHQzq_xl9P47anAoDHzz8OcFn718_LjVWIH141hP8LOvObrI1-jMsrX6v47tFt6ea_YDYEt02sfKL-vs_3xTqYG1S817CI-oJ-o1c1KvRGLh-4q7uPqjzTqkTH7UB9p-UQ9g4MmvzAKZV4dMwxj22qVmDAnkXp6zsOgL14PsnUXM7v1JhhH578MnpLauLIUHkS_AAXXXNDSA1jsGPNeYrA6AE0JvFASRSWOsLldmSJPDrgpn8sTUJgBesC7hS-xKvNk-RofNkzkCKCrskRnN6DyEPdxE8bDhXqgnerh18hOpvfq3lhBxU6t0qiUEUl051Bxbh-cHAwiDiAXBohjlJSczxLo3vdoI_iDmIojaAAKiGfRul1D7kOHOQkEobMiouF-VvQEo3ziHjsP4qI7NVU64xE1IPhX7fgPEbdY4rF7EgvFhhm6grdczUegrkwGqoGw0RLgm2uHCYcdgzTpgYRTnS2gU8qm_G3W5Ddf1LgTzKZbpXEoWk4Ofub0xRB-NqciAPU73OqFvEjhpxUdEGwSyWVPNu1sQxFF3rYfLyq6_Kr9Cf964153m5TSNaSLEnE8bAeOjVfJIXQBkQwg59er0-p5UYfuprBgEPviPBZwGNCao34PNfO0Jv9LntWsStQYTaIyZNKd6SyJe8z1y1RbWibxqCgrWFXiSAG9i0vaqQ_Tfwp33UP5l2y3rsfKWbsKasNPLhxc5BSV2pt-DIqC0VifhztMntqbz9NVnZGa5NJmNpkXh3yrNwgqUM_zmdcX21LLeM-HkGfQJ9wgJV1C39NNRosaVf68w9-5VfriOPw8gAUMcm-rd4_TbveXght8ky-Kc75RcAv-hQ-ZtLJ0MxMLqBzPuH0uMYEsDVCoU7hmrr4LMEAF4XxW4fZuLjY6KSPLrJTbBABg4JHQHW-s7J7jZ6wVZV7yVyLCCx1rKXKhL2weLkkm3M5-GjqPztKQaAxjF_bRmNiqrMaej5D_GEXkbvY7Qyd6flDaMLI5NxPDGIlFXIJMsTZ7UYbt00HHWYJwKCzd5BSwmVAWoKdLiOHoHqRkkHD6ZwhOjeKfDzlLxwZg-givGrYw9e7xYTLaqiGvatjGs-8hQGOuRNm7eIef7sYTZS5D7W7INW7yGFOgz1e2egWGNIYCYaahixVSeiiX1-bRrVn6gJijSr9Sz67AuhKaiATSQzPHFMe_8wibkkjZ4eEIWW_5WM7NTq4U8wxARZKOuieOczWTiOl_9DT38ItOX5uMDh54u8HstUkd7U6ygjGXiMEBxoAtbfUn8vbGQZfLlVd2bhwu0Kgdb5uv6Jnu_Z5e0FPT8y7xktg3SOtrTPd2Nm2t5QfR47x0L8wx0uyUybfJpwVLimLqWavdPWLgdcjV1iH-GvD5GfU7ULxcnX2HuNa8qohjK7aLXBOhIFpskZACF19nr3fvKW-qR8gxMxRa2VQdMTaIdzjCg8fIod2vG96U4YMEXEZYVeCz0tiKl7N2I1LcewYgOn8RHB7SudbhEOeShKUec7sRQOEbWk66MMdWNQfDnaWU6eupESj8Dy4GI-VmDmpTDXFDoZFFJaSk_-_HPhh52vlxE9fJCd-uo_uMokRVt8VWUN73zkQ05E5r140DN5LWMTwPqQpbjXLnruBVFA3DxAq2YkzzPELQ39-bdtjo2tjRh4dnbqNm-OM3BVUzfPD25cIRD6GY-4mgdqY4HhcAO59Mk_ZXH25I_2dF5X9WbFfudmKvPb_alTdQnGTFDPdB7dKXzV5h7ExJ6i3iH7y2dII4n5ytLdDDCzLRQGRTpK_fPsZg5q9xso7VCjoFAQDbxQQCKDOcxI3zoh8TV-yI34y6bGmFCAs6_GLfe8wbck3nuhYFmERAMEKJi7qB5Zsx5OSZhRAWWaJjPsKu8SDP2-muGcZAEjg0g_yS5XsXD39Kif3svOlSTzE2QFRJRsHbh1FBkm1AlaI8hadeTWQTtciJH-ZCf6kjYCfccLJ16m0Pdx8iiNTgp6bV7wROcU6S6tAGCTm1hpSZB4Xo2Wbqs9sVQyl-4BJfETm2BH0Q-on7HW-V9U0BfcnvOMe3mZfInmF7gwcrw8xX3G8gfDbTU1Sa7L3nhZhMPltrm9SsHMa3pf61h-mBFcf-5E9J5dPIAC2_v04_gT12obG2QsvXZpxKBQEHx4djH6-iOxsKwR0RI6JMKEG-MMzrADYz5zjBS3-fDeQCmSIaw__OkHNZ21bvM146ApjHEU78U3lnGTeZ1B1CdD2VIjSflGySfevN5_3d_nQjKEN3y0hB_S35QQHf8VF56urEqf3Ba-L5tfUS6IPvPBZKggFY8ZjOhAmSU5sUsc_Gi682TAMxgVcW64Y_KQDN6Qi5_TbKcchJC4VY-83x0LnA-bTNW2O9HT7aDIGDpv-LD0rxqUuBU9if3qlbXFwfvKRTu7JAe9RjOom15zYPi4pBXSeD0TzECrOzqpAesKJlV-tHJlp1KdDB0tAK0mw8C86desllM660izKlhvdleDfxQjB4pNby8CY9hcRve2W1OFVG32-E9TaSnLpi22_XrlSo2jKa0drqHMA-pdIi-mfHNes-mF8VWC-D7gInAVaVecyYzGZCNQmZZP-WLI_RxGnC51z4VzVoWdBO6oU0XCGRdLQyjZNgu5zTu7kA4A8EngHFLf9Y-YIudnwmVw7gefucIK3EOVf0pGouOcUzelszEPr5zzkJp4zFzAq7Dr91rAQBEx2kmxuab6uF31nn_Sd2bekkcOYSfC6rvBXS8KQnapvlx5zO9svglN4ieJSrgpjYTXlw3359jJgUPbM45TqK9ZztbM82NAejGl1XQz4MmeMK4Fc08ZdnK7xCRY0Dj_jkq5Wf74UvKN7JxP43FZRYjUR4R4FfHP_n1hwepP1wdKNYcmjcfZH_Uaq8K0nTtvGR3-dt3HG1IqKJD7j-itxAP8wmyW62o1tZ72edDU32GlUIBBJPAC8eF_-TgalCXVFDcN7N6VZtOFNzDMPvJ7f8XvFgs25H4BT-k0XwfrF9z9HnsJxGo-E9mYY5i9gbiUeXi6RS832Sf0V1gsxQKsHuOKdatRgBYAE&ias_xappb=
Requested by
Host: 48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com
URL: https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
66.102.1.154 Las Vegas, United States, ASN15169 (GOOGLE, US),
Reverse DNS
wb-in-f154.1e100.net
Software
cafe /
Resource Hash
3cc26bbf7beb47b9f7a4b9dc243188c9bbdbe260225b4e31ad6c18dc2c9ce7bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 16:16:35 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
26038
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 22 Jan 2024 16:16:35 GMT
server
nginx
x-server-name
app15.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNWeGIYUrziJdMiOe2DejPKfxOYFRkfknzdL8iWDZcUCCrzjlRk&d=CokBAKAmf-CveTb4HALS97R_G6Dg4fdl8iowPcxjdD4fy4o-PdUoIDdtRWfNP7utTKzETqYByavJ2XxG7EnLKIywom1VqIC_m8FFxT1umBgdsnn6UkHLRhlYRC_ojqVL8pMhS9KvLJ7S-a7mDgRSuzAxx02V-jIWMan12ug7KxypuReI4NvAf-PXf8ISiRcAoCZ_4Nrloz5rYi7fVq7qZTzxKYic4a0wBFM9IqL0atxqz0_zg8IFDlvMxT2wjMCksPAVLqUdpfZWEO8h1MfnLfjSrd2tsO6C2bQvcDnJr5WcInGmR90YL324gTYwJc7tCCroOdm805nL1zqvXRU_Mp0s-GqvFUMlNSgafb5FRej7SYWQSZLxmGov712KClRKjISTU01zqSYvShL2pRR8fUHY1x0HmBc10jw9nKUULLjUiOmOpnrbDxwXHufd9VIKvdGwO0ib_IJsD_JL9aozJfb-Ti8uC9GeY-QZ8wFPYwBEf784ZruOvuvDHR0wTmauw2xvo_HyReLY0iDEPeHcE57F0kyEU4P43vfkmw4dxb_CbmCa6B09GbOPY00r9c3ArXVwteenXugMiKq5OVo5xM2Bu_LT59LNSgnja0RvnXXHLqBtS5LK7gLNjtQIqz5aNJknyXKvgHYnEF2TLpdFfjuVLjbWBBFfJQaU-PL1Baz4qYaYmKSYicJZCvSyWjEemWKBxOaquub4UnjxUSSHtHhqq7GTYWpzEbg3a23ry1lMYJ42hd122q-MA9_erzH2ufczRRYhM4QAqguQe7uDeCrprDO5U8q_IPuxZlSZFgGPDW8Va4M8TswzMqqGAv9JDhN8h4oNTJoKf3U3-0nk5KUAgvMLipYPXaM7Zj1fVjmBsztH1yH9WzER5n-tSNYIbsKD6fvKhlkqsrjj1oglb_6uGkztmUgNdZmdK-43sP5dfBO31h9nbFbXSjVtta2KH9JPvHsVsp5bO080qj7PRQY7xuZa6FuByO4Ddim5UizqFqsqXwKWITzpWLaUXkxASyKwD7Eo6X_8Bz74JNliWg19EnTJyEcRPsh48SphLYFbLncYUw67Tpl_XTz8unX-IRMvyoset8FZ7p4dPPQCt9x-BzaiYaFFkQM70kS2N68w5uzn0YL5aiP2zOqxRJiEOzmIre1zR3Y5mNwnBCLctgHQzq_xl9P47anAoDHzz8OcFn718_LjVWIH141hP8LOvObrI1-jMsrX6v47tFt6ea_YDYEt02sfKL-vs_3xTqYG1S817CI-oJ-o1c1KvRGLh-4q7uPqjzTqkTH7UB9p-UQ9g4MmvzAKZV4dMwxj22qVmDAnkXp6zsOgL14PsnUXM7v1JhhH578MnpLauLIUHkS_AAXXXNDSA1jsGPNeYrA6AE0JvFASRSWOsLldmSJPDrgpn8sTUJgBesC7hS-xKvNk-RofNkzkCKCrskRnN6DyEPdxE8bDhXqgnerh18hOpvfq3lhBxU6t0qiUEUl051Bxbh-cHAwiDiAXBohjlJSczxLo3vdoI_iDmIojaAAKiGfRul1D7kOHOQkEobMiouF-VvQEo3ziHjsP4qI7NVU64xE1IPhX7fgPEbdY4rF7EgvFhhm6grdczUegrkwGqoGw0RLgm2uHCYcdgzTpgYRTnS2gU8qm_G3W5Ddf1LgTzKZbpXEoWk4Ofub0xRB-NqciAPU73OqFvEjhpxUdEGwSyWVPNu1sQxFF3rYfLyq6_Kr9Cf964153m5TSNaSLEnE8bAeOjVfJIXQBkQwg59er0-p5UYfuprBgEPviPBZwGNCao34PNfO0Jv9LntWsStQYTaIyZNKd6SyJe8z1y1RbWibxqCgrWFXiSAG9i0vaqQ_Tfwp33UP5l2y3rsfKWbsKasNPLhxc5BSV2pt-DIqC0VifhztMntqbz9NVnZGa5NJmNpkXh3yrNwgqUM_zmdcX21LLeM-HkGfQJ9wgJV1C39NNRosaVf68w9-5VfriOPw8gAUMcm-rd4_TbveXght8ky-Kc75RcAv-hQ-ZtLJ0MxMLqBzPuH0uMYEsDVCoU7hmrr4LMEAF4XxW4fZuLjY6KSPLrJTbBABg4JHQHW-s7J7jZ6wVZV7yVyLCCx1rKXKhL2weLkkm3M5-GjqPztKQaAxjF_bRmNiqrMaej5D_GEXkbvY7Qyd6flDaMLI5NxPDGIlFXIJMsTZ7UYbt00HHWYJwKCzd5BSwmVAWoKdLiOHoHqRkkHD6ZwhOjeKfDzlLxwZg-givGrYw9e7xYTLaqiGvatjGs-8hQGOuRNm7eIef7sYTZS5D7W7INW7yGFOgz1e2egWGNIYCYaahixVSeiiX1-bRrVn6gJijSr9Sz67AuhKaiATSQzPHFMe_8wibkkjZ4eEIWW_5WM7NTq4U8wxARZKOuieOczWTiOl_9DT38ItOX5uMDh54u8HstUkd7U6ygjGXiMEBxoAtbfUn8vbGQZfLlVd2bhwu0Kgdb5uv6Jnu_Z5e0FPT8y7xktg3SOtrTPd2Nm2t5QfR47x0L8wx0uyUybfJpwVLimLqWavdPWLgdcjV1iH-GvD5GfU7ULxcnX2HuNa8qohjK7aLXBOhIFpskZACF19nr3fvKW-qR8gxMxRa2VQdMTaIdzjCg8fIod2vG96U4YMEXEZYVeCz0tiKl7N2I1LcewYgOn8RHB7SudbhEOeShKUec7sRQOEbWk66MMdWNQfDnaWU6eupESj8Dy4GI-VmDmpTDXFDoZFFJaSk_-_HPhh52vlxE9fJCd-uo_uMokRVt8VWUN73zkQ05E5r140DN5LWMTwPqQpbjXLnruBVFA3DxAq2YkzzPELQ39-bdtjo2tjRh4dnbqNm-OM3BVUzfPD25cIRD6GY-4mgdqY4HhcAO59Mk_ZXH25I_2dF5X9WbFfudmKvPb_alTdQnGTFDPdB7dKXzV5h7ExJ6i3iH7y2dII4n5ytLdDDCzLRQGRTpK_fPsZg5q9xso7VCjoFAQDbxQQCKDOcxI3zoh8TV-yI34y6bGmFCAs6_GLfe8wbck3nuhYFmERAMEKJi7qB5Zsx5OSZhRAWWaJjPsKu8SDP2-muGcZAEjg0g_yS5XsXD39Kif3svOlSTzE2QFRJRsHbh1FBkm1AlaI8hadeTWQTtciJH-ZCf6kjYCfccLJ16m0Pdx8iiNTgp6bV7wROcU6S6tAGCTm1hpSZB4Xo2Wbqs9sVQyl-4BJfETm2BH0Q-on7HW-V9U0BfcnvOMe3mZfInmF7gwcrw8xX3G8gfDbTU1Sa7L3nhZhMPltrm9SsHMa3pf61h-mBFcf-5E9J5dPIAC2_v04_gT12obG2QsvXZpxKBQEHx4djH6-iOxsKwR0RI6JMKEG-MMzrADYz5zjBS3-fDeQCmSIaw__OkHNZ21bvM146ApjHEU78U3lnGTeZ1B1CdD2VIjSflGySfevN5_3d_nQjKEN3y0hB_S35QQHf8VF56urEqf3Ba-L5tfUS6IPvPBZKggFY8ZjOhAmSU5sUsc_Gi682TAMxgVcW64Y_KQDN6Qi5_TbKcchJC4VY-83x0LnA-bTNW2O9HT7aDIGDpv-LD0rxqUuBU9if3qlbXFwfvKRTu7JAe9RjOom15zYPi4pBXSeD0TzECrOzqpAesKJlV-tHJlp1KdDB0tAK0mw8C86desllM660izKlhvdleDfxQjB4pNby8CY9hcRve2W1OFVG32-E9TaSnLpi22_XrlSo2jKa0drqHMA-pdIi-mfHNes-mF8VWC-D7gInAVaVecyYzGZCNQmZZP-WLI_RxGnC51z4VzVoWdBO6oU0XCGRdLQyjZNgu5zTu7kA4A8EngHFLf9Y-YIudnwmVw7gefucIK3EOVf0pGouOcUzelszEPr5zzkJp4zFzAq7Dr91rAQBEx2kmxuab6uF31nn_Sd2bekkcOYSfC6rvBXS8KQnapvlx5zO9svglN4ieJSrgpjYTXlw3359jJgUPbM45TqK9ZztbM82NAejGl1XQz4MmeMK4Fc08ZdnK7xCRY0Dj_jkq5Wf74UvKN7JxP43FZRYjUR4R4FfHP_n1hwepP1wdKNYcmjcfZH_Uaq8K0nTtvGR3-dt3HG1IqKJD7j-itxAP8wmyW62o1tZ72edDU32GlUIBBJPAC8eF_-TgalCXVFDcN7N6VZtOFNzDMPvJ7f8XvFgs25H4BT-k0XwfrF9z9HnsJxGo-E9mYY5i9gbiUeXi6RS832Sf0V1gsxQKsHuOKdatRgBYAE&ias_xappb=
cache-control
no-cache
content-length
0
sca.17.6.2.js
static.adsafeprotected.com/ Frame 1743 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: 48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com
URL: https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2450:e000:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 27 Dec 2023 10:50:17 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding
gzip
via
1.1 9f4aebedb96f04eed26848dbf2d55694.cloudfront.net (CloudFront)
x-amz-cf-pop
CDG50-P4
age
2265979
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
iP3kFlXZhqYGIc54bZQkyYyrJAUtNV06CqBy7TQ8ARaIQ_AXcsb9-A==
dt
dt.adsafeprotected.com/ Frame 5422 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1474271&asId=dcc17185-d318-4fed-4bef-e2516e11c71d&tv=%7Bc:2300fG,pingTime:-3,time:31,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:970,h:90,t:12%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:31,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:12,wc:0.0.1600.1200,ac:NaN.NaN.970.90,am:i,cc:NaN.NaN.970.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B26~0%5D,as:%5B26~970.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u26PcVn+11%7C12%7C13%7C14%7C15%7C16%7C171%7C172%7C173%7C18%7C191%7C192%7C193%7C194%7C1a1%7C1a2%7C1a31%7C1b1%7C1b2%7C1b3%7C1b4%7C1c%7C1d1%7C1d2%7C1e*.1474271-76103297%7C1e1,idMap:1e*,rmeas:1,rend:0,renddet:IMG.us,siq:13%7D&br=c
Requested by
Host: 48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com
URL: https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:7d2:94c5:1ce1:2c8f Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 16:16:35 GMT
server
nginx
x-server-name
dt17.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 5422 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1474271&asId=dcc17185-d318-4fed-4bef-e2516e11c71d&tv=%7Bc:2300fG,pingTime:-6,time:31,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:31,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:12,wc:0.0.1600.1200,ac:NaN.NaN.970.90,am:i,cc:NaN.NaN.970.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B26~0%5D,as:%5B26~970.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u26PcVn+11%7C12%7C13%7C14%7C15%7C16%7C171%7C172%7C173%7C18%7C191%7C192%7C193%7C194%7C1a1%7C1a2%7C1a31%7C1b1%7C1b2%7C1b3%7C1b4%7C1c%7C1d1%7C1d2%7C1e*.1474271-76103297%7C1e1,idMap:1e*,rmeas:1,rend:0,renddet:IMG.us,siq:13%7D&tpiLookup=ao:colunadofla.com*&br=c
Requested by
Host: 48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com
URL: https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:7d2:94c5:1ce1:2c8f Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 16:16:35 GMT
server
nginx
x-server-name
dt08.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 5422 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1474271&asId=dcc17185-d318-4fed-4bef-e2516e11c71d&tv=%7Bc:2300fK,pingTime:-2,time:35,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:330,beZ:331,mfA:333,cmA:334,inA:334,inZ:336,prA:336,prZ:339,si:342,poA:343,poZ:356,cmZ:356,mfZ:356,loA:361,loZ:362,ltA:365,ltZ:365%7D%7D,sca:%7Bdfp:%7Bdf:0%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:970,h:90,t:12%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:35,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:12,wc:0.0.1600.1200,ac:NaN.NaN.970.90,am:i,cc:NaN.NaN.970.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B30~0%5D,as:%5B30~970.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u26PcEG+11%7C12%7C13%7C14%7C15%7C16%7C171%7C172%7C173%7C18%7C191%7C192%7C193%7C194%7C1a.1874223-77019481%7C1a1%7C1a2%7C1a31%7C1b.1350098-69352127%7C1b1%7C1b2%7C1b3%7C1b4%7C1c%7C1d1%7C1d2%7C1e*.1474271-76103297%7C1e1,idMap:1e*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:0,renddet:IMG.us,siq:13,sinceFw:22,readyFired:false%7D&br=c
Requested by
Host: 48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com
URL: https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:7d2:94c5:1ce1:2c8f Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 16:16:35 GMT
server
nginx
x-server-name
dt19.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 96A7 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
428507
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 17 Jan 2024 17:14:48 GMT
expires
Thu, 16 Jan 2025 17:14:48 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
pagead2.googlesyndication.com/bg/ Frame 96A7 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 10:08:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
22083
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15219
x-xss-protection
0
last-modified
Mon, 15 Jan 2024 09:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 21 Jan 2025 10:08:32 GMT
container.html
48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 6F63 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401170101/pubads_impl.js?cb=31080521
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://colunadofla.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 22 Jan 2024 16:16:33 GMT
expires
Tue, 21 Jan 2025 16:16:33 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ca
tt-9964-3.seg.t.tailtarget.com/ 		75 B
112 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tt-9964-3.seg.t.tailtarget.com/ca?tZ=988332654
Requested by
Host: d.tailtarget.com
URL: https://d.tailtarget.com/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
99.185.102.34.bc.googleusercontent.com
Software
nginx/1.17.8 /
Resource Hash
326f8c72e1d162d98847121057bf611395ba0b9e157affe05208c9acfaedac65

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://colunadofla.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 16:16:35 GMT
content-encoding
gzip
via
1.1 google
server
nginx/1.17.8
vary
Accept-Encoding, Accept-Encoding
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
application/javascript
cache-control
no-cache, private, proxy-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
css2
fonts.googleapis.com/ Frame 6F63 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: 48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com
URL: https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 22 Jan 2024 16:16:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 22 Jan 2024 16:11:20 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 22 Jan 2024 16:16:35 GMT
css
fonts.googleapis.com/ Frame BB63 		14 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: colunadofla.com
URL: https://colunadofla.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 22 Jan 2024 16:16:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 22 Jan 2024 15:04:54 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 22 Jan 2024 16:16:35 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame BB63 		2 KB
822 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: colunadofla.com
URL: https://colunadofla.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 18:29:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
78438
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795
x-xss-protection
0
server
cafe
etag
4925184154378345226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 04 Feb 2024 18:29:17 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/ Frame BB63 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/abg_lite_fy2021.js
Requested by
Host: colunadofla.com
URL: https://colunadofla.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 09:41:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
23681
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9276
x-xss-protection
0
server
cafe
etag
3558958386372919956
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 05 Feb 2024 09:41:54 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 8D96 		143 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: colunadofla.com
URL: https://colunadofla.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
2818
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 22 Jan 2024 15:29:37 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame BB63 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/window_focus_fy2021.js
Requested by
Host: colunadofla.com
URL: https://colunadofla.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 09:41:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
23710
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 05 Feb 2024 09:41:25 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame BB63 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: colunadofla.com
URL: https://colunadofla.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 18:29:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
78438
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8492
x-xss-protection
0
server
cafe
etag
9878124937798820110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 04 Feb 2024 18:29:17 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame BB63 		206 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: colunadofla.com
URL: https://colunadofla.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 16:16:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66453
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1705495733332172"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 22 Jan 2024 16:16:35 GMT
4cee352c918c506f58256258d534a665.js
www.gstatic.com/mysidia/ Frame BB63 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/4cee352c918c506f58256258d534a665.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: colunadofla.com
URL: https://colunadofla.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e6b20a1535a6d3ca3d7a611ae199a6f4b464e0b67b450379ed43a7ef3e66957c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 17:10:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
428752
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15452
x-xss-protection
0
last-modified
Sat, 13 Jan 2024 00:04:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Tue, 16 Apr 2024 17:10:43 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/elements/html/ Frame 6F63 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: 48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com
URL: https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7a519c62e734157227e61ce5209158e1b7b484b5f2b68e3ccaed1ffe444de36d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 18:45:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
77464
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9422
x-xss-protection
0
server
cafe
etag
10624764489894593518
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 04 Feb 2024 18:45:31 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 6F63 		205 B
325 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: 48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com
URL: https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 09:40:51 GMT
x-content-type-options
nosniff
age
455744
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
205
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Thu, 16 Jan 2025 09:40:51 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 6F63 		604 B
696 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: 48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com
URL: https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 21:39:38 GMT
x-content-type-options
nosniff
age
326217
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
604
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Fri, 17 Jan 2025 21:39:38 GMT
csi
csi.gstatic.com/ Frame 2A88 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lrp4qv0y&c=7075895314372&slotId=3537947657186&eee=missing-element&bi=missing-id&vast_v=4.0&wta=1&vmfc=1&vhc=0&lima_p_ich=0&lima_p_icu=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.613.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2800:3f0:4004:802::2003 , Argentina, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 16:16:36 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
express_html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame 5422 		111 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Requested by
Host: colunadofla.com
URL: https://colunadofla.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/
Origin
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 21:44:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
66736
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39806
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:44:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 22 Jan 2024 21:44:19 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20240118/r20110914/elements/html/ Frame 5422 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240118/r20110914/elements/html/omrhp.js
Requested by
Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rfw/bgd/1474271/76103297/xbbe/creative/adj?p=APEucNWeGIYUrziJdMiOe2DejPKfxOYFRkfknzdL8iWDZcUCCrzjlRk&d=CokBAKAmf-CveTb4HALS97R_G6Dg4fdl8iowPcxjdD4fy4o-PdUoIDdtRWfNP7utTKzETqYByavJ2XxG7EnLKIywom1VqIC_m8FFxT1umBgdsnn6UkHLRhlYRC_ojqVL8pMhS9KvLJ7S-a7mDgRSuzAxx02V-jIWMan12ug7KxypuReI4NvAf-PXf8ISiRcAoCZ_4Nrloz5rYi7fVq7qZTzxKYic4a0wBFM9IqL0atxqz0_zg8IFDlvMxT2wjMCksPAVLqUdpfZWEO8h1MfnLfjSrd2tsO6C2bQvcDnJr5WcInGmR90YL324gTYwJc7tCCroOdm805nL1zqvXRU_Mp0s-GqvFUMlNSgafb5FRej7SYWQSZLxmGov712KClRKjISTU01zqSYvShL2pRR8fUHY1x0HmBc10jw9nKUULLjUiOmOpnrbDxwXHufd9VIKvdGwO0ib_IJsD_JL9aozJfb-Ti8uC9GeY-QZ8wFPYwBEf784ZruOvuvDHR0wTmauw2xvo_HyReLY0iDEPeHcE57F0kyEU4P43vfkmw4dxb_CbmCa6B09GbOPY00r9c3ArXVwteenXugMiKq5OVo5xM2Bu_LT59LNSgnja0RvnXXHLqBtS5LK7gLNjtQIqz5aNJknyXKvgHYnEF2TLpdFfjuVLjbWBBFfJQaU-PL1Baz4qYaYmKSYicJZCvSyWjEemWKBxOaquub4UnjxUSSHtHhqq7GTYWpzEbg3a23ry1lMYJ42hd122q-MA9_erzH2ufczRRYhM4QAqguQe7uDeCrprDO5U8q_IPuxZlSZFgGPDW8Va4M8TswzMqqGAv9JDhN8h4oNTJoKf3U3-0nk5KUAgvMLipYPXaM7Zj1fVjmBsztH1yH9WzER5n-tSNYIbsKD6fvKhlkqsrjj1oglb_6uGkztmUgNdZmdK-43sP5dfBO31h9nbFbXSjVtta2KH9JPvHsVsp5bO080qj7PRQY7xuZa6FuByO4Ddim5UizqFqsqXwKWITzpWLaUXkxASyKwD7Eo6X_8Bz74JNliWg19EnTJyEcRPsh48SphLYFbLncYUw67Tpl_XTz8unX-IRMvyoset8FZ7p4dPPQCt9x-BzaiYaFFkQM70kS2N68w5uzn0YL5aiP2zOqxRJiEOzmIre1zR3Y5mNwnBCLctgHQzq_xl9P47anAoDHzz8OcFn718_LjVWIH141hP8LOvObrI1-jMsrX6v47tFt6ea_YDYEt02sfKL-vs_3xTqYG1S817CI-oJ-o1c1KvRGLh-4q7uPqjzTqkTH7UB9p-UQ9g4MmvzAKZV4dMwxj22qVmDAnkXp6zsOgL14PsnUXM7v1JhhH578MnpLauLIUHkS_AAXXXNDSA1jsGPNeYrA6AE0JvFASRSWOsLldmSJPDrgpn8sTUJgBesC7hS-xKvNk-RofNkzkCKCrskRnN6DyEPdxE8bDhXqgnerh18hOpvfq3lhBxU6t0qiUEUl051Bxbh-cHAwiDiAXBohjlJSczxLo3vdoI_iDmIojaAAKiGfRul1D7kOHOQkEobMiouF-VvQEo3ziHjsP4qI7NVU64xE1IPhX7fgPEbdY4rF7EgvFhhm6grdczUegrkwGqoGw0RLgm2uHCYcdgzTpgYRTnS2gU8qm_G3W5Ddf1LgTzKZbpXEoWk4Ofub0xRB-NqciAPU73OqFvEjhpxUdEGwSyWVPNu1sQxFF3rYfLyq6_Kr9Cf964153m5TSNaSLEnE8bAeOjVfJIXQBkQwg59er0-p5UYfuprBgEPviPBZwGNCao34PNfO0Jv9LntWsStQYTaIyZNKd6SyJe8z1y1RbWibxqCgrWFXiSAG9i0vaqQ_Tfwp33UP5l2y3rsfKWbsKasNPLhxc5BSV2pt-DIqC0VifhztMntqbz9NVnZGa5NJmNpkXh3yrNwgqUM_zmdcX21LLeM-HkGfQJ9wgJV1C39NNRosaVf68w9-5VfriOPw8gAUMcm-rd4_TbveXght8ky-Kc75RcAv-hQ-ZtLJ0MxMLqBzPuH0uMYEsDVCoU7hmrr4LMEAF4XxW4fZuLjY6KSPLrJTbBABg4JHQHW-s7J7jZ6wVZV7yVyLCCx1rKXKhL2weLkkm3M5-GjqPztKQaAxjF_bRmNiqrMaej5D_GEXkbvY7Qyd6flDaMLI5NxPDGIlFXIJMsTZ7UYbt00HHWYJwKCzd5BSwmVAWoKdLiOHoHqRkkHD6ZwhOjeKfDzlLxwZg-givGrYw9e7xYTLaqiGvatjGs-8hQGOuRNm7eIef7sYTZS5D7W7INW7yGFOgz1e2egWGNIYCYaahixVSeiiX1-bRrVn6gJijSr9Sz67AuhKaiATSQzPHFMe_8wibkkjZ4eEIWW_5WM7NTq4U8wxARZKOuieOczWTiOl_9DT38ItOX5uMDh54u8HstUkd7U6ygjGXiMEBxoAtbfUn8vbGQZfLlVd2bhwu0Kgdb5uv6Jnu_Z5e0FPT8y7xktg3SOtrTPd2Nm2t5QfR47x0L8wx0uyUybfJpwVLimLqWavdPWLgdcjV1iH-GvD5GfU7ULxcnX2HuNa8qohjK7aLXBOhIFpskZACF19nr3fvKW-qR8gxMxRa2VQdMTaIdzjCg8fIod2vG96U4YMEXEZYVeCz0tiKl7N2I1LcewYgOn8RHB7SudbhEOeShKUec7sRQOEbWk66MMdWNQfDnaWU6eupESj8Dy4GI-VmDmpTDXFDoZFFJaSk_-_HPhh52vlxE9fJCd-uo_uMokRVt8VWUN73zkQ05E5r140DN5LWMTwPqQpbjXLnruBVFA3DxAq2YkzzPELQ39-bdtjo2tjRh4dnbqNm-OM3BVUzfPD25cIRD6GY-4mgdqY4HhcAO59Mk_ZXH25I_2dF5X9WbFfudmKvPb_alTdQnGTFDPdB7dKXzV5h7ExJ6i3iH7y2dII4n5ytLdDDCzLRQGRTpK_fPsZg5q9xso7VCjoFAQDbxQQCKDOcxI3zoh8TV-yI34y6bGmFCAs6_GLfe8wbck3nuhYFmERAMEKJi7qB5Zsx5OSZhRAWWaJjPsKu8SDP2-muGcZAEjg0g_yS5XsXD39Kif3svOlSTzE2QFRJRsHbh1FBkm1AlaI8hadeTWQTtciJH-ZCf6kjYCfccLJ16m0Pdx8iiNTgp6bV7wROcU6S6tAGCTm1hpSZB4Xo2Wbqs9sVQyl-4BJfETm2BH0Q-on7HW-V9U0BfcnvOMe3mZfInmF7gwcrw8xX3G8gfDbTU1Sa7L3nhZhMPltrm9SsHMa3pf61h-mBFcf-5E9J5dPIAC2_v04_gT12obG2QsvXZpxKBQEHx4djH6-iOxsKwR0RI6JMKEG-MMzrADYz5zjBS3-fDeQCmSIaw__OkHNZ21bvM146ApjHEU78U3lnGTeZ1B1CdD2VIjSflGySfevN5_3d_nQjKEN3y0hB_S35QQHf8VF56urEqf3Ba-L5tfUS6IPvPBZKggFY8ZjOhAmSU5sUsc_Gi682TAMxgVcW64Y_KQDN6Qi5_TbKcchJC4VY-83x0LnA-bTNW2O9HT7aDIGDpv-LD0rxqUuBU9if3qlbXFwfvKRTu7JAe9RjOom15zYPi4pBXSeD0TzECrOzqpAesKJlV-tHJlp1KdDB0tAK0mw8C86desllM660izKlhvdleDfxQjB4pNby8CY9hcRve2W1OFVG32-E9TaSnLpi22_XrlSo2jKa0drqHMA-pdIi-mfHNes-mF8VWC-D7gInAVaVecyYzGZCNQmZZP-WLI_RxGnC51z4VzVoWdBO6oU0XCGRdLQyjZNgu5zTu7kA4A8EngHFLf9Y-YIudnwmVw7gefucIK3EOVf0pGouOcUzelszEPr5zzkJp4zFzAq7Dr91rAQBEx2kmxuab6uF31nn_Sd2bekkcOYSfC6rvBXS8KQnapvlx5zO9svglN4ieJSrgpjYTXlw3359jJgUPbM45TqK9ZztbM82NAejGl1XQz4MmeMK4Fc08ZdnK7xCRY0Dj_jkq5Wf74UvKN7JxP43FZRYjUR4R4FfHP_n1hwepP1wdKNYcmjcfZH_Uaq8K0nTtvGR3-dt3HG1IqKJD7j-itxAP8wmyW62o1tZ72edDU32GlUIBBJPAC8eF_-TgalCXVFDcN7N6VZtOFNzDMPvJ7f8XvFgs25H4BT-k0XwfrF9z9HnsJxGo-E9mYY5i9gbiUeXi6RS832Sf0V1gsxQKsHuOKdatRgBYAE&bundleId=&ias_dspID=3&ias_campId=1012200182&ias_pubId=pub-8170966538152543&ias_chanId=1&ias_placementId=20123185343&bidurl=https://colunadofla.com/&ias_dealId=&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0gp_7qIEEu_j0mI7XzmWMmQ&adsafe_url=https%3A%2F%2Fcolunadofla.com&adsafe_type=y&adsafe_url=https%3A%2F%2Fcolunadofla.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:dcc17185-d318-4fed-4bef-e2516e11c71d,c:2300fn,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-7b546d5668-c5bhg,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.970.90,am:i,cc:NaN.NaN.970.90,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:3,mot:0,app:0,maw:0,fm:u26PcVn+11%7C12%7C13%7C14%7C15%7C16%7C171%7C172%7C173%7C18%7C191%7C192%7C193%7C194%7C1a1%7C1a2%7C1a31%7C1b1%7C1b2%7C1b3%7C1b4%7C1c%7C1d1%7C1d2%7C1e*.1474271-76103297%7C1e1,idMap:1e*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:13,oid:9d13fe61-b941-11ee-bc35-02b2dab6601e,v:19.8.473,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9159ff44d7094b8c99c902b187018a7e1115252e3c0438f9d4622295cd00d287
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 18:30:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
78386
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4383
x-xss-protection
0
server
cafe
etag
1583492410672046836
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 04 Feb 2024 18:30:09 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20240118/r20110914/ Frame 5422 		31 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240118/r20110914/abg_lite.js
Requested by
Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rfw/bgd/1474271/76103297/xbbe/creative/adj?p=APEucNWeGIYUrziJdMiOe2DejPKfxOYFRkfknzdL8iWDZcUCCrzjlRk&d=CokBAKAmf-CveTb4HALS97R_G6Dg4fdl8iowPcxjdD4fy4o-PdUoIDdtRWfNP7utTKzETqYByavJ2XxG7EnLKIywom1VqIC_m8FFxT1umBgdsnn6UkHLRhlYRC_ojqVL8pMhS9KvLJ7S-a7mDgRSuzAxx02V-jIWMan12ug7KxypuReI4NvAf-PXf8ISiRcAoCZ_4Nrloz5rYi7fVq7qZTzxKYic4a0wBFM9IqL0atxqz0_zg8IFDlvMxT2wjMCksPAVLqUdpfZWEO8h1MfnLfjSrd2tsO6C2bQvcDnJr5WcInGmR90YL324gTYwJc7tCCroOdm805nL1zqvXRU_Mp0s-GqvFUMlNSgafb5FRej7SYWQSZLxmGov712KClRKjISTU01zqSYvShL2pRR8fUHY1x0HmBc10jw9nKUULLjUiOmOpnrbDxwXHufd9VIKvdGwO0ib_IJsD_JL9aozJfb-Ti8uC9GeY-QZ8wFPYwBEf784ZruOvuvDHR0wTmauw2xvo_HyReLY0iDEPeHcE57F0kyEU4P43vfkmw4dxb_CbmCa6B09GbOPY00r9c3ArXVwteenXugMiKq5OVo5xM2Bu_LT59LNSgnja0RvnXXHLqBtS5LK7gLNjtQIqz5aNJknyXKvgHYnEF2TLpdFfjuVLjbWBBFfJQaU-PL1Baz4qYaYmKSYicJZCvSyWjEemWKBxOaquub4UnjxUSSHtHhqq7GTYWpzEbg3a23ry1lMYJ42hd122q-MA9_erzH2ufczRRYhM4QAqguQe7uDeCrprDO5U8q_IPuxZlSZFgGPDW8Va4M8TswzMqqGAv9JDhN8h4oNTJoKf3U3-0nk5KUAgvMLipYPXaM7Zj1fVjmBsztH1yH9WzER5n-tSNYIbsKD6fvKhlkqsrjj1oglb_6uGkztmUgNdZmdK-43sP5dfBO31h9nbFbXSjVtta2KH9JPvHsVsp5bO080qj7PRQY7xuZa6FuByO4Ddim5UizqFqsqXwKWITzpWLaUXkxASyKwD7Eo6X_8Bz74JNliWg19EnTJyEcRPsh48SphLYFbLncYUw67Tpl_XTz8unX-IRMvyoset8FZ7p4dPPQCt9x-BzaiYaFFkQM70kS2N68w5uzn0YL5aiP2zOqxRJiEOzmIre1zR3Y5mNwnBCLctgHQzq_xl9P47anAoDHzz8OcFn718_LjVWIH141hP8LOvObrI1-jMsrX6v47tFt6ea_YDYEt02sfKL-vs_3xTqYG1S817CI-oJ-o1c1KvRGLh-4q7uPqjzTqkTH7UB9p-UQ9g4MmvzAKZV4dMwxj22qVmDAnkXp6zsOgL14PsnUXM7v1JhhH578MnpLauLIUHkS_AAXXXNDSA1jsGPNeYrA6AE0JvFASRSWOsLldmSJPDrgpn8sTUJgBesC7hS-xKvNk-RofNkzkCKCrskRnN6DyEPdxE8bDhXqgnerh18hOpvfq3lhBxU6t0qiUEUl051Bxbh-cHAwiDiAXBohjlJSczxLo3vdoI_iDmIojaAAKiGfRul1D7kOHOQkEobMiouF-VvQEo3ziHjsP4qI7NVU64xE1IPhX7fgPEbdY4rF7EgvFhhm6grdczUegrkwGqoGw0RLgm2uHCYcdgzTpgYRTnS2gU8qm_G3W5Ddf1LgTzKZbpXEoWk4Ofub0xRB-NqciAPU73OqFvEjhpxUdEGwSyWVPNu1sQxFF3rYfLyq6_Kr9Cf964153m5TSNaSLEnE8bAeOjVfJIXQBkQwg59er0-p5UYfuprBgEPviPBZwGNCao34PNfO0Jv9LntWsStQYTaIyZNKd6SyJe8z1y1RbWibxqCgrWFXiSAG9i0vaqQ_Tfwp33UP5l2y3rsfKWbsKasNPLhxc5BSV2pt-DIqC0VifhztMntqbz9NVnZGa5NJmNpkXh3yrNwgqUM_zmdcX21LLeM-HkGfQJ9wgJV1C39NNRosaVf68w9-5VfriOPw8gAUMcm-rd4_TbveXght8ky-Kc75RcAv-hQ-ZtLJ0MxMLqBzPuH0uMYEsDVCoU7hmrr4LMEAF4XxW4fZuLjY6KSPLrJTbBABg4JHQHW-s7J7jZ6wVZV7yVyLCCx1rKXKhL2weLkkm3M5-GjqPztKQaAxjF_bRmNiqrMaej5D_GEXkbvY7Qyd6flDaMLI5NxPDGIlFXIJMsTZ7UYbt00HHWYJwKCzd5BSwmVAWoKdLiOHoHqRkkHD6ZwhOjeKfDzlLxwZg-givGrYw9e7xYTLaqiGvatjGs-8hQGOuRNm7eIef7sYTZS5D7W7INW7yGFOgz1e2egWGNIYCYaahixVSeiiX1-bRrVn6gJijSr9Sz67AuhKaiATSQzPHFMe_8wibkkjZ4eEIWW_5WM7NTq4U8wxARZKOuieOczWTiOl_9DT38ItOX5uMDh54u8HstUkd7U6ygjGXiMEBxoAtbfUn8vbGQZfLlVd2bhwu0Kgdb5uv6Jnu_Z5e0FPT8y7xktg3SOtrTPd2Nm2t5QfR47x0L8wx0uyUybfJpwVLimLqWavdPWLgdcjV1iH-GvD5GfU7ULxcnX2HuNa8qohjK7aLXBOhIFpskZACF19nr3fvKW-qR8gxMxRa2VQdMTaIdzjCg8fIod2vG96U4YMEXEZYVeCz0tiKl7N2I1LcewYgOn8RHB7SudbhEOeShKUec7sRQOEbWk66MMdWNQfDnaWU6eupESj8Dy4GI-VmDmpTDXFDoZFFJaSk_-_HPhh52vlxE9fJCd-uo_uMokRVt8VWUN73zkQ05E5r140DN5LWMTwPqQpbjXLnruBVFA3DxAq2YkzzPELQ39-bdtjo2tjRh4dnbqNm-OM3BVUzfPD25cIRD6GY-4mgdqY4HhcAO59Mk_ZXH25I_2dF5X9WbFfudmKvPb_alTdQnGTFDPdB7dKXzV5h7ExJ6i3iH7y2dII4n5ytLdDDCzLRQGRTpK_fPsZg5q9xso7VCjoFAQDbxQQCKDOcxI3zoh8TV-yI34y6bGmFCAs6_GLfe8wbck3nuhYFmERAMEKJi7qB5Zsx5OSZhRAWWaJjPsKu8SDP2-muGcZAEjg0g_yS5XsXD39Kif3svOlSTzE2QFRJRsHbh1FBkm1AlaI8hadeTWQTtciJH-ZCf6kjYCfccLJ16m0Pdx8iiNTgp6bV7wROcU6S6tAGCTm1hpSZB4Xo2Wbqs9sVQyl-4BJfETm2BH0Q-on7HW-V9U0BfcnvOMe3mZfInmF7gwcrw8xX3G8gfDbTU1Sa7L3nhZhMPltrm9SsHMa3pf61h-mBFcf-5E9J5dPIAC2_v04_gT12obG2QsvXZpxKBQEHx4djH6-iOxsKwR0RI6JMKEG-MMzrADYz5zjBS3-fDeQCmSIaw__OkHNZ21bvM146ApjHEU78U3lnGTeZ1B1CdD2VIjSflGySfevN5_3d_nQjKEN3y0hB_S35QQHf8VF56urEqf3Ba-L5tfUS6IPvPBZKggFY8ZjOhAmSU5sUsc_Gi682TAMxgVcW64Y_KQDN6Qi5_TbKcchJC4VY-83x0LnA-bTNW2O9HT7aDIGDpv-LD0rxqUuBU9if3qlbXFwfvKRTu7JAe9RjOom15zYPi4pBXSeD0TzECrOzqpAesKJlV-tHJlp1KdDB0tAK0mw8C86desllM660izKlhvdleDfxQjB4pNby8CY9hcRve2W1OFVG32-E9TaSnLpi22_XrlSo2jKa0drqHMA-pdIi-mfHNes-mF8VWC-D7gInAVaVecyYzGZCNQmZZP-WLI_RxGnC51z4VzVoWdBO6oU0XCGRdLQyjZNgu5zTu7kA4A8EngHFLf9Y-YIudnwmVw7gefucIK3EOVf0pGouOcUzelszEPr5zzkJp4zFzAq7Dr91rAQBEx2kmxuab6uF31nn_Sd2bekkcOYSfC6rvBXS8KQnapvlx5zO9svglN4ieJSrgpjYTXlw3359jJgUPbM45TqK9ZztbM82NAejGl1XQz4MmeMK4Fc08ZdnK7xCRY0Dj_jkq5Wf74UvKN7JxP43FZRYjUR4R4FfHP_n1hwepP1wdKNYcmjcfZH_Uaq8K0nTtvGR3-dt3HG1IqKJD7j-itxAP8wmyW62o1tZ72edDU32GlUIBBJPAC8eF_-TgalCXVFDcN7N6VZtOFNzDMPvJ7f8XvFgs25H4BT-k0XwfrF9z9HnsJxGo-E9mYY5i9gbiUeXi6RS832Sf0V1gsxQKsHuOKdatRgBYAE&bundleId=&ias_dspID=3&ias_campId=1012200182&ias_pubId=pub-8170966538152543&ias_chanId=1&ias_placementId=20123185343&bidurl=https://colunadofla.com/&ias_dealId=&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0gp_7qIEEu_j0mI7XzmWMmQ&adsafe_url=https%3A%2F%2Fcolunadofla.com&adsafe_type=y&adsafe_url=https%3A%2F%2Fcolunadofla.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:dcc17185-d318-4fed-4bef-e2516e11c71d,c:2300fn,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-7b546d5668-c5bhg,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.970.90,am:i,cc:NaN.NaN.970.90,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:3,mot:0,app:0,maw:0,fm:u26PcVn+11%7C12%7C13%7C14%7C15%7C16%7C171%7C172%7C173%7C18%7C191%7C192%7C193%7C194%7C1a1%7C1a2%7C1a31%7C1b1%7C1b2%7C1b3%7C1b4%7C1c%7C1d1%7C1d2%7C1e*.1474271-76103297%7C1e1,idMap:1e*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:13,oid:9d13fe61-b941-11ee-bc35-02b2dab6601e,v:19.8.473,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9dfbb8e1be036059aea6dd87bdbefa7ecada3617fb3f404ba4647ebbbf8160b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 18:30:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
78386
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11885
x-xss-protection
0
server
cafe
etag
16863283086342074828
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 04 Feb 2024 18:30:09 GMT
csi
csi.gstatic.com/ Frame 2A88 		0
234 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~lrp4qviq&c=7075895314372&slotId=3537947657186&qqid=CM356Lqy8YMDFcEuVQgdKeIHsg&gqid=45SuZai_E__41PIPoty9wAE&fb=ima_html5-lima&sdkv=h.3.613.0&ppt=google%2Fcodepen-demo-&ppv=1.0.0&mrd=4&aab=1&itv=1&ghmsh_eids=44754608%2C44772139%2C44777649%2C44781409%2C44804291%2C44809548
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.613.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2800:3f0:4004:802::2003 , Argentina, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 16:16:36 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
loader21.html
tpc.googlesyndication.com/pagead/js/ Frame 81BD 		52 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/loader21.html?https://libs.outbrain.com/video/vpaid/vpaid.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.613.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
789c309db6cd9d6d31cbe19ae0adf1ceb07fc8b4f485f45bf3e444dd0de457ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
78509
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
18189
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 21 Jan 2024 18:28:06 GMT
etag
7287664291636797308
expires
Mon, 22 Jan 2024 18:28:06 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 2A88 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CiSzc45SuZY38FcHd1PIPqcSfkAupjsflcuDWzamNEsCNtwEQASAAYJWqs4LAB4IBHWNhLXZpZGVvLXB1Yi04MTcwOTY2NTM4MTUyNTQzyAEF4AIAqAMBmAQAqgSgAk_QrLZrbWpJkjHDvR0waejsxaK9_H0yG_58g3LnAlvax-lKhFGJM1N5e1HeGA-1ZMy6yQWoeftgRYQooQYoCn3MTHTSDrQO4h5vpkl_WQdkhhLgDDOih8O4GWIuDGKPNTaSjTI2ZHwKNLBx02RvFKVu78kxAP4klLgPakUWJ77JQSQziKaUHp9lpLUWR76SQNhtfdDsz5ks4nj7_q74_sLO7PKj9M_9dpTO4NpCgLda_zbR8eacZ2-V39V-nYtf_PY31BUOEsIqoEIJktAGyPqs5_WN99gRrinJvrqHrjVDGUy_h0GFvAgS3W6qZkRzLbms64_cylUU00t_cQEEApwVoE7NmSNlqR1-74OHK85ixPqnexHdEeNFo10u9-Z8vOAEAYAGj_2K-qPj1a9WoAYqqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WIH05rqy8YMD-gsCCAGADAHiDRMIuLrnurLxgwMVwS5VCB0p4gey0BUBgBcB&sigh=0tSNIJZcia4&label=video_ad_loaded&sdkv=h.3.613.0&vci=[CREATIVE_PLAYBACK]
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 16:16:35 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 2A88 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CiSzc45SuZY38FcHd1PIPqcSfkAupjsflcuDWzamNEsCNtwEQASAAYJWqs4LAB4IBHWNhLXZpZGVvLXB1Yi04MTcwOTY2NTM4MTUyNTQzyAEF4AIAqAMBmAQAqgSgAk_QrLZrbWpJkjHDvR0waejsxaK9_H0yG_58g3LnAlvax-lKhFGJM1N5e1HeGA-1ZMy6yQWoeftgRYQooQYoCn3MTHTSDrQO4h5vpkl_WQdkhhLgDDOih8O4GWIuDGKPNTaSjTI2ZHwKNLBx02RvFKVu78kxAP4klLgPakUWJ77JQSQziKaUHp9lpLUWR76SQNhtfdDsz5ks4nj7_q74_sLO7PKj9M_9dpTO4NpCgLda_zbR8eacZ2-V39V-nYtf_PY31BUOEsIqoEIJktAGyPqs5_WN99gRrinJvrqHrjVDGUy_h0GFvAgS3W6qZkRzLbms64_cylUU00t_cQEEApwVoE7NmSNlqR1-74OHK85ixPqnexHdEeNFo10u9-Z8vOAEAYAGj_2K-qPj1a9WoAYqqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WIH05rqy8YMD-gsCCAGADAHiDRMIuLrnurLxgwMVwS5VCB0p4gey0BUBgBcB&sigh=0tSNIJZcia4&label=show_ad&sdkv=h.3.613.0&vci=CmIIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKhM2MjIzNzg4OTgwMjkxNDE5NzkxQMEEUh0lAAAgQSgBOgd1bmtub3duQgd1bmtub3duUABgAhgB
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 16:16:35 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
pubads.g.doubleclick.net/pagead/ Frame 2A88 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubads.g.doubleclick.net/pagead/adview?ai=CddYd45SuZY38FcHd1PIPqcSfkAupjsflcuDWzamNEsCNtwEQASAAYJWqs4LAB4IBHWNhLXZpZGVvLXB1Yi04MTcwOTY2NTM4MTUyNTQzyAEF4AIAqAMBmAQAqgSdAk_QrLZrbWpJkjHDvR0waejsxaK9_H0yG_58g3LnAlvax-lKhFGJM1N5e1HeGA-1ZMy6yQWoeftgRYQooQYoCn3MTHTSDrQO4h5vpkl_WQdkhhLgDDOih8O4GWIuDGKPNTaSjTI2ZHwKNLBx02RvFKVu78kxAP4klLgPakUWJ77JQSQziKaUHp9lpLUWR76SQNhtfdDsz5ks4nj7_q74_sLO7PKj9M_9dpTO4NpCgLda_zbR8eacZ2-V39V-nYtf_PY31BUOEsIqoEIJktAGyPqs5_WN99gRrinJvrqHrjVDGUy_h0GFvAgS3W6qZkRzLbms64_cylVW0WrtzM_fZGPO7rkor-OojDl0a4qpM1mDOcxnvLDwPfv6SJ5ICOAEAYAGj_2K-qPj1a9WoAYqqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WIH05rqy8YMDgAoD-gsCCAGADAHiDRMIuLrnurLxgwMVwS5VCB0p4gey0BUBgBcBshccChoSFHB1Yi04MTcwOTY2NTM4MTUyNTQzGJHzbA&sigh=FquEc3GD-DA&uach_m=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&cid=CAQSOwAvHhf_cG2cW2tb2SecBLuqNqeeo8w5RSRUlbciZwnlzClPjQjPYe2EopIRrFHrrU1u_-VUQxvgGVSUGAE&vt=10&sdkv=h.3.613.0&vci=CmIIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKhM2MjIzNzg4OTgwMjkxNDE5NzkxQMEEUh0lAAAgQSgBOgd1bmtub3duQgd1bmtub3duUABgAhgB
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers
truncated
/ Frame 5422 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bca2ddde06415cc02b37a7ed1844370dc9c1f9846b98b093bf3ec65094651cd3

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/png
si
googleads.g.doubleclick.net/pagead/drt/ Frame 8D96
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: 48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com
URL: https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 22 Jan 2024 16:16:35 GMT
expires
Mon, 22 Jan 2024 16:16:35 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 22 Jan 2024 16:16:35 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
i_I7gtk5u389ZGUJiYlLngBTR4no54KgcGkAXYvtCUw.js
pagead2.googlesyndication.com/bg/ Frame F1DA 		51 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/i_I7gtk5u389ZGUJiYlLngBTR4no54KgcGkAXYvtCUw.js
Requested by
Host: colunadofla.com
URL: https://colunadofla.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8bf23b82d939bb7f3d64650989894b9e00534789e8e782a07069005d8bed094c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 02:17:03 GMT
content-encoding
br
x-content-type-options
nosniff
age
482372
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19704
x-xss-protection
0
last-modified
Mon, 15 Jan 2024 09:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 16 Jan 2025 02:17:03 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 96A7 		0
25 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=Bzdwr45SuZZzZI4rA9u8PpNKp6AYAAAAAOAHgBAI&bg=!6Oul66TNAAa8BdJLnAU7ADQBe5WfOG3fbOdYfjqHM9A4jKCREVpDWQ8bisbkYBU71nyUiTTuF4VTeY82vU7DpkgmJCwtAgAAAHlSAAAAA2gBBwoAGe5BJmUkwXt18nGu3MTsm72ACrxMrVnp8wuZAxCmfjvpeea8R3O7KzXhkCh5hXwDdu8BTQB63SyqSyftfrt9yb-WcLimqB4nw1iXsJ03uJFZxew4LYdlymlLYCyFhWAIOQlLYheXz5XKQlUoLzPLxsrruOls27yBAO_yCkDP9yGX6thM0q8TYC4UIPJes0LITmTPZcvWeJF9o75YM6tbiwsJiDuwpEzSpCathXZY30_bHAvlydd8INJapSeHCiTKxqaKpIYpxBq3mZvB7JVN3pIlfUx4eC3y0Y7Q4iFb57VbGWYucdaub7B-m-RaWJ5tAYjXh4yJIBXagUf_dYY5DEk0I9bcf2XG5dqiI5PGMiMAQUnhHGSJt22NCRMEEIp9R8-BGxy0OwF72VTwblxSJo8rTO0hZ-Piuq2ppGx4iC8PE7DxXVkXVKXDOvlwirLF2shYhffznI9pmFABlx75vwIa6QcA1zeqa3lYFBNM9Ql5NWrz8Wn8cC_PE0eAAaStf2YZIZ5PmmGn6mqlxSXSoPBn39jJ6MwSF-N4FUkSsXhgSmwbNwg0u6hZdMieSAdvJK5Q6hrtVN89GsMt6O4Bs4juN_V8o5wRd_M081n-KaLDVZth43IPW9exsxg73cH6BrAkp8CTmF3r8OGVpu7FRlavSJbWbu8IUmuOgT0FCeunEPJKsb0BroDpSQPJVAbeGtUNCGSQncwtmZTeWC9C_Ue2aVVjCFlMjaiNzq4OTFLExHr0WrizBtYZJlNPyUh1bbud8JYh-VaUSmCOhhyXfqysiEV90Qw0eOcZbNL13uqR9DiOCpNi-NafOp2Ufye0cticOmzN-V97Rp5YcABWhNVLK0xa_DtafDdXO2_EYHKVDrlkaUouW0kbUEgY2sXs91zeVhfz-kTCkEQx1utqLGVDPw0P3HgTnFiSvreDvMxspyz4Y2XRg3eMl79l4p-3LazK45QMLkYY9zX3MVgljvGbNyT3O42mtMHa4MPjGmMuM5AB2K5wWa_r_NnGYlH9eyBiOTFnpTM8mumkr2ClQljwhab4ycyib6wtq5pNitUaWFxv1fe7VhGRiThl
Requested by
Host: 48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com
URL: https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 16:16:36 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame E7D8 		0
25 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=7607142219100&version=m202309260101&ct=76&x=1&cor=797242510757915000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 16:16:36 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tr
www.facebook.com/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr?id=1992888384353851&ev=Tail&cd[custom_audience]=CA15771
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://colunadofla.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 22 Jan 2024 16:16:36 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
doubleclick
cm.t.tailtarget.com/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=tailtarget_dmp&google_cm&google_ula=862479430
  • https://cm.t.tailtarget.com/doubleclick?google_gid=CAESECzx4GxJdq6slsNhk3duKrA&google_cver=1&google_ula=862479430,0
70 B
364 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.t.tailtarget.com/doubleclick?google_gid=CAESECzx4GxJdq6slsNhk3duKrA&google_cver=1&google_ula=862479430,0
Protocol
H2
Server
34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
99.185.102.34.bc.googleusercontent.com
Software
nginx/1.17.8 /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://colunadofla.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 16:16:36 GMT
via
1.1 google
server
nginx/1.17.8
content-type
image/png
cache-control
no-cache
content-disposition
inline
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
70

Redirect headers

pragma
no-cache
date
Mon, 22 Jan 2024 16:16:35 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://cm.t.tailtarget.com/doubleclick?google_gid=CAESECzx4GxJdq6slsNhk3duKrA&google_cver=1&google_ula=862479430,0
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
320
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
index.html
s0.2mdn.net/sadbundle/9304040020665618056/EMEA-DEU_XA-09_0_970x90_BAN-A_HTML5_TOFU-no-Networking%20and%20Security%20Convergence%20Overview_0_105/ Frame F715 		254 KB
163 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/9304040020665618056/EMEA-DEU_XA-09_0_970x90_BAN-A_HTML5_TOFU-no-Networking%20and%20Security%20Convergence%20Overview_0_105/index.html?ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c5da40f0910849e4b559b2e56fdf8ca275f4166a8d07f305eb2e4a2789eaba8f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
471073
allow-fenced-frame-automatic-beacons
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
166503
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Wed, 17 Jan 2024 05:25:23 GMT
expires
Thu, 16 Jan 2025 05:25:23 GMT
last-modified
Tue, 09 May 2023 05:44:51 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
ad.doubleclick.net/pcs/ Frame 5422 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjsv_FenMNsPnQ7wbOAfHJiTT8El7s_QEsZgZcx3yLXGyDCyPirg8EyGPz4u-f3AkKL4yeHHBKBrY-bZ0JvDfuzKsz_r3WThB17JSM898HvePVUnjXsUV2i9ZZFgS-bvD9p7F_3OqXxh8gqFRHoXqsI9d5tevaquuFsuVggPqogItoTCfW4rzt4uBQ5Erk2ucDrDkxlpoAkap2viHrngcPfELQLj0P4nnAQ&sai=AMfl-YSpDnn7x0JqwScS6CssiE1rDsCWkrtf9dhXP2iq0U0cd1U2ph75ZmJI2JKXnnJKWw-6yqTmUQt9ijKcELdSmbkrQJrYe24sQ9LNDm6axQu6Ivp11_ZGCLgjqJs6tKQpbRy1oLjYpw8ymrhk1xojT05H8qs&sig=Cg0ArKJSzLTI6tPJYJZwEAE&uach_m=%5BUACH%5D&cry=1&crd=aHR0cHM6Ly9jaXNjby5jb20&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=95&cbvp=1&cstd=94&cisv=r20240118.22039&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: colunadofla.com
URL: https://colunadofla.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 16:16:36 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
__tt.gif
t.tailtarget.com/ 		43 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.tailtarget.com/__tt.gif?tA=TT-9964-3&tE=1&tI=&tJ=CA15795,CA15771&tQ=r7-cas-alimentacaosaudavel,r7-cas-int-em-livros,r7-visao-geral&tU=0100007FE194AE65B3066F1D02635A07&tX=b.52&tY=1&tZ=432619234
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
99.185.102.34.bc.googleusercontent.com
Software
nginx/1.17.8 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://colunadofla.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 16:16:36 GMT
via
1.1 google
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx/1.17.8
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
image/gif
cache-control
no-cache, private, proxy-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Thu, 01 Jan 1970 00:00:01 GMT
vpaid.js
libs.outbrain.com/video/vpaid/ Frame 81BD 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://libs.outbrain.com/video/vpaid/vpaid.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/js/loader21.html?https://libs.outbrain.com/video/vpaid/vpaid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-86.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
570e5935bf2d1e5866883b714d5a35073a1b21104ee0d6baaa2dae59fbc8eb83

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 16:16:36 GMT
content-encoding
gzip
last-modified
Sun, 24 Dec 2023 14:08:19 GMT
server
AkamaiNetStorage
etag
"d5f0f24ac1cfe0752262d337cd483dea:1704878923.550006"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
*
content-length
4441
expires
Mon, 22 Jan 2024 20:16:36 GMT
truncated
/ Frame F715 		73 KB
73 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
24366c51064fc57cb419cc93db561f43bf3461affb1d04deb4d552a7e2ba4956

Request headers

Referer
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
application/font-woff;charset=utf-8
truncated
/ Frame F715 		71 KB
71 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0dfe1f9ce8410e9cd1eb921153319aa98dd53d12a6e4fb0efca81ab345bda814

Request headers

Referer
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
application/font-woff;charset=utf-8
view
ad.doubleclick.net/pcs/ Frame 5422 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjsv_FenMNsPnQ7wbOAfHJiTT8El7s_QEsZgZcx3yLXGyDCyPirg8EyGPz4u-f3AkKL4yeHHBKBrY-bZ0JvDfuzKsz_r3WThB17JSM898HvePVUnjXsUV2i9ZZFgS-bvD9p7F_3OqXxh8gqFRHoXqsI9d5tevaquuFsuVggPqogItoTCfW4rzt4uBQ5Erk2ucDrDkxlpoAkap2viHrngcPfELQLj0P4nnAQ&sai=AMfl-YSpDnn7x0JqwScS6CssiE1rDsCWkrtf9dhXP2iq0U0cd1U2ph75ZmJI2JKXnnJKWw-6yqTmUQt9ijKcELdSmbkrQJrYe24sQ9LNDm6axQu6Ivp11_ZGCLgjqJs6tKQpbRy1oLjYpw8ymrhk1xojT05H8qs&sig=Cg0ArKJSzLTI6tPJYJZwEAE&uach_m=%5BUACH%5D&cry=1&crd=aHR0cHM6Ly9jaXNjby5jb20&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=173&vt=11&dtpt=78&dett=3&cstd=94&cisv=r20240118.22039&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: colunadofla.com
URL: https://colunadofla.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 16:16:36 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
activeview
pagead2.googlesyndication.com/pcs/ Frame B57D 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv6ELNVEDSTeG9L0c6KwyA05uKMvHhNzr3BNmYtFxQXVm83KKpV5FdZHGIcfrJB4_c15EwpS8PI2LOSvPCudujVL2FqBcHWhSFluyZOmyJeu6xXCcSAx1ttn_pqZW5TNSwfMA40HPCpHXlC8W3zw2SOu-4q&sai=AMfl-YR6iTQa_xbtMwYVoUMqzx9DgyaYvY2AQP984zEw7TWtgjs8h8jyyTJbHjsTRWkebadB9a_5j76c8n0D3-bTgewuUpK_6EquEGkb7y37B6qeuUfAAat5THrf07K-NzoLiC0jbn9pFNXO8ah9jx3H&sig=Cg0ArKJSzJ8GXTP56SQjEAE&cid=CAQSTgAvHhf_F10R54y21wfYu6RZfrDdnIUkkxXM8rtQhBhHjsL3o8bzwpBcu4DoLwQiAYlac50OxFiVwJs5rTFIMqKokKo99aQ76rNkXrI54hgB&id=lidar2&mcvt=1022&p=1054,1055,1304,1355&mtos=0,0,1022,1022,1022&tos=0,0,1022,0,0&v=20240117&bin=7&avms=nio&bs=0,0&mc=0.58&if=1&vu=1&app=0&itpl=20&adk=4175623573&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1705940194821&rpt=222&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 16:16:36 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
LogoLockup_Vert_RGB_white.png
s0.2mdn.net/sadbundle/9304040020665618056/EMEA-DEU_XA-09_0_970x90_BAN-A_HTML5_TOFU-no-Networking%20and%20Security%20Convergence%20Overview_0_105/ Frame F715 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/9304040020665618056/EMEA-DEU_XA-09_0_970x90_BAN-A_HTML5_TOFU-no-Networking%20and%20Security%20Convergence%20Overview_0_105/LogoLockup_Vert_RGB_white.png?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2501e8e02f5d1fd15ffff691da384eec93ce81cdfacec12a8c41459b660bf0a8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9304040020665618056/EMEA-DEU_XA-09_0_970x90_BAN-A_HTML5_TOFU-no-Networking%20and%20Security%20Convergence%20Overview_0_105/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Wed, 15 Jan 2025 19:30:45 GMT
date
Tue, 16 Jan 2024 19:30:45 GMT
x-content-type-options
nosniff
age
506751
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1849
x-xss-protection
0
last-modified
Tue, 09 May 2023 05:44:51 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
TI-Networking-and-Security-Convergence-Overview.jpeg
s0.2mdn.net/sadbundle/9304040020665618056/EMEA-DEU_XA-09_0_970x90_BAN-A_HTML5_TOFU-no-Networking%20and%20Security%20Convergence%20Overview_0_105/ Frame F715 		50 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/9304040020665618056/EMEA-DEU_XA-09_0_970x90_BAN-A_HTML5_TOFU-no-Networking%20and%20Security%20Convergence%20Overview_0_105/TI-Networking-and-Security-Convergence-Overview.jpeg?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c73d6eee425442ce00ca80b2b5bd22b41b44a274432e464fbd99ef57341a19e6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9304040020665618056/EMEA-DEU_XA-09_0_970x90_BAN-A_HTML5_TOFU-no-Networking%20and%20Security%20Convergence%20Overview_0_105/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Fri, 17 Jan 2025 18:15:09 GMT
date
Thu, 18 Jan 2024 18:15:09 GMT
x-content-type-options
nosniff
age
338487
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50775
x-xss-protection
0
last-modified
Tue, 09 May 2023 05:44:51 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
432.bundle.js
libs.outbrain.com/video/vpaid/ Frame 81BD 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://libs.outbrain.com/video/vpaid/432.bundle.js
Requested by
Host: libs.outbrain.com
URL: https://libs.outbrain.com/video/vpaid/vpaid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-86.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
69df3b7920cf9a280f919e25f02cbb0990ab56e89f4aa42340ef11ec44da7288

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 16:16:36 GMT
content-encoding
gzip
last-modified
Sun, 24 Dec 2023 14:08:19 GMT
server
AkamaiNetStorage
etag
"fb5952d029e6660f3fcdf7a23b9d3a32:1704878920.701451"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
*
content-length
3081
expires
Mon, 22 Jan 2024 20:16:36 GMT
LogoLockup_Vert_RGB_white.png
s0.2mdn.net/sadbundle/9304040020665618056/EMEA-DEU_XA-09_0_970x90_BAN-A_HTML5_TOFU-no-Networking%20and%20Security%20Convergence%20Overview_0_105/ Frame F715 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/9304040020665618056/EMEA-DEU_XA-09_0_970x90_BAN-A_HTML5_TOFU-no-Networking%20and%20Security%20Convergence%20Overview_0_105/LogoLockup_Vert_RGB_white.png?
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9304040020665618056/EMEA-DEU_XA-09_0_970x90_BAN-A_HTML5_TOFU-no-Networking%20and%20Security%20Convergence%20Overview_0_105/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2501e8e02f5d1fd15ffff691da384eec93ce81cdfacec12a8c41459b660bf0a8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9304040020665618056/EMEA-DEU_XA-09_0_970x90_BAN-A_HTML5_TOFU-no-Networking%20and%20Security%20Convergence%20Overview_0_105/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Wed, 15 Jan 2025 19:30:45 GMT
date
Tue, 16 Jan 2024 19:30:45 GMT
x-content-type-options
nosniff
age
506751
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1849
x-xss-protection
0
last-modified
Tue, 09 May 2023 05:44:51 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
TI-Networking-and-Security-Convergence-Overview.jpeg
s0.2mdn.net/sadbundle/9304040020665618056/EMEA-DEU_XA-09_0_970x90_BAN-A_HTML5_TOFU-no-Networking%20and%20Security%20Convergence%20Overview_0_105/ Frame F715 		50 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/9304040020665618056/EMEA-DEU_XA-09_0_970x90_BAN-A_HTML5_TOFU-no-Networking%20and%20Security%20Convergence%20Overview_0_105/TI-Networking-and-Security-Convergence-Overview.jpeg?
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9304040020665618056/EMEA-DEU_XA-09_0_970x90_BAN-A_HTML5_TOFU-no-Networking%20and%20Security%20Convergence%20Overview_0_105/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c73d6eee425442ce00ca80b2b5bd22b41b44a274432e464fbd99ef57341a19e6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9304040020665618056/EMEA-DEU_XA-09_0_970x90_BAN-A_HTML5_TOFU-no-Networking%20and%20Security%20Convergence%20Overview_0_105/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Fri, 17 Jan 2025 18:15:09 GMT
date
Thu, 18 Jan 2024 18:15:09 GMT
x-content-type-options
nosniff
age
338487
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50775
x-xss-protection
0
last-modified
Tue, 09 May 2023 05:44:51 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
7b8bdc9edda018e6c359cd21dc5f3402c4.jpg
zem.outbrainimg.com/p/srv/sha/c6/78/82/ Frame 81BD 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zem.outbrainimg.com/p/srv/sha/c6/78/82/7b8bdc9edda018e6c359cd21dc5f3402c4.jpg?w=320&h=180&fit=crop&crop=optimized&q=45&fm=jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
146.75.122.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
b6551ab75532088f09dd823ef9fde257cf73bddb82166326f97fbbcbf438deac
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 16:16:36 GMT
via
1.1 varnish
x-content-type-options
nosniff
age
1104995
x-cache
HIT, MISS, HIT
x-imgix-id
ddff3ae4e4caf17351b360ff2272cfe97b5217be
cross-origin-resource-policy
cross-origin
content-length
14017
x-served-by
cache-sjc10035-SJC, cache-fra-eddf8230114-FRA, cache-fra-etou8220117-FRA
x-imgix-render-farm
01.140328
last-modified
Tue, 09 Jan 2024 21:20:01 GMT
server
imgix
x-timer
S1705940196.245177,VS0,VE2
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
1
achoice.svg
widgets.outbrain.com/images/widgetIcons/ Frame 81BD 		990 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-86.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
9ba56f5ffa579747efde1d2a429b325a9fb7220d30f4268e4a44ecbe4a9bf034

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Wed, 21 Feb 2024 16:16:36 GMT
date
Mon, 22 Jan 2024 16:16:36 GMT
last-modified
Tue, 05 Dec 2023 07:28:21 GMT
server
AkamaiNetStorage
etag
"5ab8e16b5f46213840bcd403e349419c:1701762077.100249"
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
990
access-control-request-headers
X-OB-STG,X-OB-PRD
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 2A88 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CiSzc45SuZY38FcHd1PIPqcSfkAupjsflcuDWzamNEsCNtwEQASAAYJWqs4LAB4IBHWNhLXZpZGVvLXB1Yi04MTcwOTY2NTM4MTUyNTQzyAEF4AIAqAMBmAQAqgSgAk_QrLZrbWpJkjHDvR0waejsxaK9_H0yG_58g3LnAlvax-lKhFGJM1N5e1HeGA-1ZMy6yQWoeftgRYQooQYoCn3MTHTSDrQO4h5vpkl_WQdkhhLgDDOih8O4GWIuDGKPNTaSjTI2ZHwKNLBx02RvFKVu78kxAP4klLgPakUWJ77JQSQziKaUHp9lpLUWR76SQNhtfdDsz5ks4nj7_q74_sLO7PKj9M_9dpTO4NpCgLda_zbR8eacZ2-V39V-nYtf_PY31BUOEsIqoEIJktAGyPqs5_WN99gRrinJvrqHrjVDGUy_h0GFvAgS3W6qZkRzLbms64_cylUU00t_cQEEApwVoE7NmSNlqR1-74OHK85ixPqnexHdEeNFo10u9-Z8vOAEAYAGj_2K-qPj1a9WoAYqqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WIH05rqy8YMD-gsCCAGADAHiDRMIuLrnurLxgwMVwS5VCB0p4gey0BUBgBcB&sigh=0tSNIJZcia4&label=vast_creativeview&ad_mt=0&sdkv=h.3.613.0&vci=CosBCAESGHB1YmFkcy5nLmRvdWJsZWNsaWNrLm5ldBoLQWRTZW5zZS9BZFggBCoTNjIyMzc4ODk4MDI5MTQxOTc5MUDBBFIiEAQlAAAgQSgBOgd1bmtub3duQgd1bmtub3duSPcBUABgAloiZG91YmxlY2xpY2tieWdvb2dsZS5jb20tb21pZC12aWRlbxgB
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 16:16:36 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
b1t-eudc1.zemanta.com/t/video/start/S5X5ZPWQJEWLXQXWO376MD7XHY53UNQVDRN2VBMELMPYZH3BILSR4A73GIYTASXNW5FZWL2LP4U7LASSKOVBI3K27XA4GW7XBMYZPY4MF27OQKHD3NWT6MMHHVMLQJLPN2HNCHB75ODDQBAIX56NNXVTS3W6PXSGT... Frame 2A88 		26 B
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b1t-eudc1.zemanta.com/t/video/start/S5X5ZPWQJEWLXQXWO376MD7XHY53UNQVDRN2VBMELMPYZH3BILSR4A73GIYTASXNW5FZWL2LP4U7LASSKOVBI3K27XA4GW7XBMYZPY4MF27OQKHD3NWT6MMHHVMLQJLPN2HNCHB75ODDQBAIX56NNXVTS3W6PXSGTNEVB6YPOX2JCRRQIRN7AULALBVMSZWEONIMHVCYR656QI7GDGREJ5LHSZD6XJTKAUYBHFLWJAT33VOTOU2DLY2D2SJ7FZM5RIK22NXYZ4EAQFKCQU2WUJZJDS3MUZP5S36XRS6RHPBE4Z5BUWVAL55POL76AYID7R7BSFHJUPWJQEPXPURBANLMD2775WC3BNOKAPAM6BSISWEVHBCYSZHEUEYNIOYY/?
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.227.153.220 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
v182.ce13.ams-01.nl.leaseweb.net
Software
/
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 22 Jan 2024 16:16:36 GMT
Connection
keep-alive
Content-Length
26
Content-Type
image/gif
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 2A88 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CiSzc45SuZY38FcHd1PIPqcSfkAupjsflcuDWzamNEsCNtwEQASAAYJWqs4LAB4IBHWNhLXZpZGVvLXB1Yi04MTcwOTY2NTM4MTUyNTQzyAEF4AIAqAMBmAQAqgSgAk_QrLZrbWpJkjHDvR0waejsxaK9_H0yG_58g3LnAlvax-lKhFGJM1N5e1HeGA-1ZMy6yQWoeftgRYQooQYoCn3MTHTSDrQO4h5vpkl_WQdkhhLgDDOih8O4GWIuDGKPNTaSjTI2ZHwKNLBx02RvFKVu78kxAP4klLgPakUWJ77JQSQziKaUHp9lpLUWR76SQNhtfdDsz5ks4nj7_q74_sLO7PKj9M_9dpTO4NpCgLda_zbR8eacZ2-V39V-nYtf_PY31BUOEsIqoEIJktAGyPqs5_WN99gRrinJvrqHrjVDGUy_h0GFvAgS3W6qZkRzLbms64_cylUU00t_cQEEApwVoE7NmSNlqR1-74OHK85ixPqnexHdEeNFo10u9-Z8vOAEAYAGj_2K-qPj1a9WoAYqqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WIH05rqy8YMD-gsCCAGADAHiDRMIuLrnurLxgwMVwS5VCB0p4gey0BUBgBcB&sigh=0tSNIJZcia4&label=part2viewed&ad_mt=0&sdkv=h.3.613.0&vci=CosBCAESGHB1YmFkcy5nLmRvdWJsZWNsaWNrLm5ldBoLQWRTZW5zZS9BZFggBCoTNjIyMzc4ODk4MDI5MTQxOTc5MUDBBFIiEAQlAAAgQSgBOgd1bmtub3duQgd1bmtub3duSPcBUABgAloiZG91YmxlY2xpY2tieWdvb2dsZS5jb20tb21pZC12aWRlbxgB
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 16:16:36 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
b1t-eudc1.zemanta.com/t/imp/impression/S5X5ZPWQJEWLXQXWO376MD7XHY53UNQVDRN2VBMELMPYZH3BILSR4A73GIYTASXNW5FZWL2LP4U7LASSKOVBI3K27XA4GW7XBMYZPY4MF27OQKHD3NWT6MMHHVMLQJLPN2HNCHB75ODDQBAIX56NNXVTS3W6PX... Frame 2A88 		26 B
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b1t-eudc1.zemanta.com/t/imp/impression/S5X5ZPWQJEWLXQXWO376MD7XHY53UNQVDRN2VBMELMPYZH3BILSR4A73GIYTASXNW5FZWL2LP4U7LASSKOVBI3K27XA4GW7XBMYZPY4MF27OQKHD3NWT6MMHHVMLQJLPN2HNCHB75ODDQBAIX56NNXVTS3W6PXSGTNEVB6YPOX2JCRRQIRN7AULALBVMSZWEONIMHVCYR656QI7GDGREJ5LHSZD6XJTKAUYBHFLWJAT33VOTOU2DLY2D2SJ7FZM5RIK22NXYZ4EAQFKCQU2WUJZJDS3MUZP5S36XRS6RHPBE4Z5BUWVAL55POL76AYID7R7BSFHJUPWJQEPXPURBANLMD2775WC3BNOKAPAM6BSISWEVHBCYSZHEUEYNIOYY/?
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.227.153.220 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
v182.ce13.ams-01.nl.leaseweb.net
Software
/
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 22 Jan 2024 16:16:36 GMT
Connection
keep-alive
Content-Length
26
Content-Type
image/gif
adview
pubads.g.doubleclick.net/pagead/ Frame 2A88 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubads.g.doubleclick.net/pagead/adview?ai=CddYd45SuZY38FcHd1PIPqcSfkAupjsflcuDWzamNEsCNtwEQASAAYJWqs4LAB4IBHWNhLXZpZGVvLXB1Yi04MTcwOTY2NTM4MTUyNTQzyAEF4AIAqAMBmAQAqgSdAk_QrLZrbWpJkjHDvR0waejsxaK9_H0yG_58g3LnAlvax-lKhFGJM1N5e1HeGA-1ZMy6yQWoeftgRYQooQYoCn3MTHTSDrQO4h5vpkl_WQdkhhLgDDOih8O4GWIuDGKPNTaSjTI2ZHwKNLBx02RvFKVu78kxAP4klLgPakUWJ77JQSQziKaUHp9lpLUWR76SQNhtfdDsz5ks4nj7_q74_sLO7PKj9M_9dpTO4NpCgLda_zbR8eacZ2-V39V-nYtf_PY31BUOEsIqoEIJktAGyPqs5_WN99gRrinJvrqHrjVDGUy_h0GFvAgS3W6qZkRzLbms64_cylVW0WrtzM_fZGPO7rkor-OojDl0a4qpM1mDOcxnvLDwPfv6SJ5ICOAEAYAGj_2K-qPj1a9WoAYqqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WIH05rqy8YMDgAoD-gsCCAGADAHiDRMIuLrnurLxgwMVwS5VCB0p4gey0BUBgBcBshccChoSFHB1Yi04MTcwOTY2NTM4MTUyNTQzGJHzbA&sigh=FquEc3GD-DA&uach_m=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&cid=CAQSOwAvHhf_cG2cW2tb2SecBLuqNqeeo8w5RSRUlbciZwnlzClPjQjPYe2EopIRrFHrrU1u_-VUQxvgGVSUGAE&sdkv=h.3.613.0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers
/
b1-eudc1.zemanta.com/bidder/win/googleadx/9d14e734-b941-11ee-b45a-47faa90f37e8/Za6U4wAFfg0IVS7BAAfiKaT8DZxbengf2Fxiiw/7Q6MEP5SKSMX7AT5JZZ4SIZWYPDTYF4JOTZUZQ76ZWFTF2S3YLFDXVIA2ZYA2PVPKF6QGEDOWUCBIJI... Frame 2A88 		0
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b1-eudc1.zemanta.com/bidder/win/googleadx/9d14e734-b941-11ee-b45a-47faa90f37e8/Za6U4wAFfg0IVS7BAAfiKaT8DZxbengf2Fxiiw/7Q6MEP5SKSMX7AT5JZZ4SIZWYPDTYF4JOTZUZQ76ZWFTF2S3YLFDXVIA2ZYA2PVPKF6QGEDOWUCBIJIPXI67FCACCYNB3TYTXW3ORZ2UNHVROCE6MRQXAUB7WHQ335IMNUW726RZROMR7AIGDJDVYKVOEUVWZQIL5GOUNWW7BXLKIATEN5IDXIWDE5YW4BSSG4DCISWNW7A6E622EWOPVPNO7Y5QYT3FDREKLTUUDXOAPLBI4E4CLMDK6BH2BSST2LMLEUUCHD27U4PRAH3E73DLWUNID66QWYWZ5APORTMW3GGAWPZJ52XN4KEBH2VSHSQNKARCYIDLCVALQXOHR2BD7D6HZNOUNDUZ5K4ZM52OWMBV6UFM7MJTZBLL3P2BBZI2HYKEYVD5RLG325G6AZQXXZSXYTMUEFWPKL26DMBLHBH75APG7NNDTU7BNEXRGFKD55MFROIODBUHPJ2FM5IKU7SRUMQCMFKIFH6AJUWR6XHJNJYXI6B6OPMUAAAUYSK2AYOY7GXLAQYYIEITROAAX3BUYNOPLAAQB5VDEJW7TDPPRPEV2PF34CFZRKO3IM3VMXCLTWLBSCUSQ7TBUY7OVZFYABTB24MKPRSB4XQ7S4FCHLVOUMJF7RCULF744GJIUY3HGPZOOE2KGKX6RSDR5B2N4YK6DII2AYSDCNDLVDLLA5COMMWAHRCDCY6EWAO3UJ6KLUDXS6IF36LDS3QVPGLHZJEM5HIHTZTZQBHWRB3I5WX33VMO35W2XLFK/?amtw=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.227.153.225 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Connection
keep-alive
Date
Mon, 22 Jan 2024 16:16:36 GMT
Content-Length
0
dt
dt.adsafeprotected.com/ Frame 5422 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1474271&asId=dcc17185-d318-4fed-4bef-e2516e11c71d&tv=%7Bc:2300o3,time:550,type:e,im:%7Bpci:%7Btdr:504%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:550,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:12,wc:0.0.1600.1200,ac:NaN.NaN.970.90,am:i,cc:NaN.NaN.970.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B546~0%5D,as:%5B546~970.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:123,fm:u26PcEG+11%7C12%7C13%7C14%7C15%7C16%7C171%7C172%7C173%7C18%7C191%7C192%7C193%7C194%7C1a.1874223-77019481%7C1a1%7C1a2%7C1a31%7C1b.1350098-69352127%7C1b1%7C1b2%7C1b3%7C1b4%7C1c%7C1d1%7C1d2%7C1e*.1474271-76103297%7C1e1,idMap:1e*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:13,sis:282%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:7d2:94c5:1ce1:2c8f Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 16:16:36 GMT
server
nginx
x-server-name
dt15.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame B57D 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1350098&asId=25b9d9e9-1d95-accb-ba98-1e1a95dac902&tv=%7Bc:2300oi,time:1065,type:e,im:%7Bpci:%7Btdr:1006%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:1065,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:18,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1061~0%5D,as:%5B1061~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:113,fm:u26PcEG+11%7C12%7C13%7C14%7C15%7C16%7C171%7C172%7C173%7C18%7C191%7C192%7C193%7C194%7C1a.1874223-77019481%7C1a1%7C1a2%7C1a311%7C1b*.1350098-69352127%7C1b1%7C1b2%7C1b3%7C1c%7C1d%7C1e.1474271-76103297,idMap:1b*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:18,sis:174%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:7d2:94c5:1ce1:2c8f Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 16:16:36 GMT
server
nginx
x-server-name
dt14.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
11822513
api.attentionxyz.com/api/event/ Frame 4C61 		2 B
17 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.attentionxyz.com/api/event/11822513
Requested by
Host: attentionxyz.com
URL: https://attentionxyz.com/160-3c6e1570/amt.js?tagLabel=Dept_Agency_cm360&attrAdvertiser=11822513&attrCampaign=31208750&attrSite=7847497&attrPlacement=385568821&attrCreative=208026589&attrAd=576600420&attr1=%edclid!&attr2=j
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.222.118 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
118.222.117.34.bc.googleusercontent.com
Software
/
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Accepts
application/json
Referer
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/
Amt-Event
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJrZXkiOiJhbXQtcHJvZCJ9.8dotrQPk6rXdTZUfYiTmmCx3BKBZ0ngS9huOY_9Rk9s
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 22 Jan 2024 16:16:36 GMT
via
1.1 google
vary
Origin
content-type
text/html
access-control-allow-origin
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
11822513
api.attentionxyz.com/api/event/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.attentionxyz.com/api/event/11822513
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.222.118 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
118.222.117.34.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
accepts,amt-event,content-type
Access-Control-Request-Method
POST
Origin
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
accepts,amt-event,content-type
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Mon, 22 Jan 2024 16:16:36 GMT
vary
Origin, Access-Control-Request-Headers
via
1.1 google
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012312191621000/ Frame 9573 		196 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012312191621000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401170101/pubads_impl.js?cb=31080521
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d5ef37381138e5c82aba1b09a5e9cb76a193c998e80f09e9ec9cdb8c0eac8e17
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://colunadofla.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sun, 21 Jan 2024 13:43:44 GMT
age
95572
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56099
x-xss-protection
0
server
sffe
etag
"b4f73150f1481343"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Mon, 20 Jan 2025 13:43:44 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012312191621000/v0/ Frame 9573 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012312191621000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401170101/pubads_impl.js?cb=31080521
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
291ad59350731069a43cb924ae03eba4174c9157dbb1434679298877141e1fbb
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://colunadofla.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 17 Jan 2024 02:19:24 GMT
age
482232
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5228
x-xss-protection
0
server
sffe
etag
"1615cf8c9658662f"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 16 Jan 2025 02:19:24 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012312191621000/v0/ Frame 9573 		95 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012312191621000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401170101/pubads_impl.js?cb=31080521
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c57e30f3e3440754bfd9c14304db0781d0d1226d5a3b093a4ed015f5007d5c62
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://colunadofla.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 16 Jan 2024 16:12:39 GMT
age
518637
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29030
x-xss-protection
0
server
sffe
etag
"4993b3249a87fa76"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 15 Jan 2025 16:12:39 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012312191621000/v0/ Frame 9573 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012312191621000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401170101/pubads_impl.js?cb=31080521
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ca848bb459064d2d0a527bd0840ec4cbdea5545ab07b8dc7ebb61c8d0cb1a954
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://colunadofla.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 17 Jan 2024 02:31:34 GMT
age
481502
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1930
x-xss-protection
0
server
sffe
etag
"09131eec19261354"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 16 Jan 2025 02:31:34 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012312191621000/v0/ Frame 9573 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012312191621000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401170101/pubads_impl.js?cb=31080521
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
febaf4a1ace567d9e1c2a64b9721eaa47cb418db39c8869b38ecd480bdfde322
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://colunadofla.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 16 Jan 2024 21:00:52 GMT
age
501344
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12961
x-xss-protection
0
server
sffe
etag
"b1091b2fa725aeb2"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 15 Jan 2025 21:00:52 GMT
css
fonts.googleapis.com/ Frame 9573 		6 KB
802 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401170101/pubads_impl.js?cb=31080521
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://colunadofla.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 22 Jan 2024 16:16:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 22 Jan 2024 14:57:25 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 22 Jan 2024 16:16:36 GMT
pt.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 9573 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/pt.png
Requested by
Host: colunadofla.com
URL: https://colunadofla.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
744b436600cd35e7898be8843c04c1115c45bf08143d085ac149e8c4f8151e3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://colunadofla.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 04:34:27 GMT
x-content-type-options
nosniff
server
cafe
age
42129
etag
7735524722462771930
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2886
x-xss-protection
0
expires
Tue, 23 Jan 2024 04:34:27 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 9573 		344 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: colunadofla.com
URL: https://colunadofla.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://colunadofla.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 21:51:44 GMT
x-content-type-options
nosniff
server
cafe
age
66292
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
344
x-xss-protection
0
expires
Mon, 22 Jan 2024 21:51:44 GMT
2076313506083323656
tpc.googlesyndication.com/simgad/13502479457489174100/ Frame 9573 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/13502479457489174100/2076313506083323656
Requested by
Host: colunadofla.com
URL: https://colunadofla.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b127a23ecc6f89444978df823ef1e9086efb39b89cdc4ef7f2814d93d6eed2b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://colunadofla.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Wed, 15 Jan 2025 20:22:21 GMT
date
Tue, 16 Jan 2024 20:22:21 GMT
x-content-type-options
nosniff
age
503655
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33870
x-xss-protection
0
last-modified
Thu, 21 Dec 2023 11:39:08 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
truncated
/ Frame 9573 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
288a22ffc91efc3d480223a6d01055f0a9cccd13edceeae7fb82ce9dee9d7896

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 9573 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6834c120fee916b51e0eea087308a0d758983840dd02646048fda85729f5371d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/png
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 9573 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://colunadofla.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 16:39:21 GMT
x-content-type-options
nosniff
age
257835
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 18 Jan 2025 16:39:21 GMT
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 9573 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://colunadofla.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 16 Jan 2024 00:01:51 GMT
x-content-type-options
nosniff
age
576885
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15740
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 15 Jan 2025 00:01:51 GMT
csi
csi.gstatic.com/ Frame 2A88 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=3~lrp4qvjs&c=7075895314372&slotId=3537947657186&qqid=CM356Lqy8YMDFcEuVQgdKeIHsg&gqid=45SuZai_E__41PIPoty9wAE&fb=ima_html5-lima&sdkv=h.3.613.0&ppt=google%2Fcodepen-demo-&ppv=1.0.0&mrd=4&aab=1&itv=1&ua_e=1
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.613.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2800:3f0:4004:802::2003 , Argentina, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 16:16:36 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame B57D 		0
25 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=5180653536184&version=m202309260101&ct=76&x=1&cor=3881728451157259300
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 16:16:36 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 9573 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CkKPC45SuZYqoKdnS9u8P7IGT-AHG4JKzdd77gdy1EmQQASDmsPlnYJWSmoKsB6ABuMKjgwPIAQmpAhbsStpbRrI-4AIAqAMByAMKqgSkAk_QFq6PC3jtH9EDGQK5mRQvVRjLGOGXiyBhzcKLNkVaBBdrpE2b7c6QIUWViOPyvl8IVHQ6J-TGgkPs7b3kJ0HwnDZgF9AHuzbPrdfXYlJyPFfc08bnjbaQ3svFUQkOd2KbP9UKt-WTh-tha_T5eyt70052d59PJ3gGYgReUe7GqRgK5SldXPFW2rOP7b5Y4MHfwsS1xzdOm1TofsFNuNLajsXp9tW7GQ110LcjF8nIQrAgJF40eUZX7NISg01sGFGc0jrW-zi4F1vp0pjlcqQbYBcq0BrG3GELcKJpqEaPmFoNIFyyw6tqYN51qxYYRyZeL0jVfziqoQiss_1C_7B9Ln5cnWiVJQf_MC1ehxX24fG1FjSiSGNMPnPLubESzyjFP2_ABNOrrJDeBOAEAYgF1M2S402SBQQIBBgBkgUECAUYBKAGLoAHzpr-8ASoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAPIHBBC66QXSCB8IgOGAEBABGB0yAqoCOgKAQEi9_cE6WMj86Lmy8YMDmgk6aHR0cHM6Ly9idWlsZHlvdXIubGFuZHJvdmVyLmRlL2xyL2RlX2RlL2w1NjA_Z2Nsc3JjPWF3LmRzJoAKAcgLAeINEwjTsum5svGDAxVZqf0HHezABB-4E-QD2BMM0BUBgBcBshceChwIABIUcHViLTYyMDE4MzY5Njk0MjQ5ODYYkfNs&sigh=Ok1hF79sq08&uach_m=%5B%5D&ase=2&nis=5&cid=CAQSTwAvHhf_IcrKNHhgPi_V0cpHKvBHT12I8Vt0WG2nMVqe6S5j3IW34QMVsssOExPcqyBKOz1DmCxw6lbx3yWOzMiQz9czu9qwD1C0QN4VpZsYAQ&template_id=484&cbvp=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://colunadofla.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012312191621000/ Frame 2BF5 		196 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012312191621000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401170101/pubads_impl.js?cb=31080521
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d5ef37381138e5c82aba1b09a5e9cb76a193c998e80f09e9ec9cdb8c0eac8e17
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://colunadofla.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sun, 21 Jan 2024 13:43:44 GMT
age
95572
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56099
x-xss-protection
0
server
sffe
etag
"b4f73150f1481343"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Mon, 20 Jan 2025 13:43:44 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012312191621000/v0/ Frame 2BF5 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012312191621000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401170101/pubads_impl.js?cb=31080521
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
291ad59350731069a43cb924ae03eba4174c9157dbb1434679298877141e1fbb
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://colunadofla.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 17 Jan 2024 02:19:24 GMT
age
482232
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5228
x-xss-protection
0
server
sffe
etag
"1615cf8c9658662f"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 16 Jan 2025 02:19:24 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012312191621000/v0/ Frame 2BF5 		95 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012312191621000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401170101/pubads_impl.js?cb=31080521
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c57e30f3e3440754bfd9c14304db0781d0d1226d5a3b093a4ed015f5007d5c62
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://colunadofla.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 16 Jan 2024 16:12:39 GMT
age
518637
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29030
x-xss-protection
0
server
sffe
etag
"4993b3249a87fa76"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 15 Jan 2025 16:12:39 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012312191621000/v0/ Frame 2BF5 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012312191621000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401170101/pubads_impl.js?cb=31080521
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ca848bb459064d2d0a527bd0840ec4cbdea5545ab07b8dc7ebb61c8d0cb1a954
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://colunadofla.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 17 Jan 2024 02:31:34 GMT
age
481502
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1930
x-xss-protection
0
server
sffe
etag
"09131eec19261354"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 16 Jan 2025 02:31:34 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012312191621000/v0/ Frame 2BF5 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012312191621000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401170101/pubads_impl.js?cb=31080521
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
febaf4a1ace567d9e1c2a64b9721eaa47cb418db39c8869b38ecd480bdfde322
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://colunadofla.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 16 Jan 2024 21:00:52 GMT
age
501344
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12961
x-xss-protection
0
server
sffe
etag
"b1091b2fa725aeb2"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 15 Jan 2025 21:00:52 GMT
css
fonts.googleapis.com/ Frame 2BF5 		6 KB
706 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401170101/pubads_impl.js?cb=31080521
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://colunadofla.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 22 Jan 2024 16:16:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 22 Jan 2024 15:30:39 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 22 Jan 2024 16:16:36 GMT
pt.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 2BF5 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/pt.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401170101/pubads_impl.js?cb=31080521
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
744b436600cd35e7898be8843c04c1115c45bf08143d085ac149e8c4f8151e3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://colunadofla.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 04:34:27 GMT
x-content-type-options
nosniff
server
cafe
age
42129
etag
7735524722462771930
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2886
x-xss-protection
0
expires
Tue, 23 Jan 2024 04:34:27 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 2BF5 		344 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401170101/pubads_impl.js?cb=31080521
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://colunadofla.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 21:51:44 GMT
x-content-type-options
nosniff
server
cafe
age
66292
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
344
x-xss-protection
0
expires
Mon, 22 Jan 2024 21:51:44 GMT
2076313506083323656
tpc.googlesyndication.com/simgad/13502479457489174100/ Frame 2BF5 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/13502479457489174100/2076313506083323656
Requested by
Host: colunadofla.com
URL: https://colunadofla.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b127a23ecc6f89444978df823ef1e9086efb39b89cdc4ef7f2814d93d6eed2b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://colunadofla.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Wed, 15 Jan 2025 20:22:21 GMT
date
Tue, 16 Jan 2024 20:22:21 GMT
x-content-type-options
nosniff
age
503655
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33870
x-xss-protection
0
last-modified
Thu, 21 Dec 2023 11:39:08 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
truncated
/ Frame 2BF5 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
288a22ffc91efc3d480223a6d01055f0a9cccd13edceeae7fb82ce9dee9d7896

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 2BF5 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
929dc36297d25b8b341eead18b0f6e9a286e24471b4261bd03c2a343817a96a4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/png
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 2BF5 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://colunadofla.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 16:39:21 GMT
x-content-type-options
nosniff
age
257835
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 18 Jan 2025 16:39:21 GMT
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 2BF5 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://colunadofla.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 16 Jan 2024 00:01:51 GMT
x-content-type-options
nosniff
age
576885
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15740
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 15 Jan 2025 00:01:51 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 2BF5 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CPnnE5JSuZZWSC4ig9u8PhISxiArG4JKzdd77gdy1ErTC4J-8ARABIOaw-WdglZKagqwHoAG4wqODA8gBCakCNsTwkR9Hsj7gAgCoAwHIAwqqBKECT9CHOzQl2gWHG3CgAMgMaNA_GDkJJnvhSeiwXAfakXhoEpi92N9DBH6Ui4YXM-gpqqBqHbG8K61vqIpsg_LWJcruH1pDMY1yzy-VXJ5HFvJNXtryK-EEFMdYiE2DLfyx1FIfEZaeTdvG6d7H5WncBYjfJOVkGfd6MFGSkJOzwYCszvd6MTDyogV8FkDmUq0sz2bEJGHo52MlQE8-mcLql7yEnlt_8NaFvJnC75nvp9YyJSAmJ-n8SjlRFVTmQw5gG9-NFNhef_dWCU9SDBvE6VW8k6eqHSQWKMipR2y6qh8_J2f-MAinmbs0yucDjksuHOewyS5uoYXl2vkDu7cbYiSbvReZvBsY5TJSXaetTLaOtMehehvKriaqqfO7jwT24sAE06uskN4E4AQBiAXUzZLjTZIFBAgEGAGSBQQIBRgEoAYugAfOmv7wBKgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcA8gcEEP3lBNIIHwiA4YAQEAEYHTICqgI6AoBASL39wTpYxaXpubLxgwOaCTpodHRwczovL2J1aWxkeW91ci5sYW5kcm92ZXIuZGUvbHIvZGVfZGUvbDU2MD9nY2xzcmM9YXcuZHMmgAoByAsBogwIKgYKBKy6sQLiDRMIgsnpubLxgwMVCJD9Bx0EQgyhuBPkA9gTDNAVAYAXAbIXHgocCAASFHB1Yi02MjAxODM2OTY5NDI0OTg2GJHzbA&sigh=Kl4u0tS9kdM&uach_m=%5B%5D&ase=2&nis=5&cid=CAQSTwAvHhf_OZDE7BYrxjag37HSjoDa1nV8nFZVdkjelZkuGopU2lVy90tNrWFhXl3mmq_6CK2VDoR4ZH8E1u5Mj5y_RzSn9O4O-heUhoThU9gYAQ&template_id=484&cbvp=2
Requested by
Host: colunadofla.com
URL: https://colunadofla.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://colunadofla.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers
dt
dt.adsafeprotected.com/ Frame E7D8 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1874223&asId=e6e6cb43-d112-5d96-5a03-45b5fbae2e9d&tv=%7Bc:2300vQ,pingTime:1,time:2068,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:11%7D,%7Bpiv:100,vs:i,r:,t:1068%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1000,o:1068,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:11,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1063~0,0~100%5D,as:%5B1063~300.250%5D%7D%7D,%7Bsl:i,t:1068,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:187,fm:u26PcEG+11%7C12%7C13%7C14%7C15%7C16%7C171%7C172%7C173%7C18%7C19%7C1a*.1874223-77019481%7C1a1%7C1a2%7C1a3%7C1b.1350098-69352127%7C1e.1474271-76103297,idMap:1a*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:12,sis:162%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:7d2:94c5:1ce1:2c8f Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 16:16:36 GMT
server
nginx
x-server-name
dt13.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame E7D8 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1874223&asId=e6e6cb43-d112-5d96-5a03-45b5fbae2e9d&tv=%7Bc:2300vR,pingTime:1,time:2069,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:11%7D,%7Bpiv:100,vs:i,r:,t:1068%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1001,o:1068,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:11,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1063~0,0~100%5D,as:%5B1063~300.250%5D%7D%7D,%7Bsl:i,t:1068,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:187,fm:u26PcEG+11%7C12%7C13%7C14%7C15%7C16%7C171%7C172%7C173%7C18%7C19%7C1a*.1874223-77019481%7C1a1%7C1a2%7C1a3%7C1b.1350098-69352127%7C1e.1474271-76103297,idMap:1a*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:12,sis:162%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:7d2:94c5:1ce1:2c8f Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 16:16:36 GMT
server
nginx
x-server-name
dt10.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
json
gum.criteo.com/sid/ 		2 B
374 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fcolunadofla.com%2F&domain=colunadofla.com&cw=1&lsw=1
Requested by
Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://colunadofla.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
application/json

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 16:16:36 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://colunadofla.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
253127
expires
0
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fcolunadofla.com%2F&domain=colunadofla.com&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://colunadofla.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://colunadofla.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Mon, 22 Jan 2024 16:16:35 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
194174
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 4C5A 		281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-22-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://colunadofla.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 22 Jan 2024 16:16:36 GMT
ETag
"280524-119-60b38417c4040"
Last-Modified
Tue, 28 Nov 2023 15:41:45 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
/
onetag-sys.com/usync/ 		0
87 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/usync/?tag=img
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://colunadofla.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-store
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
usync.js
eus.rubiconproject.com/ Frame 4C5A 		40 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-22-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
cd3bec578049163e4cd3e91e52d55040e999465b011fde978ca10b689317ac4c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 22 Jan 2024 16:16:36 GMT
Content-Encoding
gzip
Last-Modified
Mon, 22 Jan 2024 09:39:05 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=62557
Connection
keep-alive
Content-Length
10964
Expires
Tue, 23 Jan 2024 09:39:13 GMT
khaos.json
token.rubiconproject.com/ Frame 4C5A 		7 B
380 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
3bafef7aa4e37890defcd73f0a080481
Expires
0
dt
dt.adsafeprotected.com/ Frame 5422 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1474271&asId=dcc17185-d318-4fed-4bef-e2516e11c71d&tv=%7Bc:2300yL,pingTime:-10,time:1214,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtNjB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMjAuMC42MDk5LjIyNCBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1705940194985%7C%7C7cac4aebe1e9134074d5d149684dafff%7C%7C09dd4f7e094d0daae996260c074cbdea%7C%7C0b480eee79b487c575ed2a74d7da8504%7C%7Cf4cdcd9069ea861df1e3cf4f029554b6%7C%7C153719d1b3935e26d7bb3a1c11de9e6f%7C%7Cf983d3b6a2d84ca9e6797bff05e5ae15%7C%7C5e8f8af22261d4362678b01414798b10%7C%7C1663701684,sca:%7Bspg:e6e6cb43-d112-5d96-5a03-45b5fbae2e9d%7D%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:7d2:94c5:1ce1:2c8f Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 16:16:36 GMT
server
nginx
x-server-name
dt12.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame B57D 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1350098&asId=25b9d9e9-1d95-accb-ba98-1e1a95dac902&tv=%7Bc:2300zu,pingTime:-10,time:1759,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtNjB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMjAuMC42MDk5LjIyNCBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1705940194985%7C%7C7cac4aebe1e9134074d5d149684dafff%7C%7C09dd4f7e094d0daae996260c074cbdea%7C%7C0b480eee79b487c575ed2a74d7da8504%7C%7Cf4cdcd9069ea861df1e3cf4f029554b6%7C%7C153719d1b3935e26d7bb3a1c11de9e6f%7C%7Cf983d3b6a2d84ca9e6797bff05e5ae15%7C%7C5e8f8af22261d4362678b01414798b10%7C%7C1663701684,sca:%7Bspg:e6e6cb43-d112-5d96-5a03-45b5fbae2e9d%7D%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:7d2:94c5:1ce1:2c8f Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 16:16:36 GMT
server
nginx
x-server-name
dt10.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
container.html
48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 304F 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401170101/pubads_impl.js?cb=31080521
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://colunadofla.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
3
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 22 Jan 2024 16:16:33 GMT
expires
Tue, 21 Jan 2025 16:16:33 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame 541D 		466 B
238 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjgyrvGATAB&v=APEucNWv3tkSH29UTXrBLqTIflW9mT_5w_TCBI1EzryL6lJnYVB2HFXsUSLdQTqkAgXpMGt3zQDK1Z03YjLwtigLW3iDsCWSnQl3mPUrlekZ0Av--jMxStUMENJkL_8TZq3D1rQ4P8lsNK-Q3yWDppgqiDKzeqRcQUyJjZ5ODW-ETt_p23kMiR2NbyCrkec5gVdGbAMjVnZBSLAuVMnnLULyEiBrgE09Bw
Requested by
Host: 48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com
URL: https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
37ab5c060ae53ccda75b8bd212d874a17650f7954b11c4e31f568990ab40196b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
215
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 22 Jan 2024 16:16:36 GMT
expires
Mon, 22 Jan 2024 16:16:36 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 304F 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: 48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com
URL: https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 16:16:36 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31485
x-xss-protection
0
server
cafe
etag
7119415641918660631
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Mon, 22 Jan 2024 16:16:36 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 304F 		42 B
68 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CNBVOS7YBPyJdpIVPOC7YMwuE0Bx7HJOMDT8i83RgjWd1mwhy_TX62Ga6pbS2AG39Mv2A3BGgJ0_Bz5WmqNvOMdPwdEjcUe04-pdsEw2Cc1GfEVkw
Requested by
Host: 48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com
URL: https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 16:16:37 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame 304F 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/window_focus_fy2021.js
Requested by
Host: 48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com
URL: https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 09:41:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
23711
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 05 Feb 2024 09:41:25 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame 304F 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com
URL: https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 18:29:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
78439
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8492
x-xss-protection
0
server
cafe
etag
9878124937798820110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 04 Feb 2024 18:29:17 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 304F 		206 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: 48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com
URL: https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 16:16:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66453
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1705495733332172"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 22 Jan 2024 16:16:36 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 5422 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsussdEzggCLnF0TjymsUnfIuwIllIsoNBpYFsqjr6eX0jVBI8VuqvmEzRmjWIeeMYkuqKrBc_nBimkHRycrw7mwSMkQKQ-4TpHOl0kxcWPwn92rFAFcCvhLNw99IRh9x_l9eyAhSE6Oacab0GMfC8Sjynz_&sai=AMfl-YSUiLP1OWM7yo3I4eP_chOcXmeCSKzys9Vp4NW5Q5-85joDECTposQ2-WYNy8DobQvQ4wm4nO7H5hPFYdC-sJgR4uolP_0_60rdssZr79LkUw7dCfP0WoYKhysQLg9AoHBfGi8jdGQkCKlO6WmPCw&sig=Cg0ArKJSzHAqg8Zp_GzYEAE&cid=CAQSTwAvHhf_k4GpQl1RQ3DezelWbThTcwzD7ye3_F7xYLNuR-AU_pNF8H6xfc_R57CcRqPhPZmGOYvYG4lHl4ukUvN9kn9FdYLMUCrB7jinWrUYAQ&id=lidar2&mcvt=1000&p=1110,315,1200,1285&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240117&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1861204021&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1705940195283&rpt=648&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 16:16:37 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
partner
sync.search.spotxchange.com/ Frame 541D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESECTNZ2feq2tOOqU9chLyOO0&google_cver=1
0
0
partner
sync.search.spotxchange.com/ Frame 541D 		0
0
sync
ups.analytics.yahoo.com/ups/58269/ Frame 541D 		0
125 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjgyrvGATAB&v=APEucNWv3tkSH29UTXrBLqTIflW9mT_5w_TCBI1EzryL6lJnYVB2HFXsUSLdQTqkAgXpMGt3zQDK1Z03YjLwtigLW3iDsCWSnQl3mPUrlekZ0Av--jMxStUMENJkL_8TZq3D1rQ4P8lsNK-Q3yWDppgqiDKzeqRcQUyJjZ5ODW-ETt_p23kMiR2NbyCrkec5gVdGbAMjVnZBSLAuVMnnLULyEiBrgE09Bw
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 16:16:37 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
gen_204
pagead2.googlesyndication.com/pagead/ Frame 304F 		0
25 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=9595364795348&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 16:16:37 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 304F 		0
25 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=9595364795348&version=m202309260101&ct=77&x=1&cor=3181488269748385300
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 16:16:37 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 304F 		20 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DLQNVh8m21-qoojsLymjDxpoce9OxwMFwNb7hiToGGCxfXW1INCqTONecndYA3TbFnSAW6gMbtNbtMU3ricMDMsMWXQd3SDfKuWp4ihc2ekl_y8ds71NaRXMzSylYQuhFhi187dE9YFdl7fp_C_RpChnetMiMlK1QClcb7SmgYGJiLmkM&cry=1&dbm_d=AKAmf-C0jsPlEtMy5yFTb0ofCR_ZNn9rvabaRDneOIT5sfn7ASQDdze4SGtDc6ktESsmZMUsDVuEfjczvhZZYuiVxeNBadfI-ksjyGJrdqGq4G1xui9F0oc-5Q9jCCdjncpo3Ah_AFJAfKx_2FZF3gxZ5FwoUbQmrp7W3RSKl0P7xGd9UBIDwwzDYW6fHezJgIfLay272HoQ8VR7r2Vucg_CHb53mcyiWpE05pwi6rEq7N9OUneydAZIZRxbf8FxyUasLOZeCdrhOFtyKHo1W_JjUhI8TwtUR19y99MPJ7rJnuHPRwVtmIUqY2CN_uashdEavLKKZBbC0DE069AmcCyRadUqj3qf0k-B1RmuSk5m_lA9rzHyJ4jqw9DbAlxIqs2Yw9cr-zSQQaxo7Rdc0p7aAVSjx7VKiZdQmBUxZoHrm20Y3Yhagx-YG210sUw01GzOsgr11YHOwEtyBs0LFVkac9RcnuHu_IIbsxd3LW_vwu0CgqOMHpWjo8l2ej9bnNc5i8cxyTB1nBOFNsQ2Rd1itGXmtZAogi4MmKp_IE0sXyJn1Ndq_D7e-wG_9T8irS7ojurlZL-iRodjlxIei5EddugsGM3n5A0uYDxXiyuuyCU1hsjGCf6sk7Td2Vx3YDEO15R9G0TftFiMnJ_wlsIG2kxwAafsS4qKsf3YRplRFDu_tEo4M55lRrPWq3jjVyUMY5dD3S6ej3FPhKvU3CtqL6M0gYyejSHYbvdHb0KZVUsGxeOyV3XJpx6QimKvkI6MxwbrZX22rP4PMhwIV8FGblC7lBb1I7KqYNPlxS-dT63VbGNLIvKnTmRc3AtyMrY-jcAEgcvtZrl-zBmwzbJgPipzheKDxxv-EJxaTD0A4QSWDJonc6w3ad3tkPCGQRN6KXZqDkrWzo7EoM4torp9jq1OH3pdbdk8zpQFV2w9JM_NP_pUuo9UiqKOmi3Icc_G2rDs3YaUtzK64sTdbjpt7nf4z1MymvD5008MEXy-jXBs4QjbhAkY4ByDF8_AJnFcTS6d9LoDZ_eoWCFwwUOdnn0_Ptc_xIigqCDx4gquoPqLPXmfcC3kvREYhBT13vNtHm5Dh2a556ygCW6zARxQdimh761EFzhAyUNhMpmQChQs3Vz-ENqfwGZ5vuqOnhLog_tpAKK0zBNWCJAc5nDuL9MjosuU_OXxw3omR7TTR3XPSjYg8uK1SG89FdyAEIBJh-o7_6a2Yyq8bHhRE-c2c1FY2qvObNFfCIz2N6F0C4BUvQ6_GVqNyjhy6xlA3BaLNh7eBNMZaqwZfEet-i2mQLzlylhkoRb2Giz8TS7Z3zi2tDLrsLsrV0OzewKe94rdPmDBOGMJeTds-uxGv6VzfVcUPXEq5KCD4AhzCHYyKKoG2W71rqdTw6hpXP0Naueu8C8G7AqkHQddL51JRjd8O7G_GdV3d5ywWnDLsV0hQtxf8WD2NBaij7tmM2jldVlUIFIGbvf71VIgtaH_Zaia-ao7BGduNgg_NDiXm8rm7AcKkDQQ3sbmWgyv2urJm86noBVcSNNn9RjHZTv8qKZpfioL7dkTAAFW3IKclRCngAlZQhDPynZT3dwZwrsoe9fum1eJYbnH9HoEjC5HCgI2PpASF8WHJxspa2BCGrm8fMXK-866iuMpfloH2TQjhrL7yHbF7dWn4P0giCL9LnIkK6r17VLbqX3ECimYcFxYN9J_iShDGX4DlUG-2kMOtK9SBaxam9dHktIr1klRxJm5ROGj2-X15VvLWtdVSnvKmNolAa7_ft98561rNSQuXomBat9ETxu5FRb5tCkBeQKtUJbbuF2oJCiaSNUOno78pyhnePlw3duki6qZdQCUCXpeO-wni4ljgmRQfZT5RjlzcvIU1FgmXd6NxrvmS7BW1SR1Kuc6rbwQ6VjZkbdRzjaSfWSymcgD1qKniPp_nwRf6uM_jJyRprN_mqL--zhapy-2RitIqO3n6AzvL6_yFvh70a6XwFagre30eRNE1Nph6TViowiUbzkQri0Q180BE-BCJJ8THvfYOCP3maqHkcdMvHNgErkeTO3QpROPolbqUjnqDLh2CpZc1kd_uqT3wzuxZr-dNfDIX7Ote3HixABp3xk8a4xVIlmhbRL1bYdA1-L--t_KcqwOpgiddm_LtenIs2lD-O-HKDTAmubXYXF3sDRPpoaP4ewY6bMWcPIX4YUBZMVJ06wEP3d7g29XCmLkSEgieb7Mpuov-Lch6vWVptf5lXLP9q6GlVYX8LszYenRgKgb960lPFADg3PNYLx8QbNPDAQ8cO5wywF9n41YVOAMTxFOBSTLGOxY6Yz3fDliZHaEQhUwud1ivm54KSMWwGw9Di3p1xeHQgF2acVefntc4cK-0uJUaXdzMLgCSpcQ9hBWnx-keuCpccY4jZhPD9BameGOB38G48vuOsM_ck4nKMVV9ubRx8T86O_gO8GuC5zwexf41PE0y9-JFOsW7RVoSn5LVMwUEn0JBYA2fZOQ9pIfwG8xdmU14USI0-QcSa7hpKunNQLFaafuyRjBP65F8PV1u7Q3yhcT75Rqv9NOK-5ODy0-GIFM6PP5RszxmNDjNClgM8-FLvaL6kQdvsDg4-VaamHj8dncQ6fvZ2ZtvERnNgG2qgbqhNzavqHomkJnhnd1LlOLuJ7jY4QOJC1Y2Rpu4XR1sXtX1WFJTdnd3835nhhnVXiXkB2XATD7hKeqAJnT7vj9X4fStYN7oQGiY-WF0wbtGwpypkPhUhIUFR0cgbloqTkIQzEST2LumbgmsIVEROeVwRY_ufipIVVHgkagE4rptzZ-RSZIWipqKu2Wz5JclMiiHCG5WvBOxJJ3kJxeSFuIPJL0xyYJy39ONBcmUABqMiZLHZJ8cFjEMbhErTByhCG-goZ_EgQ0db3VGsiKlBgPramQZpKdSUEV_VyBjfKr-i8H9QZlTdH8rdkWq09Mz2EAq1eyxnDFZDAqvjI6pUrZIAExZBqLuVnVmM83AMzmK6RBvd984ZwxojGl8g-W2HfUL4G75iExNCAFixUcOzQ_OE-PPI0uGgjRmsA6FXgTFutLoKxpzP1o-QThaCx_5UrShPj0CQn3iFCLCe3yRMyUJGCA9JAoX2JI4-WaCD-_cIQE_j2rd6SDGy46GZB9tc-zOwqretXGYByR2p1uFMbKUkVPRaiv4c8M6aaOB9VTVYYF2aaU59k2ZA1oDL9W6QW4Er4X0wwtm0rBfrvQkx-Z8ewN7smMcyce3uXHHVQYF7G8dOqW3JR6HJ2SmGoczclGyQI76lcy-7CzNSW--f0WLSsNJ2FRsal5sIGRr_V9gbQdxLHieg5MbaNGRVhic1j8VmqWU6HknYaE5d2oYoEzoROjgwCzYNDA6f0XxgbrmH8K1WpBuCG10syGBCK4ir4ginWCCRlI8eUeY80gPXldXovNJ48kTkF5BCmHsilR7bQo6K0VM_AzkvOiXJqhFrI6I2vUBiVQt_S3l3g1fPmfTP9SjTqdalQa6z97GlHnanIVjp-GA4DX_bqb3KLhMD2G5j6i6AED4IONWKLX5zoiWa_wqIRcUZt-ybT72N0WCpJgmq8zzhb1ULITOmexbKXMs3lTfOY7YKMFnK15WGcdRRvK7bHCuMFE034fV7UoyZw-nf1AmtfRQcd7T01Gy5Ns31edNlkusDdTjoL8471EAyRB4lGc8_q-4EcBn-Yyq9y4XKUBKwOZA5upiNoV6FBOg5dVO2JMeKCPeFVJV3Myt2FTFJIQN8VSklucNToAVuC0G9vhIZfrUvmxLLfjOmfmrQPD5T87rxJCwaz_Za8kApLRfWEoQ-FGBuRCgXqHc-N3ax45r8X2KnTfqTMA1a46QFs9ze120BvCgqhYjy4tpEOjXsxKzpN7b7Q2TVeQOb9CMCISB-aKIDqoxyB9ZSgx2nvsD48R9citTkChx61QUNblF5ko1FBkP5-7OHrN351RH1bczyPhHh-IaEgwS4qT2PfAhW3qimEqukjtEair4kIql8drek6vqHU&cid=CAQSTgAvHhf_RV0BhrvZWimw9WKQVGHgTiX6y4hfgvSK0ed4HargYin8aZm_23Nxh5YrQSWYc8DfyHrL3_xCCzQkpKesDvnLCoioHZCQ9JaXhxgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fcolunadofla.com%2F&ds=l&xdt=1&iif=1&cor=3181488269748385300&adk=2265872548&idt=106&cac=0&dtd=6
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ec0b5ca45945ff681b90cbf9cbcc7c3046483d65894dc576f1ca2dcfe6726f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 16:16:37 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14056
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5422 		0
25 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=6779239937536&version=m202309260101&ct=76&x=1&cor=6785805083957074000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 16:16:37 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 304F 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DLQNVh8m21-qoojsLymjDxpoce9OxwMFwNb7hiToGGCxfXW1INCqTONecndYA3TbFnSAW6gMbtNbtMU3ricMDMsMWXQd3SDfKuWp4ihc2ekl_y8ds71NaRXMzSylYQuhFhi187dE9YFdl7fp_C_RpChnetMiMlK1QClcb7SmgYGJiLmkM&cry=1&dbm_d=AKAmf-C0jsPlEtMy5yFTb0ofCR_ZNn9rvabaRDneOIT5sfn7ASQDdze4SGtDc6ktESsmZMUsDVuEfjczvhZZYuiVxeNBadfI-ksjyGJrdqGq4G1xui9F0oc-5Q9jCCdjncpo3Ah_AFJAfKx_2FZF3gxZ5FwoUbQmrp7W3RSKl0P7xGd9UBIDwwzDYW6fHezJgIfLay272HoQ8VR7r2Vucg_CHb53mcyiWpE05pwi6rEq7N9OUneydAZIZRxbf8FxyUasLOZeCdrhOFtyKHo1W_JjUhI8TwtUR19y99MPJ7rJnuHPRwVtmIUqY2CN_uashdEavLKKZBbC0DE069AmcCyRadUqj3qf0k-B1RmuSk5m_lA9rzHyJ4jqw9DbAlxIqs2Yw9cr-zSQQaxo7Rdc0p7aAVSjx7VKiZdQmBUxZoHrm20Y3Yhagx-YG210sUw01GzOsgr11YHOwEtyBs0LFVkac9RcnuHu_IIbsxd3LW_vwu0CgqOMHpWjo8l2ej9bnNc5i8cxyTB1nBOFNsQ2Rd1itGXmtZAogi4MmKp_IE0sXyJn1Ndq_D7e-wG_9T8irS7ojurlZL-iRodjlxIei5EddugsGM3n5A0uYDxXiyuuyCU1hsjGCf6sk7Td2Vx3YDEO15R9G0TftFiMnJ_wlsIG2kxwAafsS4qKsf3YRplRFDu_tEo4M55lRrPWq3jjVyUMY5dD3S6ej3FPhKvU3CtqL6M0gYyejSHYbvdHb0KZVUsGxeOyV3XJpx6QimKvkI6MxwbrZX22rP4PMhwIV8FGblC7lBb1I7KqYNPlxS-dT63VbGNLIvKnTmRc3AtyMrY-jcAEgcvtZrl-zBmwzbJgPipzheKDxxv-EJxaTD0A4QSWDJonc6w3ad3tkPCGQRN6KXZqDkrWzo7EoM4torp9jq1OH3pdbdk8zpQFV2w9JM_NP_pUuo9UiqKOmi3Icc_G2rDs3YaUtzK64sTdbjpt7nf4z1MymvD5008MEXy-jXBs4QjbhAkY4ByDF8_AJnFcTS6d9LoDZ_eoWCFwwUOdnn0_Ptc_xIigqCDx4gquoPqLPXmfcC3kvREYhBT13vNtHm5Dh2a556ygCW6zARxQdimh761EFzhAyUNhMpmQChQs3Vz-ENqfwGZ5vuqOnhLog_tpAKK0zBNWCJAc5nDuL9MjosuU_OXxw3omR7TTR3XPSjYg8uK1SG89FdyAEIBJh-o7_6a2Yyq8bHhRE-c2c1FY2qvObNFfCIz2N6F0C4BUvQ6_GVqNyjhy6xlA3BaLNh7eBNMZaqwZfEet-i2mQLzlylhkoRb2Giz8TS7Z3zi2tDLrsLsrV0OzewKe94rdPmDBOGMJeTds-uxGv6VzfVcUPXEq5KCD4AhzCHYyKKoG2W71rqdTw6hpXP0Naueu8C8G7AqkHQddL51JRjd8O7G_GdV3d5ywWnDLsV0hQtxf8WD2NBaij7tmM2jldVlUIFIGbvf71VIgtaH_Zaia-ao7BGduNgg_NDiXm8rm7AcKkDQQ3sbmWgyv2urJm86noBVcSNNn9RjHZTv8qKZpfioL7dkTAAFW3IKclRCngAlZQhDPynZT3dwZwrsoe9fum1eJYbnH9HoEjC5HCgI2PpASF8WHJxspa2BCGrm8fMXK-866iuMpfloH2TQjhrL7yHbF7dWn4P0giCL9LnIkK6r17VLbqX3ECimYcFxYN9J_iShDGX4DlUG-2kMOtK9SBaxam9dHktIr1klRxJm5ROGj2-X15VvLWtdVSnvKmNolAa7_ft98561rNSQuXomBat9ETxu5FRb5tCkBeQKtUJbbuF2oJCiaSNUOno78pyhnePlw3duki6qZdQCUCXpeO-wni4ljgmRQfZT5RjlzcvIU1FgmXd6NxrvmS7BW1SR1Kuc6rbwQ6VjZkbdRzjaSfWSymcgD1qKniPp_nwRf6uM_jJyRprN_mqL--zhapy-2RitIqO3n6AzvL6_yFvh70a6XwFagre30eRNE1Nph6TViowiUbzkQri0Q180BE-BCJJ8THvfYOCP3maqHkcdMvHNgErkeTO3QpROPolbqUjnqDLh2CpZc1kd_uqT3wzuxZr-dNfDIX7Ote3HixABp3xk8a4xVIlmhbRL1bYdA1-L--t_KcqwOpgiddm_LtenIs2lD-O-HKDTAmubXYXF3sDRPpoaP4ewY6bMWcPIX4YUBZMVJ06wEP3d7g29XCmLkSEgieb7Mpuov-Lch6vWVptf5lXLP9q6GlVYX8LszYenRgKgb960lPFADg3PNYLx8QbNPDAQ8cO5wywF9n41YVOAMTxFOBSTLGOxY6Yz3fDliZHaEQhUwud1ivm54KSMWwGw9Di3p1xeHQgF2acVefntc4cK-0uJUaXdzMLgCSpcQ9hBWnx-keuCpccY4jZhPD9BameGOB38G48vuOsM_ck4nKMVV9ubRx8T86O_gO8GuC5zwexf41PE0y9-JFOsW7RVoSn5LVMwUEn0JBYA2fZOQ9pIfwG8xdmU14USI0-QcSa7hpKunNQLFaafuyRjBP65F8PV1u7Q3yhcT75Rqv9NOK-5ODy0-GIFM6PP5RszxmNDjNClgM8-FLvaL6kQdvsDg4-VaamHj8dncQ6fvZ2ZtvERnNgG2qgbqhNzavqHomkJnhnd1LlOLuJ7jY4QOJC1Y2Rpu4XR1sXtX1WFJTdnd3835nhhnVXiXkB2XATD7hKeqAJnT7vj9X4fStYN7oQGiY-WF0wbtGwpypkPhUhIUFR0cgbloqTkIQzEST2LumbgmsIVEROeVwRY_ufipIVVHgkagE4rptzZ-RSZIWipqKu2Wz5JclMiiHCG5WvBOxJJ3kJxeSFuIPJL0xyYJy39ONBcmUABqMiZLHZJ8cFjEMbhErTByhCG-goZ_EgQ0db3VGsiKlBgPramQZpKdSUEV_VyBjfKr-i8H9QZlTdH8rdkWq09Mz2EAq1eyxnDFZDAqvjI6pUrZIAExZBqLuVnVmM83AMzmK6RBvd984ZwxojGl8g-W2HfUL4G75iExNCAFixUcOzQ_OE-PPI0uGgjRmsA6FXgTFutLoKxpzP1o-QThaCx_5UrShPj0CQn3iFCLCe3yRMyUJGCA9JAoX2JI4-WaCD-_cIQE_j2rd6SDGy46GZB9tc-zOwqretXGYByR2p1uFMbKUkVPRaiv4c8M6aaOB9VTVYYF2aaU59k2ZA1oDL9W6QW4Er4X0wwtm0rBfrvQkx-Z8ewN7smMcyce3uXHHVQYF7G8dOqW3JR6HJ2SmGoczclGyQI76lcy-7CzNSW--f0WLSsNJ2FRsal5sIGRr_V9gbQdxLHieg5MbaNGRVhic1j8VmqWU6HknYaE5d2oYoEzoROjgwCzYNDA6f0XxgbrmH8K1WpBuCG10syGBCK4ir4ginWCCRlI8eUeY80gPXldXovNJ48kTkF5BCmHsilR7bQo6K0VM_AzkvOiXJqhFrI6I2vUBiVQt_S3l3g1fPmfTP9SjTqdalQa6z97GlHnanIVjp-GA4DX_bqb3KLhMD2G5j6i6AED4IONWKLX5zoiWa_wqIRcUZt-ybT72N0WCpJgmq8zzhb1ULITOmexbKXMs3lTfOY7YKMFnK15WGcdRRvK7bHCuMFE034fV7UoyZw-nf1AmtfRQcd7T01Gy5Ns31edNlkusDdTjoL8471EAyRB4lGc8_q-4EcBn-Yyq9y4XKUBKwOZA5upiNoV6FBOg5dVO2JMeKCPeFVJV3Myt2FTFJIQN8VSklucNToAVuC0G9vhIZfrUvmxLLfjOmfmrQPD5T87rxJCwaz_Za8kApLRfWEoQ-FGBuRCgXqHc-N3ax45r8X2KnTfqTMA1a46QFs9ze120BvCgqhYjy4tpEOjXsxKzpN7b7Q2TVeQOb9CMCISB-aKIDqoxyB9ZSgx2nvsD48R9citTkChx61QUNblF5ko1FBkP5-7OHrN351RH1bczyPhHh-IaEgwS4qT2PfAhW3qimEqukjtEair4kIql8drek6vqHU&cid=CAQSTgAvHhf_RV0BhrvZWimw9WKQVGHgTiX6y4hfgvSK0ed4HargYin8aZm_23Nxh5YrQSWYc8DfyHrL3_xCCzQkpKesDvnLCoioHZCQ9JaXhxgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fcolunadofla.com%2F&ds=l&xdt=1&iif=1&cor=3181488269748385300&adk=2265872548&idt=106&cac=0&dtd=6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 17:14:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
428509
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 16 Jan 2025 17:14:48 GMT
attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwNTk0MDE5NzA1OTAyMQogIHNlcnZlcl9pcDogMTI2MDYzNjAwCiAgcHJvY2Vzc19pZDogMjQ2Njc0MDY1NQp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAxMTg2ODk0...
ad.doubleclick.net/ddm/activity/ Frame 304F 		0
22 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwNTk0MDE5NzA1OTAyMQogIHNlcnZlcl9pcDogMTI2MDYzNjAwCiAgcHJvY2Vzc19pZDogMjQ2Njc0MDY1NQp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAxMTg2ODk0MwphZHZlcnRpc2VyX2RvbWFpbjogImh0dHBzOi8vcmVkaW50ZWxsaWdlbmNlLm5ldCIKeGZhX2F0dHJpYnV0aW9uX2ludGVyYWN0aW9uX3R5cGU6IFZJRVcKaW1wcmVzc2lvbl9wcmlvcml0eTogMAppbXByZXNzaW9uX2V4cGlyeV9pbl9kYXlzOiAzMApldmVudF9pbXByZXNzaW9uX2lkOiA2NjYzMzI0MjAzODg5NTMwOTAzCmRlYnVnX2tleTogMTUwMTU1OTM0NjAyNTg5NDM1NDgKaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUFJPRFVDVF9UWVBFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAyCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0lOVEVSQUNUSU9OX1RZUEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDMKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fSU5URVJBQ1RJT05fREFURQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBzdHJpbmdfdmFsdWU6ICIyMDI0LTAxLTIyIgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9GTE9PRExJR0hUX0NPTkZJR19JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMTE4Njg5NDMKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fQ09SRV9QTEFURk9STV9TRVJWSUNFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAwCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1BMQVRGT1JNX1RZUEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDAKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUVVFUllfQ09VTlRSWQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBzdHJpbmdfdmFsdWU6ICJVUyIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUExBQ0VNRU5UX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAzMzIyNTk3NDEKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRFYzX0FEVkVSVElTRVJfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDg3ODI0MzY5NgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9EVjNfTElORV9JVEVNX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAxNjY2MDE0MjA2MwogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9EVjNfQ1JFQVRJVkVfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDQxNjIxMjMyMAogIH0KfQphcmNoZXR5cGVfaWQ6IDEyCmFyY2hldHlwZV9pZDogMTMKYXJjaGV0eXBlX2lkOiAxNAphcmNoZXR5cGVfaWQ6IDE1CmFkdmVydGlzZXJfY29udmVyc2lvbl9kb21haW5zOiAiaHR0cHM6Ly9yZWRpbnRlbGxpZ2VuY2UubmV0IgphZHZlcnRpc2VyX2NvbnZlcnNpb25fZG9tYWluczogImh0dHBzOi8vZGVidWdjb252ZXJzaW9uZG9tYWluMS5jb20iCmFkdmVydGlzZXJfY29udmVyc2lvbl9kb21haW5zOiAiaHR0cHM6Ly9kZWJ1Z2NvbnZlcnNpb25kb21haW4yLmNvbSIKaW1wcmVzc2lvbl9ldmVudF9yZXBvcnRpbmdfd2luZG93X2RheXM6IDQKYnJvd3Nlcl9hdHRyaWJ1dGlvbl9hcGlfcmVxdWVzdF9wcm9jZXNzaW5nX2JpdHM6IDczODE5NzUwNAo
Requested by
Host: 48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com
URL: https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f6.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 16:16:37 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"aggregation_keys":{"12":"0xaad0358ca09f7dac0000000000000000","13":"0x85fa6818cd73bfcb0000000000000000","14":"0xc706fa9765439b270000000000000000","15":"0xc62697f7e4676aa10000000000000000"},"debug_key":"15015593460258943548","debug_reporting":true,"destination":"https://redintelligence.net","event_report_window":"345600","expiry":"2592000","filter_data":{"14":[],"21":[],"8":["11868943"]},"priority":"0","source_event_id":"6663324203889530903"}
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
wmoiqux43uzw
hal9000.redintelligence.net/zone/ Frame 304F 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal9000.redintelligence.net/zone/wmoiqux43uzw?subid=&gdpr=&gdpr_consent=&rnd=1705940196414340&extVar[]=DV360_SSP:1&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCDAHR5JSuZYSlGa-h9u8Pqdy2kA6m5b2gab2TnKfJD_AuEAEgqtOMaGCVkpqCrAfIAQmpAjbE8JEfR7I-qAMByAObBKoEnwJP0GRHTKy4o3IntTYjZmcLv-NRdB5HGGIArVM03RRs5DkqNLHX-aunhHQcG5DVofoOZ5RU3QSFsRcp0kdHMDtp8h5d-mNVwJ4BgSpGXWUhnz017bRHoS2tP0ie5Gbw1uaSCv6L1oIagnVDkjuCHQQUrbrC2_q76-cs3LrDVntoWW1GbxG6HINTn5rNtesSaITLlwHS4YhT4_eBK0fHgXOYlob1fzE6SPmsJHDHRfNEP6LCkQe_EItsThhEBTquXc9QwbdL7dAytuz-RATGLrYjIMziMs8LXmgshSF-LQrZQKZEppM1GhI_k0DJoXU-1pPYBo_v6nKfmw2xNuNLlHq2c5wYX3f9B-dKA7xH1FF-IZQ2kul958VSy92GfzFVwMAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIDhgBAQARgdMgKqAjoCgEBIvf3BOliErem5svGDA4AKA5gLAcgLAYAMAaoNAkRF4g0TCPne6bmy8YMDFa-Q_QcdKa4N4rATh--xFdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTgAvHhf_RV0BhrvZWimw9WKQVGHgTiX6y4hfgvSK0ed4HargYin8aZm_23Nxh5YrQSWYc8DfyHrL3_xCCzQkpKesDvnLCoioHZCQ9JaXhxgB%26sig%3DAOD64_2588TY6D2shwvI3z07isDfkWVpEQ%26client%3Dca-pub-8170966538152543%26dbm_c%3DAKAmf-D3oao7XkxFFlsOJjEUfeTJ9jlxAYisNJcSDe8k6f6ZfTJULjc88I0PANUEHcTGBCqdifLdFglmUvDXTEXKeZal_Q2sRZ-unvH2p-NuER4pvdX4qewDph06AIhx0p3WZrxtDuF9dI4m89RWBry2Xsoy6PIHRhu9_80YYqCjIh0-d5L9K9g%26cry%3D1%26dbm_d%3DAKAmf-Dn9ErNWysqZ5iMeMbi-G0Gjsgpv664SvBfogZvMxy2oNKtfCx5uaAf9Fk4GiF2JZklUcvDPM7Zs1rXh0jTS2ipuEUv2fxz30BCPVBe3sttFJam4yLtSx8bwAALpQzQFdmLHwojyGtf6YonjerlP7LyQVo0t2h1PLHXl0DigOkiUXPUPYY7ZUhMi-09MdPVcB9FAOGLGTK26UvI1uz0qWM4JI2VrD9C7-I9RoTn1e3dYiwhWs_gYtqClm4T_S2XDnHUAJDNkqeWXytr0bPS-Ctza1Z0yUOW9Mi2jYLosrAJuSdKDLu7tffdBqpL3kNaxgS6UwEoli7gtUwHB2dDzUeKcevRFIf-9LbkttWpqQSnV_Upa_dIgftVDl11UZXSjyR9ny21FlI3YXDrY6SERW-KcVOMXoHHQP18pvcxVeCyjtAXgXq3y-hfcPRdmbpbX9yXpMH8sxjs4c1MRMZ7Ysbw-kVaM1ArFDARuEiooMLSaAMQYIeAtEWeMQ5O8jHKe6-JRvHKc7GGpFWD4uSFie7Hbm45RA%26adurl%3D
Requested by
Host: 48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com
URL: https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.149 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.149.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
7ce20db5c7aaf6ddebdca30ee9ec0ca76b1e317cef43ee20caeaba9800e64abd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 22 Jan 2024 16:16:37 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
4214
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame D84A 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
428509
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 17 Jan 2024 17:14:48 GMT
expires
Thu, 16 Jan 2025 17:14:48 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
i_I7gtk5u389ZGUJiYlLngBTR4no54KgcGkAXYvtCUw.js
pagead2.googlesyndication.com/bg/ Frame D84A 		51 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/i_I7gtk5u389ZGUJiYlLngBTR4no54KgcGkAXYvtCUw.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8bf23b82d939bb7f3d64650989894b9e00534789e8e782a07069005d8bed094c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 02:17:03 GMT
content-encoding
br
x-content-type-options
nosniff
age
482374
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19704
x-xss-protection
0
last-modified
Mon, 15 Jan 2024 09:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 16 Jan 2025 02:17:03 GMT
collect
t.clarity.ms/ 		0
295 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.20/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.114.189.70 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://colunadofla.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://colunadofla.com
Date
Mon, 22 Jan 2024 16:16:37 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d
request.php
hal900027.redintelligence.net/ Frame 304F
Redirect Chain
  • https://hal900027.redintelligence.net/request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=d7d4da785f&subid=&uid=f0cc4bf6a8ecff1b&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
  • https://hal900027.redintelligence.net/request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=d7d4da785f&subid=&uid=f0cc4bf6a8ecff1b&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900027.redintelligence.net/request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=d7d4da785f&subid=&uid=f0cc4bf6a8ecff1b&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCDAHR5JSuZYSlGa-h9u8Pqdy2kA6m5b2gab2TnKfJD_AuEAEgqtOMaGCVkpqCrAfIAQmpAjbE8JEfR7I-qAMByAObBKoEnwJP0GRHTKy4o3IntTYjZmcLv-NRdB5HGGIArVM03RRs5DkqNLHX-aunhHQcG5DVofoOZ5RU3QSFsRcp0kdHMDtp8h5d-mNVwJ4BgSpGXWUhnz017bRHoS2tP0ie5Gbw1uaSCv6L1oIagnVDkjuCHQQUrbrC2_q76-cs3LrDVntoWW1GbxG6HINTn5rNtesSaITLlwHS4YhT4_eBK0fHgXOYlob1fzE6SPmsJHDHRfNEP6LCkQe_EItsThhEBTquXc9QwbdL7dAytuz-RATGLrYjIMziMs8LXmgshSF-LQrZQKZEppM1GhI_k0DJoXU-1pPYBo_v6nKfmw2xNuNLlHq2c5wYX3f9B-dKA7xH1FF-IZQ2kul958VSy92GfzFVwMAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIDhgBAQARgdMgKqAjoCgEBIvf3BOliErem5svGDA4AKA5gLAcgLAYAMAaoNAkRF4g0TCPne6bmy8YMDFa-Q_QcdKa4N4rATh--xFdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTgAvHhf_RV0BhrvZWimw9WKQVGHgTiX6y4hfgvSK0ed4HargYin8aZm_23Nxh5YrQSWYc8DfyHrL3_xCCzQkpKesDvnLCoioHZCQ9JaXhxgB%26sig%3DAOD64_2588TY6D2shwvI3z07isDfkWVpEQ%26client%3Dca-pub-8170966538152543%26dbm_c%3DAKAmf-D3oao7XkxFFlsOJjEUfeTJ9jlxAYisNJcSDe8k6f6ZfTJULjc88I0PANUEHcTGBCqdifLdFglmUvDXTEXKeZal_Q2sRZ-unvH2p-NuER4pvdX4qewDph06AIhx0p3WZrxtDuF9dI4m89RWBry2Xsoy6PIHRhu9_80YYqCjIh0-d5L9K9g%26cry%3D1%26dbm_d%3DAKAmf-Dn9ErNWysqZ5iMeMbi-G0Gjsgpv664SvBfogZvMxy2oNKtfCx5uaAf9Fk4GiF2JZklUcvDPM7Zs1rXh0jTS2ipuEUv2fxz30BCPVBe3sttFJam4yLtSx8bwAALpQzQFdmLHwojyGtf6YonjerlP7LyQVo0t2h1PLHXl0DigOkiUXPUPYY7ZUhMi-09MdPVcB9FAOGLGTK26UvI1uz0qWM4JI2VrD9C7-I9RoTn1e3dYiwhWs_gYtqClm4T_S2XDnHUAJDNkqeWXytr0bPS-Ctza1Z0yUOW9Mi2jYLosrAJuSdKDLu7tffdBqpL3kNaxgS6UwEoli7gtUwHB2dDzUeKcevRFIf-9LbkttWpqQSnV_Upa_dIgftVDl11UZXSjyR9ny21FlI3YXDrY6SERW-KcVOMXoHHQP18pvcxVeCyjtAXgXq3y-hfcPRdmbpbX9yXpMH8sxjs4c1MRMZ7Ysbw-kVaM1ArFDARuEiooMLSaAMQYIeAtEWeMQ5O8jHKe6-JRvHKc7GGpFWD4uSFie7Hbm45RA%26adurl%3D&documentReferer=https%3A%2F%2Fcolunadofla.com%2F&ancestorOrigins=https%3A%2F%2Fcolunadofla.com&random=695345089873&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by
Host: 48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com
URL: https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Server
78.46.111.106 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.106.111.46.78.clients.your-server.de
Software
Apache /
Resource Hash
5c172991c182b24f947b01b8f5af8da4be6f3eddc665b0eaa2677cc29f93247d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 Jan 2024 16:16:37 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type
application/x-javascript; charset=utf-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
48099500138177804444994012577027
Connection
close
Content-Length
1369
Expires
Mon, 22 Jan 2024 16:16:37 +0100

Redirect headers

Pragma
no-cache
Date
Mon, 22 Jan 2024 16:16:37 GMT
Server
Apache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location
request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=d7d4da785f&subid=&uid=f0cc4bf6a8ecff1b&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCDAHR5JSuZYSlGa-h9u8Pqdy2kA6m5b2gab2TnKfJD_AuEAEgqtOMaGCVkpqCrAfIAQmpAjbE8JEfR7I-qAMByAObBKoEnwJP0GRHTKy4o3IntTYjZmcLv-NRdB5HGGIArVM03RRs5DkqNLHX-aunhHQcG5DVofoOZ5RU3QSFsRcp0kdHMDtp8h5d-mNVwJ4BgSpGXWUhnz017bRHoS2tP0ie5Gbw1uaSCv6L1oIagnVDkjuCHQQUrbrC2_q76-cs3LrDVntoWW1GbxG6HINTn5rNtesSaITLlwHS4YhT4_eBK0fHgXOYlob1fzE6SPmsJHDHRfNEP6LCkQe_EItsThhEBTquXc9QwbdL7dAytuz-RATGLrYjIMziMs8LXmgshSF-LQrZQKZEppM1GhI_k0DJoXU-1pPYBo_v6nKfmw2xNuNLlHq2c5wYX3f9B-dKA7xH1FF-IZQ2kul958VSy92GfzFVwMAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIDhgBAQARgdMgKqAjoCgEBIvf3BOliErem5svGDA4AKA5gLAcgLAYAMAaoNAkRF4g0TCPne6bmy8YMDFa-Q_QcdKa4N4rATh--xFdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTgAvHhf_RV0BhrvZWimw9WKQVGHgTiX6y4hfgvSK0ed4HargYin8aZm_23Nxh5YrQSWYc8DfyHrL3_xCCzQkpKesDvnLCoioHZCQ9JaXhxgB%26sig%3DAOD64_2588TY6D2shwvI3z07isDfkWVpEQ%26client%3Dca-pub-8170966538152543%26dbm_c%3DAKAmf-D3oao7XkxFFlsOJjEUfeTJ9jlxAYisNJcSDe8k6f6ZfTJULjc88I0PANUEHcTGBCqdifLdFglmUvDXTEXKeZal_Q2sRZ-unvH2p-NuER4pvdX4qewDph06AIhx0p3WZrxtDuF9dI4m89RWBry2Xsoy6PIHRhu9_80YYqCjIh0-d5L9K9g%26cry%3D1%26dbm_d%3DAKAmf-Dn9ErNWysqZ5iMeMbi-G0Gjsgpv664SvBfogZvMxy2oNKtfCx5uaAf9Fk4GiF2JZklUcvDPM7Zs1rXh0jTS2ipuEUv2fxz30BCPVBe3sttFJam4yLtSx8bwAALpQzQFdmLHwojyGtf6YonjerlP7LyQVo0t2h1PLHXl0DigOkiUXPUPYY7ZUhMi-09MdPVcB9FAOGLGTK26UvI1uz0qWM4JI2VrD9C7-I9RoTn1e3dYiwhWs_gYtqClm4T_S2XDnHUAJDNkqeWXytr0bPS-Ctza1Z0yUOW9Mi2jYLosrAJuSdKDLu7tffdBqpL3kNaxgS6UwEoli7gtUwHB2dDzUeKcevRFIf-9LbkttWpqQSnV_Upa_dIgftVDl11UZXSjyR9ny21FlI3YXDrY6SERW-KcVOMXoHHQP18pvcxVeCyjtAXgXq3y-hfcPRdmbpbX9yXpMH8sxjs4c1MRMZ7Ysbw-kVaM1ArFDARuEiooMLSaAMQYIeAtEWeMQ5O8jHKe6-JRvHKc7GGpFWD4uSFie7Hbm45RA%26adurl%3D&documentReferer=https%3A%2F%2Fcolunadofla.com%2F&ancestorOrigins=https%3A%2F%2Fcolunadofla.com&random=695345089873&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Content-Type
text/html; charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Length
0
Expires
Mon, 22 Jan 2024 16:16:37 +0100
container.html
48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame B00D 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401170101/pubads_impl.js?cb=31080521
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://colunadofla.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
4
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 22 Jan 2024 16:16:33 GMT
expires
Tue, 21 Jan 2025 16:16:33 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
dt
dt.adsafeprotected.com/ Frame B57D 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1350098&asId=25b9d9e9-1d95-accb-ba98-1e1a95dac902&tv=%7Bc:2300Fx,pingTime:1,time:2134,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:18%7D,%7Bpiv:58,vs:pp,r:,t:1129%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:1129,n:0,pp:1005,pm:0%7D,slEvents:%5B%7Bsl:o,t:18,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1125~0,0~50%5D,as:%5B1125~300.250%5D%7D%7D,%7Bsl:pp,t:1129,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:58,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1005~50%5D,as:%5B1005~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:115,fm:u26PcEG+11%7C12%7C13%7C14%7C15%7C16%7C171%7C172%7C173%7C18%7C191%7C192%7C193%7C194%7C1a.1874223-77019481%7C1a1%7C1a2%7C1a311%7C1b*.1350098-69352127%7C1b1%7C1b2%7C1b3%7C1c%7C1d%7C1e.1474271-76103297,idMap:1b*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:18,sis:174%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:7d2:94c5:1ce1:2c8f Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 16:16:37 GMT
server
nginx
x-server-name
dt10.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
pixel
googleads.g.doubleclick.net/xbbe/ Frame 750D 		599 B
269 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CMD3swEQyrfz-QEYxIHIgQIwAQ&v=APEucNXWEhvtUoEpQaAsiPtM7ohxSXeBjj1blPVt_XOStS8q3WRrEYDGepcbgFOL78cqLZW7U6BarOnz-F28IW5F8jiCtmtOZclG2YAJ1jdX6WryOIop37N-HbROifvh7BqKQGw6Aygfs-4E6LEaTMel0KjlsCcoCBzq-s0zeoMouMwUh4rdfIHV3EM5nAKppuDK-kTrPdpA_Q1Fc5Cej31wG-u1IgIkEA
Requested by
Host: 48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com
URL: https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e0dcc44d0d45a79942a50f0a78ee69e380cbcd8d6c02316c2af886dc634c8997
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
246
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 22 Jan 2024 16:16:37 GMT
expires
Mon, 22 Jan 2024 16:16:37 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20240118/r20110914/ Frame B00D 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240118/r20110914/abg_lite_fy2021.js
Requested by
Host: colunadofla.com
URL: https://colunadofla.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 18:32:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
78269
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9276
x-xss-protection
0
server
cafe
etag
3558958386372919956
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 04 Feb 2024 18:32:08 GMT
omrhp_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20240118/r20110914/elements/html/ Frame B00D 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240118/r20110914/elements/html/omrhp_fy2021.js
Requested by
Host: colunadofla.com
URL: https://colunadofla.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef34301455784e8a56ecc7a80985d6fd317ddd8328b6232dc0bc3223d79c91c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 18:37:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
77929
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3206
x-xss-protection
0
server
cafe
etag
12640889860211258669
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 04 Feb 2024 18:37:48 GMT
view
ad.doubleclick.net/pcs/ Frame B00D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjsvTadydmIlQZ0DVqn2dmq18nE6AG3Nydbo55cbZEl1T_V_d37jwee6KK-P9LsnzSkmnIb0SZJV_YBhJMhKqoyIVH8PGSmdgZl1htRVjIComoVU3_E9TtIjoK9VhrgUVIYF80MloXVgmdlkojCvaJGIcn6CSO6jM0cZjKjUaFOvDlFNzTFIwWllIjt--GSEgdCeEwtr4qbTABzpy_4uMm9Wk6WKyGSj9JdS0kH26h7McRguKOk941cSrfw5WlTAvPUTJg1-1V4LgFzR-OsthOvePGKk3HLozawixyUMF0Am_hDuJ4hHBcphuHp6Ptv-aNoN9CF9ydh5_DBrP7pZUpxQPEoWU14Ji-t13Jv4DVPPXrtDqrLmGjs5fnMzDKk6iJhugz1j9Nlu3TLI3wcousWqfkvIioUj5aPtf_ERGjaoIj7VQs3FpxBPKHDd1hAhLwSqVsnzqzkV68d9IBClD_PAFxGtY0w5_ZXTL2jyzDmlVE10sGUp6nzVcc7fhb6eN6MKXE9D5szzgz-TxZqq2h_rC0nowhB_RL8ubNR0dbstFbAw9WvjFZ2YwNyti_DaEStg2vvfTHTLvTXdjCTNm5Ha_rTOM5hk6AX6S5mHUrEhC_TxBpgTLAGh8lHLyabSWIlPxrsTwoWNrwYof2eYGvuptdqqITraQAL1tQT2R75acuaR7l8G1b7vMVkSI1tnGxH_VId_MT4Xa_UoU4L_7Vn2FT95QNl_-ahpMl5YheGZD5RM04HHn6OiHB22z42u2stP-r4rGywF9ne_HudLdLtOZnjLJRlCG0GEYZquhlhHgX3aaC2rhe9BlEePclBOEU0Yx2pByj4Fph_SabXmUsFaJvR-6Mf5AqD4RhC-gWrq0PxUt1I6u9-YeewfO9AhT-Sjs8eu86lKcCq_N3kE9LQGQ7Efdn6gJR-LkRLD62TxNxBS1YuYbsfiGGzlTKoGMPpvTsSkp3qW0cXQjqS_wTv2HydCczbceL_gV7JNkWbdU-gKVpTQr6xXKQsoQcPiDejmaTWPR6salZF0OGe4OTyHAfUTmUUnjptHV3wLsuM8EFqPDrmNrAQSrpGS190FnzITs4bO7wo_xfm9KfKAu9OMd6D_RkWi27OGr7-m4wLui8fuFvIfOF_vr4Ujpn1dsEvgNx99bdSq_kx7G5MaE7BNwK36POw2HkNm56KCRAlNAJ3MW1d_xMgxrxW-3YUcSXkCfj-E0EyYM_gAcvukjPZBwGmjx_UKoFkcxXeeL3Cn7bq96cAZCr17Y_zrI0pUX3-w0GisjUMMbH_QzretjhJlZwtRiNPS9NutDa_dJEbdzoNU6Hw6-5hj8PgUAFCxTVqtQ650wAsDamz3cP7C9XH34u7lBN-kodPRBIvFcHmFiyw6keTxW9q4nRUfsCAvDhBX-Z6vREdLxZed458_uVPRzM869wNhI5yhxaFWfyKDYXPMQcgmyRz8&sai=AMfl-YT93hANIO663JkSfWRiH9qa5OFjGZje3vpVA4I0Uee2fJOnMgqg_B2uL4bedo6oxDj31Cl_GVF_63-TjF1bxl33uh5e_4YbMtt-Ql88DATc2T65DXuo8xWf-4zZ-19LndTometCWp--4WYTnCUp9cSNwYZRKNKI1SjXqm5pyeisDdoVYgoM7P0bOlPbvwiXsB5myUT7lnXKiosckFrH7FYLa9Zfji4hXTqdCVLOzbLvDT2rbmCP_RXoKFG3KLW9mY7zNXqZ5DlWpJKOHQbpPMwH4PZO-0sOD-3mBkvPxs6eI58xcVt5kWDjdSNzG37kJSzj0GcprZHpghTb3d7KTLJHOKpGOF0m-ABwLyuc6ZDjaLHh2TVSqmDjLl68eJxV5ggJF5pzl3UxXlpXUWAu19hT346qgLqvhAfiJhD6Sh5aEDPJtr-EN3-pCvT1iR8ElHfMohyNMSNklu_2pynTTn-OqFiN3wZJOFjy8onav6j_kfSjF-iy7f_1Z4WRpFMplxzsKIs&sig=Cg0ArKJSzCn4A2ySgMI1EAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly92b3guZGU&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20240118.25168&arae=0&ftch=1&adurl=
Requested by
Host: colunadofla.com
URL: https://colunadofla.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Mon, 22 Jan 2024 16:16:37 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame B00D 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: colunadofla.com
URL: https://colunadofla.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 17:14:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
428509
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 16 Jan 2025 17:14:48 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame B00D 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/window_focus_fy2021.js
Requested by
Host: 48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com
URL: https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 09:41:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
23712
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 05 Feb 2024 09:41:25 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame B00D 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com
URL: https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 18:29:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
78440
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8492
x-xss-protection
0
server
cafe
etag
9878124937798820110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 04 Feb 2024 18:29:17 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame B00D 		42 B
68 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DVaaSrZqXG02arUGYpuAWQ9XOdZ7RRHZymgnwbUidrAXYh8eipRZgZaF9QOjA1TKRZ92Mcz3b_xk9toIFEWQRlGGTcUeCRb0Ssgk1XZow6YQ5gu0g
Requested by
Host: 48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com
URL: https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 16:16:37 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame B00D 		206 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: 48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com
URL: https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 16:16:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66453
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1705495733332172"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 22 Jan 2024 16:16:37 GMT
13160426895614636779
s0.2mdn.net/simgad/ Frame B00D 		56 KB
56 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/13160426895614636779
Requested by
Host: 48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com
URL: https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55ac839c18d495810e07a56d9f19fe2a37d1b776f4b40c88837a1344250f5d56
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Thu, 16 Jan 2025 02:15:19 GMT
date
Wed, 17 Jan 2024 02:15:19 GMT
x-content-type-options
nosniff
age
482478
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57103
x-xss-protection
0
last-modified
Fri, 15 Dec 2023 09:06:21 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
view
ad.doubleclick.net/pcs/ Frame B00D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjsvTadydmIlQZ0DVqn2dmq18nE6AG3Nydbo55cbZEl1T_V_d37jwee6KK-P9LsnzSkmnIb0SZJV_YBhJMhKqoyIVH8PGSmdgZl1htRVjIComoVU3_E9TtIjoK9VhrgUVIYF80MloXVgmdlkojCvaJGIcn6CSO6jM0cZjKjUaFOvDlFNzTFIwWllIjt--GSEgdCeEwtr4qbTABzpy_4uMm9Wk6WKyGSj9JdS0kH26h7McRguKOk941cSrfw5WlTAvPUTJg1-1V4LgFzR-OsthOvePGKk3HLozawixyUMF0Am_hDuJ4hHBcphuHp6Ptv-aNoN9CF9ydh5_DBrP7pZUpxQPEoWU14Ji-t13Jv4DVPPXrtDqrLmGjs5fnMzDKk6iJhugz1j9Nlu3TLI3wcousWqfkvIioUj5aPtf_ERGjaoIj7VQs3FpxBPKHDd1hAhLwSqVsnzqzkV68d9IBClD_PAFxGtY0w5_ZXTL2jyzDmlVE10sGUp6nzVcc7fhb6eN6MKXE9D5szzgz-TxZqq2h_rC0nowhB_RL8ubNR0dbstFbAw9WvjFZ2YwNyti_DaEStg2vvfTHTLvTXdjCTNm5Ha_rTOM5hk6AX6S5mHUrEhC_TxBpgTLAGh8lHLyabSWIlPxrsTwoWNrwYof2eYGvuptdqqITraQAL1tQT2R75acuaR7l8G1b7vMVkSI1tnGxH_VId_MT4Xa_UoU4L_7Vn2FT95QNl_-ahpMl5YheGZD5RM04HHn6OiHB22z42u2stP-r4rGywF9ne_HudLdLtOZnjLJRlCG0GEYZquhlhHgX3aaC2rhe9BlEePclBOEU0Yx2pByj4Fph_SabXmUsFaJvR-6Mf5AqD4RhC-gWrq0PxUt1I6u9-YeewfO9AhT-Sjs8eu86lKcCq_N3kE9LQGQ7Efdn6gJR-LkRLD62TxNxBS1YuYbsfiGGzlTKoGMPpvTsSkp3qW0cXQjqS_wTv2HydCczbceL_gV7JNkWbdU-gKVpTQr6xXKQsoQcPiDejmaTWPR6salZF0OGe4OTyHAfUTmUUnjptHV3wLsuM8EFqPDrmNrAQSrpGS190FnzITs4bO7wo_xfm9KfKAu9OMd6D_RkWi27OGr7-m4wLui8fuFvIfOF_vr4Ujpn1dsEvgNx99bdSq_kx7G5MaE7BNwK36POw2HkNm56KCRAlNAJ3MW1d_xMgxrxW-3YUcSXkCfj-E0EyYM_gAcvukjPZBwGmjx_UKoFkcxXeeL3Cn7bq96cAZCr17Y_zrI0pUX3-w0GisjUMMbH_QzretjhJlZwtRiNPS9NutDa_dJEbdzoNU6Hw6-5hj8PgUAFCxTVqtQ650wAsDamz3cP7C9XH34u7lBN-kodPRBIvFcHmFiyw6keTxW9q4nRUfsCAvDhBX-Z6vREdLxZed458_uVPRzM869wNhI5yhxaFWfyKDYXPMQcgmyRz8&sai=AMfl-YT93hANIO663JkSfWRiH9qa5OFjGZje3vpVA4I0Uee2fJOnMgqg_B2uL4bedo6oxDj31Cl_GVF_63-TjF1bxl33uh5e_4YbMtt-Ql88DATc2T65DXuo8xWf-4zZ-19LndTometCWp--4WYTnCUp9cSNwYZRKNKI1SjXqm5pyeisDdoVYgoM7P0bOlPbvwiXsB5myUT7lnXKiosckFrH7FYLa9Zfji4hXTqdCVLOzbLvDT2rbmCP_RXoKFG3KLW9mY7zNXqZ5DlWpJKOHQbpPMwH4PZO-0sOD-3mBkvPxs6eI58xcVt5kWDjdSNzG37kJSzj0GcprZHpghTb3d7KTLJHOKpGOF0m-ABwLyuc6ZDjaLHh2TVSqmDjLl68eJxV5ggJF5pzl3UxXlpXUWAu19hT346qgLqvhAfiJhD6Sh5aEDPJtr-EN3-pCvT1iR8ElHfMohyNMSNklu_2pynTTn-OqFiN3wZJOFjy8onav6j_kfSjF-iy7f_1Z4WRpFMplxzsKIs&sig=Cg0ArKJSzCn4A2ySgMI1EAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly92b3guZGU&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=25&vt=11&dtpt=24&dett=2&cstd=0&cisv=r20240118.25168&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: colunadofla.com
URL: https://colunadofla.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 16:16:37 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 53BE 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
428509
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 17 Jan 2024 17:14:48 GMT
expires
Thu, 16 Jan 2025 17:14:48 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame D84A 		0
25 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=Bqr9H5ZSuZY3NA_CnjuwPr_OdmAkAAAAAOAHgBAI&bg=!XF-lXxDNAAZVxkGXdcY7ADQBe5WfOM8kObk56MH6zfihzqJTlxYdg75sFsYq3jC0hHZV0yRBTskonUQcZs9S1xXS9EB0AgAAAFFSAAAAAmgBBwoANTXKq9HyB89ZEPvH942p7INAllol0ViBSBGupZRa0exPNFxc0394WKMRX6JA4yL9OD5NXGB-mQL-O7e0-AbQx-U-daTQ3k3UWMpEViWZUVoyCheOKQMhtCnQ2J2PeaoPzViHriAwQgZ_3HLMMrpytnV6D42pQNZeKVO29a5IXtE9fWDvNa5VsByM8j2PMRhhBluaj0ysP29Wh6aq6HXYiS9aSFHW6vVbKynvN_8KwSAshl8uQBxIuCaOUZi1nczkuJU5a9qoHExBJp6_QdzoiQbxz9VfpFOqA-JjTS_2IzlMG6EvN3YsVHebiDB_ZsGjNNgqz1M9JPpTzKg8420Uu-OM4iaf7PuoS1HSdnc41REG-BLBXuba-L68WBxUxeQSfd1zGJ7Vr5_PxcBp6wS8nnSiFsyGMTbuH5CBjcqfu8UyzTTz1s1SkFbaDb3JFWj-Ni5qR0UGLi_zqKC-RSO9KMcR2alAvS5itcaEIf3wudGzp3dLHvjOnASKUwxv-_5-kMJW1MyRBvODgdY--hfP5f8PHce1HgypNMZi3rClDY21mV821hPGHMbYZ0TmQKDLe0e_t3x6cezN6_sjmbQ7R6QTwkgiRAYcEhbc1wmVuV_HMasdJLF5wjM6av9Ev1HVcHDYZUeCt_AB4k20629le2iwYmxayL0q7BFG4hSZqPVrscCm2Ywe7Qzp9qW35ODCRQQPXYlf-1JCD4YUJsyS7lEzDQ7k_ELHogORxei9Yu-SE2mHQAU9C062dkXOdUC93m0XDAKE3BqZL2pqhcu6Kj1ajdf14jq9VzMGHSpQ9GI3Xr9CmZkl5jg2OrfdN2jhBpzH27JyLVF04kccsXde8jFfwD6fy821G6CaSj46UFhL47qj5qC-gVIpmONieEZtbWKAMYanF4jKCugEjMYMjA6rdLmvq5f5lIxIDI48D9fNuvRSoD4V84EIoa4eYkoagsPU5De_xnAIOw0ued9Jq_ki2mMlVN8IWfR2nd0ZuOljb6a95c1GUr5vcplLpmsMLjsFCkcOjbBRZMLI4zQgpkUPFkBcxqudyrchDnOw0EERIYioK__bi1eWLBcEF3JCbzzWw5x41w
Requested by
Host: 48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com
URL: https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 16:16:37 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame B00D 		208 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b27755987b778739fa8e53c14f08af5d671764324747151347b2924a72506242

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/png
user-registering
ads.stickyadstv.com/ Frame 750D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm&google_dbm
  • https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEMmCp3KNgEr-gNj5ws9H1oI&google_cver=1
43 B
647 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEMmCp3KNgEr-gNj5ws9H1oI&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMD3swEQyrfz-QEYxIHIgQIwAQ&v=APEucNXWEhvtUoEpQaAsiPtM7ohxSXeBjj1blPVt_XOStS8q3WRrEYDGepcbgFOL78cqLZW7U6BarOnz-F28IW5F8jiCtmtOZclG2YAJ1jdX6WryOIop37N-HbROifvh7BqKQGw6Aygfs-4E6LEaTMel0KjlsCcoCBzq-s0zeoMouMwUh4rdfIHV3EM5nAKppuDK-kTrPdpA_Q1Fc5Cej31wG-u1IgIkEA
Protocol
HTTP/1.1
Server
2607:ae80:4::26 , United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 Jan 2024 16:16:37 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
x-sticky-vk
1705940197413099-504

Redirect headers

pragma
no-cache
date
Mon, 22 Jan 2024 16:16:37 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEMmCp3KNgEr-gNj5ws9H1oI&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
317
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 750D
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=11
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=M2E5YzE5MTg0ZDVlYTA3MmY1ZTY1NTZjYzg2MjYwODM=&gdpr=0&gdpr_consent=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=M2E5YzE5MTg0ZDVlYTA3MmY1ZTY1NTZjYzg2MjYwODM=&gdpr=0&gdpr_consent=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMD3swEQyrfz-QEYxIHIgQIwAQ&v=APEucNXWEhvtUoEpQaAsiPtM7ohxSXeBjj1blPVt_XOStS8q3WRrEYDGepcbgFOL78cqLZW7U6BarOnz-F28IW5F8jiCtmtOZclG2YAJ1jdX6WryOIop37N-HbROifvh7BqKQGw6Aygfs-4E6LEaTMel0KjlsCcoCBzq-s0zeoMouMwUh4rdfIHV3EM5nAKppuDK-kTrPdpA_Q1Fc5Cej31wG-u1IgIkEA
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 16:16:37 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 22 Jan 2024 16:16:37 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=M2E5YzE5MTg0ZDVlYTA3MmY1ZTY1NTZjYzg2MjYwODM=&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1705940197442076-509
/
rtb-csync.smartadserver.com/redir/ Frame 750D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=smartrtb_dbm&google_cm&google_dbm
  • https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEDHz4qjM1c5JBPpsRhHStY0&google_cver=1
43 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEDHz4qjM1c5JBPpsRhHStY0&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMD3swEQyrfz-QEYxIHIgQIwAQ&v=APEucNXWEhvtUoEpQaAsiPtM7ohxSXeBjj1blPVt_XOStS8q3WRrEYDGepcbgFOL78cqLZW7U6BarOnz-F28IW5F8jiCtmtOZclG2YAJ1jdX6WryOIop37N-HbROifvh7BqKQGw6Aygfs-4E6LEaTMel0KjlsCcoCBzq-s0zeoMouMwUh4rdfIHV3EM5nAKppuDK-kTrPdpA_Q1Fc5Cej31wG-u1IgIkEA
Protocol
HTTP/1.1
Server
5.196.111.72 Lille, France, ASN16276 (OVH, FR),
Reverse DNS
ip72.ip-5-196-111.eu
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 16:16:37 GMT
transfer-encoding
chunked
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 22 Jan 2024 16:16:37 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEDHz4qjM1c5JBPpsRhHStY0&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
316
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
rtb-csync.smartadserver.com/redir/ Frame 750D 		43 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=GOOGLE_HOSTED_PI&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmartrtb_dbm%26google_cm%26google_hm%3DSMART_USER_ID_B64
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMD3swEQyrfz-QEYxIHIgQIwAQ&v=APEucNXWEhvtUoEpQaAsiPtM7ohxSXeBjj1blPVt_XOStS8q3WRrEYDGepcbgFOL78cqLZW7U6BarOnz-F28IW5F8jiCtmtOZclG2YAJ1jdX6WryOIop37N-HbROifvh7BqKQGw6Aygfs-4E6LEaTMel0KjlsCcoCBzq-s0zeoMouMwUh4rdfIHV3EM5nAKppuDK-kTrPdpA_Q1Fc5Cej31wG-u1IgIkEA
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
5.196.111.72 Lille, France, ASN16276 (OVH, FR),
Reverse DNS
ip72.ip-5-196-111.eu
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 16:16:36 GMT
transfer-encoding
chunked
content-type
image/gif
IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
pagead2.googlesyndication.com/bg/ Frame 53BE 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 10:08:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
22085
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15219
x-xss-protection
0
last-modified
Mon, 15 Jan 2024 09:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 21 Jan 2025 10:08:32 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 53BE 		0
25 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BUzpc5JSuZcufNIKG7_UP_-qm8A8AAAAAOAHgBAI&bg=!W1ilWBfNAAa8BdJLnAU7ADQBe5WfOCcJpEYOCbSCQNK3SQMEmVfQORkh6Cwv45TIW7oYJjj3hopMTM8U2nzFv5oKBe7qAgAAADdSAAAAAmgBB5kDDAHvrCuauqb1axrMOk8CCN3kv5hkwhLFfz01DxcxtUgq62E3k9VU5C90AHSpu3mU4DyYgnJCUyItGCOsbPKXnJ6p3J7RzWenpse_SlckYhJuvdPDRWmZCuJrc5VFZ2M7vi9OOF2UKwVx8AKQKpzP0I6n_gvm3a8WqRdxTnfzUnxjnF5ABFlc0Li0Y7GdLEJQBvPRXTG7B60UgnWELtobnDNQM9PgS2ac3VtfRCCjS0y4cf3YpudyIw4sZal7ol-dTehnhjnF73GymboPhy2ebd9x5_ZsuO7RHfKbgbOBqGO4dTw4bHUi0rBUTwEdDQXy0u82NmepIbfoA5CViiUmrFJWVEGjnVdl0LXq7rtozUX8xpl_nFZmHCD2khsN1kMBBXLDyBy0TzMdUVwjHJNOytL03ZxoFeaWd-TDdK15OxiF7980qjQkJRHKPYlssGB5s7lNrvfYLkTe-mPs69wYMBu6RS5WWH9Ikex4Q--1dDYQNEQahAl43IBfBmfRQWhQqIDhkMVom3BZh7z80bm4idUUnT4Q6ZmVzp6Xa7FHsWJpTFPm2m4ZhzqAu2gLFlege3ZIws6qo8qq-LlK8WBZ4nM70PNgC9ECDad9XeC0Ay4xrLakg4Lv6iBi_iLGRXBErXjmTz3M6paXq2UfKFePMKb6RtMvr7_Q7vDBb0sfqZXc8cTWL28umFNAPPaEQvl7oXYfDbvGnSsJ0jBti_a-78pcUWeCUIBJvD3WdMcB4LPSJNLlJNZxSG3z3F8hacK9iHDCq_jVDYruC70xND7uMwH6ayAXJgaIOVMAU3t8bsRen88wGOaLwlerUtH0I9qLmfQyTUUpzD07au_Cl_n9kKOknpytuf6oEveZdhNDGZ6_WfN_txrZQx3orR53-BgGl7nrbn5NRsn3INcdGhOhgQKRYNamm5KkxOVjosucz2cah_R-jdG9B9p0XSEKknNYnwDCI_ZHgLPKYZGnTdH2jxO7a0JH4AbtvXqc0_JkCbG_PRRPN7rQ8LtWqdNAW4fdm0_vVLu_2I63aM-cSw
Requested by
Host: 48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com
URL: https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 16:16:37 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
adv.office-partner.de/ Frame 4A01 		930 B
923 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Requested by
Host: hal900027.redintelligence.net
URL: https://hal900027.redintelligence.net/request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=d7d4da785f&subid=&uid=f0cc4bf6a8ecff1b&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCDAHR5JSuZYSlGa-h9u8Pqdy2kA6m5b2gab2TnKfJD_AuEAEgqtOMaGCVkpqCrAfIAQmpAjbE8JEfR7I-qAMByAObBKoEnwJP0GRHTKy4o3IntTYjZmcLv-NRdB5HGGIArVM03RRs5DkqNLHX-aunhHQcG5DVofoOZ5RU3QSFsRcp0kdHMDtp8h5d-mNVwJ4BgSpGXWUhnz017bRHoS2tP0ie5Gbw1uaSCv6L1oIagnVDkjuCHQQUrbrC2_q76-cs3LrDVntoWW1GbxG6HINTn5rNtesSaITLlwHS4YhT4_eBK0fHgXOYlob1fzE6SPmsJHDHRfNEP6LCkQe_EItsThhEBTquXc9QwbdL7dAytuz-RATGLrYjIMziMs8LXmgshSF-LQrZQKZEppM1GhI_k0DJoXU-1pPYBo_v6nKfmw2xNuNLlHq2c5wYX3f9B-dKA7xH1FF-IZQ2kul958VSy92GfzFVwMAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIDhgBAQARgdMgKqAjoCgEBIvf3BOliErem5svGDA4AKA5gLAcgLAYAMAaoNAkRF4g0TCPne6bmy8YMDFa-Q_QcdKa4N4rATh--xFdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTgAvHhf_RV0BhrvZWimw9WKQVGHgTiX6y4hfgvSK0ed4HargYin8aZm_23Nxh5YrQSWYc8DfyHrL3_xCCzQkpKesDvnLCoioHZCQ9JaXhxgB%26sig%3DAOD64_2588TY6D2shwvI3z07isDfkWVpEQ%26client%3Dca-pub-8170966538152543%26dbm_c%3DAKAmf-D3oao7XkxFFlsOJjEUfeTJ9jlxAYisNJcSDe8k6f6ZfTJULjc88I0PANUEHcTGBCqdifLdFglmUvDXTEXKeZal_Q2sRZ-unvH2p-NuER4pvdX4qewDph06AIhx0p3WZrxtDuF9dI4m89RWBry2Xsoy6PIHRhu9_80YYqCjIh0-d5L9K9g%26cry%3D1%26dbm_d%3DAKAmf-Dn9ErNWysqZ5iMeMbi-G0Gjsgpv664SvBfogZvMxy2oNKtfCx5uaAf9Fk4GiF2JZklUcvDPM7Zs1rXh0jTS2ipuEUv2fxz30BCPVBe3sttFJam4yLtSx8bwAALpQzQFdmLHwojyGtf6YonjerlP7LyQVo0t2h1PLHXl0DigOkiUXPUPYY7ZUhMi-09MdPVcB9FAOGLGTK26UvI1uz0qWM4JI2VrD9C7-I9RoTn1e3dYiwhWs_gYtqClm4T_S2XDnHUAJDNkqeWXytr0bPS-Ctza1Z0yUOW9Mi2jYLosrAJuSdKDLu7tffdBqpL3kNaxgS6UwEoli7gtUwHB2dDzUeKcevRFIf-9LbkttWpqQSnV_Upa_dIgftVDl11UZXSjyR9ny21FlI3YXDrY6SERW-KcVOMXoHHQP18pvcxVeCyjtAXgXq3y-hfcPRdmbpbX9yXpMH8sxjs4c1MRMZ7Ysbw-kVaM1ArFDARuEiooMLSaAMQYIeAtEWeMQ5O8jHKe6-JRvHKc7GGpFWD4uSFie7Hbm45RA%26adurl%3D&documentReferer=https%3A%2F%2Fcolunadofla.com%2F&ancestorOrigins=https%3A%2F%2Fcolunadofla.com&random=695345089873&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn /
Resource Hash
384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7

Request headers

Referer
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
max-age=604800
content-encoding
gzip
content-length
552
content-type
text/html
date
Mon, 22 Jan 2024 16:16:37 GMT
etag
"3a2-5c1ab16b3be00-gzip"
expires
Mon, 29 Jan 2024 16:16:37 GMT
last-modified
Thu, 06 May 2021 15:37:28 GMT
link
<https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains>; rel="canonical"
server
keycdn
vary
Accept-Encoding
x-accel-version
0.01
x-cache
HIT
x-edge-location
defr
e99aace94e6e58733936cdd965d03e75
pv.medialead.de/trck/epv/ Frame 1419 		0
326 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pv.medialead.de/trck/epv/e99aace94e6e58733936cdd965d03e75?subid=48099500138177804444994012577027&t=htlp&gdpr=1&consent=1&gdpr_consent=
Requested by
Host: hal900027.redintelligence.net
URL: https://hal900027.redintelligence.net/request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=d7d4da785f&subid=&uid=f0cc4bf6a8ecff1b&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCDAHR5JSuZYSlGa-h9u8Pqdy2kA6m5b2gab2TnKfJD_AuEAEgqtOMaGCVkpqCrAfIAQmpAjbE8JEfR7I-qAMByAObBKoEnwJP0GRHTKy4o3IntTYjZmcLv-NRdB5HGGIArVM03RRs5DkqNLHX-aunhHQcG5DVofoOZ5RU3QSFsRcp0kdHMDtp8h5d-mNVwJ4BgSpGXWUhnz017bRHoS2tP0ie5Gbw1uaSCv6L1oIagnVDkjuCHQQUrbrC2_q76-cs3LrDVntoWW1GbxG6HINTn5rNtesSaITLlwHS4YhT4_eBK0fHgXOYlob1fzE6SPmsJHDHRfNEP6LCkQe_EItsThhEBTquXc9QwbdL7dAytuz-RATGLrYjIMziMs8LXmgshSF-LQrZQKZEppM1GhI_k0DJoXU-1pPYBo_v6nKfmw2xNuNLlHq2c5wYX3f9B-dKA7xH1FF-IZQ2kul958VSy92GfzFVwMAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIDhgBAQARgdMgKqAjoCgEBIvf3BOliErem5svGDA4AKA5gLAcgLAYAMAaoNAkRF4g0TCPne6bmy8YMDFa-Q_QcdKa4N4rATh--xFdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTgAvHhf_RV0BhrvZWimw9WKQVGHgTiX6y4hfgvSK0ed4HargYin8aZm_23Nxh5YrQSWYc8DfyHrL3_xCCzQkpKesDvnLCoioHZCQ9JaXhxgB%26sig%3DAOD64_2588TY6D2shwvI3z07isDfkWVpEQ%26client%3Dca-pub-8170966538152543%26dbm_c%3DAKAmf-D3oao7XkxFFlsOJjEUfeTJ9jlxAYisNJcSDe8k6f6ZfTJULjc88I0PANUEHcTGBCqdifLdFglmUvDXTEXKeZal_Q2sRZ-unvH2p-NuER4pvdX4qewDph06AIhx0p3WZrxtDuF9dI4m89RWBry2Xsoy6PIHRhu9_80YYqCjIh0-d5L9K9g%26cry%3D1%26dbm_d%3DAKAmf-Dn9ErNWysqZ5iMeMbi-G0Gjsgpv664SvBfogZvMxy2oNKtfCx5uaAf9Fk4GiF2JZklUcvDPM7Zs1rXh0jTS2ipuEUv2fxz30BCPVBe3sttFJam4yLtSx8bwAALpQzQFdmLHwojyGtf6YonjerlP7LyQVo0t2h1PLHXl0DigOkiUXPUPYY7ZUhMi-09MdPVcB9FAOGLGTK26UvI1uz0qWM4JI2VrD9C7-I9RoTn1e3dYiwhWs_gYtqClm4T_S2XDnHUAJDNkqeWXytr0bPS-Ctza1Z0yUOW9Mi2jYLosrAJuSdKDLu7tffdBqpL3kNaxgS6UwEoli7gtUwHB2dDzUeKcevRFIf-9LbkttWpqQSnV_Upa_dIgftVDl11UZXSjyR9ny21FlI3YXDrY6SERW-KcVOMXoHHQP18pvcxVeCyjtAXgXq3y-hfcPRdmbpbX9yXpMH8sxjs4c1MRMZ7Ysbw-kVaM1ArFDARuEiooMLSaAMQYIeAtEWeMQ5O8jHKe6-JRvHKc7GGpFWD4uSFie7Hbm45RA%26adurl%3D&documentReferer=https%3A%2F%2Fcolunadofla.com%2F&ancestorOrigins=https%3A%2F%2Fcolunadofla.com&random=695345089873&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.121.248.44 , France, ASN16276 (OVH, FR),
Reverse DNS
ip44.ip-91-121-248.eu
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
access-control-expose-headers
X-Request-ID
attribution-reporting-register-source
{"source_event_id":"17200521800103984","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
content-length
0
content-type
application/javascript; charset=utf-8
date
Mon, 22 Jan 2024 16:16:38 GMT
host
pv.medialead.de
proxy-host
pv.medialead.de
server
nginx
vary
Origin
htlp
futalis.de/ Frame A003
Redirect Chain
  • https://cdn.retailads.net/tb.php?t=150337V2172132532M&subid=48099500138177804444994012577027&ra_cnt_active=1&ra_cnt=1
  • https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3480009841
350 B
401 B 		Document
General
Check archive.org
Download Go to
Full URL
https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3480009841
Requested by
Host: hal900027.redintelligence.net
URL: https://hal900027.redintelligence.net/request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=d7d4da785f&subid=&uid=f0cc4bf6a8ecff1b&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCDAHR5JSuZYSlGa-h9u8Pqdy2kA6m5b2gab2TnKfJD_AuEAEgqtOMaGCVkpqCrAfIAQmpAjbE8JEfR7I-qAMByAObBKoEnwJP0GRHTKy4o3IntTYjZmcLv-NRdB5HGGIArVM03RRs5DkqNLHX-aunhHQcG5DVofoOZ5RU3QSFsRcp0kdHMDtp8h5d-mNVwJ4BgSpGXWUhnz017bRHoS2tP0ie5Gbw1uaSCv6L1oIagnVDkjuCHQQUrbrC2_q76-cs3LrDVntoWW1GbxG6HINTn5rNtesSaITLlwHS4YhT4_eBK0fHgXOYlob1fzE6SPmsJHDHRfNEP6LCkQe_EItsThhEBTquXc9QwbdL7dAytuz-RATGLrYjIMziMs8LXmgshSF-LQrZQKZEppM1GhI_k0DJoXU-1pPYBo_v6nKfmw2xNuNLlHq2c5wYX3f9B-dKA7xH1FF-IZQ2kul958VSy92GfzFVwMAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIDhgBAQARgdMgKqAjoCgEBIvf3BOliErem5svGDA4AKA5gLAcgLAYAMAaoNAkRF4g0TCPne6bmy8YMDFa-Q_QcdKa4N4rATh--xFdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTgAvHhf_RV0BhrvZWimw9WKQVGHgTiX6y4hfgvSK0ed4HargYin8aZm_23Nxh5YrQSWYc8DfyHrL3_xCCzQkpKesDvnLCoioHZCQ9JaXhxgB%26sig%3DAOD64_2588TY6D2shwvI3z07isDfkWVpEQ%26client%3Dca-pub-8170966538152543%26dbm_c%3DAKAmf-D3oao7XkxFFlsOJjEUfeTJ9jlxAYisNJcSDe8k6f6ZfTJULjc88I0PANUEHcTGBCqdifLdFglmUvDXTEXKeZal_Q2sRZ-unvH2p-NuER4pvdX4qewDph06AIhx0p3WZrxtDuF9dI4m89RWBry2Xsoy6PIHRhu9_80YYqCjIh0-d5L9K9g%26cry%3D1%26dbm_d%3DAKAmf-Dn9ErNWysqZ5iMeMbi-G0Gjsgpv664SvBfogZvMxy2oNKtfCx5uaAf9Fk4GiF2JZklUcvDPM7Zs1rXh0jTS2ipuEUv2fxz30BCPVBe3sttFJam4yLtSx8bwAALpQzQFdmLHwojyGtf6YonjerlP7LyQVo0t2h1PLHXl0DigOkiUXPUPYY7ZUhMi-09MdPVcB9FAOGLGTK26UvI1uz0qWM4JI2VrD9C7-I9RoTn1e3dYiwhWs_gYtqClm4T_S2XDnHUAJDNkqeWXytr0bPS-Ctza1Z0yUOW9Mi2jYLosrAJuSdKDLu7tffdBqpL3kNaxgS6UwEoli7gtUwHB2dDzUeKcevRFIf-9LbkttWpqQSnV_Upa_dIgftVDl11UZXSjyR9ny21FlI3YXDrY6SERW-KcVOMXoHHQP18pvcxVeCyjtAXgXq3y-hfcPRdmbpbX9yXpMH8sxjs4c1MRMZ7Ysbw-kVaM1ArFDARuEiooMLSaAMQYIeAtEWeMQ5O8jHKe6-JRvHKc7GGpFWD4uSFie7Hbm45RA%26adurl%3D&documentReferer=https%3A%2F%2Fcolunadofla.com%2F&ancestorOrigins=https%3A%2F%2Fcolunadofla.com&random=695345089873&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
49.12.22.42 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
lb-3.futalis.de
Software
/
Resource Hash
582e283baa4cce4006055beb2eb8fe257c1ec5ef573a40f173b880636089e8cd

Request headers

Referer
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
350
content-type
text/html; charset=utf-8

Redirect headers

content-length
0
content-type
text/html; charset=utf-8
date
Mon, 22 Jan 2024 16:16:37 GMT
location
https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3480009841
p3p
policyref="https://www.retailads.net/w3c/p3p.xml",CP="NOI CUR OUR STP"
server
Apache
xphp81
true
link.html
track.webgains.com/ Frame 304F 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=498343&wgcampaignid=99582&js=1&viewref=48099500138177804444994012577027&nw=1
Requested by
Host: colunadofla.com
URL: https://colunadofla.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.42.201.144 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-42-201-144.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
c7820e413e62717ba5ace6c8a5cb16e1ad5afc719ddf5faacb1838d636822ccd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 16:16:37 GMT
last-modified
Mon, 22 Jan 2024 16:16:37 GMT
server
nginx
x-powered-by
PHP/7.4.26
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=60
access-control-allow-headers
Authorization
expires
Mon, 22 Jan 2024 16:17:37 GMT
e99aace94e6e58733936cdd965d03e75
pv.medialead.de/trck/epv/ Frame 304F 		0
326 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pv.medialead.de/trck/epv/e99aace94e6e58733936cdd965d03e75?subid=48099500138177804444994012577027&t=htlp&gdpr=1&consent=1&gdpr_consent=
Requested by
Host: hal900027.redintelligence.net
URL: https://hal900027.redintelligence.net/request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=d7d4da785f&subid=&uid=f0cc4bf6a8ecff1b&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCDAHR5JSuZYSlGa-h9u8Pqdy2kA6m5b2gab2TnKfJD_AuEAEgqtOMaGCVkpqCrAfIAQmpAjbE8JEfR7I-qAMByAObBKoEnwJP0GRHTKy4o3IntTYjZmcLv-NRdB5HGGIArVM03RRs5DkqNLHX-aunhHQcG5DVofoOZ5RU3QSFsRcp0kdHMDtp8h5d-mNVwJ4BgSpGXWUhnz017bRHoS2tP0ie5Gbw1uaSCv6L1oIagnVDkjuCHQQUrbrC2_q76-cs3LrDVntoWW1GbxG6HINTn5rNtesSaITLlwHS4YhT4_eBK0fHgXOYlob1fzE6SPmsJHDHRfNEP6LCkQe_EItsThhEBTquXc9QwbdL7dAytuz-RATGLrYjIMziMs8LXmgshSF-LQrZQKZEppM1GhI_k0DJoXU-1pPYBo_v6nKfmw2xNuNLlHq2c5wYX3f9B-dKA7xH1FF-IZQ2kul958VSy92GfzFVwMAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIDhgBAQARgdMgKqAjoCgEBIvf3BOliErem5svGDA4AKA5gLAcgLAYAMAaoNAkRF4g0TCPne6bmy8YMDFa-Q_QcdKa4N4rATh--xFdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTgAvHhf_RV0BhrvZWimw9WKQVGHgTiX6y4hfgvSK0ed4HargYin8aZm_23Nxh5YrQSWYc8DfyHrL3_xCCzQkpKesDvnLCoioHZCQ9JaXhxgB%26sig%3DAOD64_2588TY6D2shwvI3z07isDfkWVpEQ%26client%3Dca-pub-8170966538152543%26dbm_c%3DAKAmf-D3oao7XkxFFlsOJjEUfeTJ9jlxAYisNJcSDe8k6f6ZfTJULjc88I0PANUEHcTGBCqdifLdFglmUvDXTEXKeZal_Q2sRZ-unvH2p-NuER4pvdX4qewDph06AIhx0p3WZrxtDuF9dI4m89RWBry2Xsoy6PIHRhu9_80YYqCjIh0-d5L9K9g%26cry%3D1%26dbm_d%3DAKAmf-Dn9ErNWysqZ5iMeMbi-G0Gjsgpv664SvBfogZvMxy2oNKtfCx5uaAf9Fk4GiF2JZklUcvDPM7Zs1rXh0jTS2ipuEUv2fxz30BCPVBe3sttFJam4yLtSx8bwAALpQzQFdmLHwojyGtf6YonjerlP7LyQVo0t2h1PLHXl0DigOkiUXPUPYY7ZUhMi-09MdPVcB9FAOGLGTK26UvI1uz0qWM4JI2VrD9C7-I9RoTn1e3dYiwhWs_gYtqClm4T_S2XDnHUAJDNkqeWXytr0bPS-Ctza1Z0yUOW9Mi2jYLosrAJuSdKDLu7tffdBqpL3kNaxgS6UwEoli7gtUwHB2dDzUeKcevRFIf-9LbkttWpqQSnV_Upa_dIgftVDl11UZXSjyR9ny21FlI3YXDrY6SERW-KcVOMXoHHQP18pvcxVeCyjtAXgXq3y-hfcPRdmbpbX9yXpMH8sxjs4c1MRMZ7Ysbw-kVaM1ArFDARuEiooMLSaAMQYIeAtEWeMQ5O8jHKe6-JRvHKc7GGpFWD4uSFie7Hbm45RA%26adurl%3D&documentReferer=https%3A%2F%2Fcolunadofla.com%2F&ancestorOrigins=https%3A%2F%2Fcolunadofla.com&random=695345089873&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.121.248.44 , France, ASN16276 (OVH, FR),
Reverse DNS
ip44.ip-91-121-248.eu
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 16:16:38 GMT
attribution-reporting-register-source
{"source_event_id":"17200521800103984","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
server
nginx
host
pv.medialead.de
vary
Origin
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Request-ID
access-control-allow-credentials
true
content-length
0
proxy-host
pv.medialead.de
e99aace94e6e58733936cdd965d03e75
pv.medialead.de/trck/eview/ Frame 304F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pv.medialead.de/trck/eview/e99aace94e6e58733936cdd965d03e75?subid=48099500138177804444994012577027&t=htlp&gdpr=1&consent=1&gdpr_consent=
Requested by
Host: hal900027.redintelligence.net
URL: https://hal900027.redintelligence.net/request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=d7d4da785f&subid=&uid=f0cc4bf6a8ecff1b&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCDAHR5JSuZYSlGa-h9u8Pqdy2kA6m5b2gab2TnKfJD_AuEAEgqtOMaGCVkpqCrAfIAQmpAjbE8JEfR7I-qAMByAObBKoEnwJP0GRHTKy4o3IntTYjZmcLv-NRdB5HGGIArVM03RRs5DkqNLHX-aunhHQcG5DVofoOZ5RU3QSFsRcp0kdHMDtp8h5d-mNVwJ4BgSpGXWUhnz017bRHoS2tP0ie5Gbw1uaSCv6L1oIagnVDkjuCHQQUrbrC2_q76-cs3LrDVntoWW1GbxG6HINTn5rNtesSaITLlwHS4YhT4_eBK0fHgXOYlob1fzE6SPmsJHDHRfNEP6LCkQe_EItsThhEBTquXc9QwbdL7dAytuz-RATGLrYjIMziMs8LXmgshSF-LQrZQKZEppM1GhI_k0DJoXU-1pPYBo_v6nKfmw2xNuNLlHq2c5wYX3f9B-dKA7xH1FF-IZQ2kul958VSy92GfzFVwMAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIDhgBAQARgdMgKqAjoCgEBIvf3BOliErem5svGDA4AKA5gLAcgLAYAMAaoNAkRF4g0TCPne6bmy8YMDFa-Q_QcdKa4N4rATh--xFdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTgAvHhf_RV0BhrvZWimw9WKQVGHgTiX6y4hfgvSK0ed4HargYin8aZm_23Nxh5YrQSWYc8DfyHrL3_xCCzQkpKesDvnLCoioHZCQ9JaXhxgB%26sig%3DAOD64_2588TY6D2shwvI3z07isDfkWVpEQ%26client%3Dca-pub-8170966538152543%26dbm_c%3DAKAmf-D3oao7XkxFFlsOJjEUfeTJ9jlxAYisNJcSDe8k6f6ZfTJULjc88I0PANUEHcTGBCqdifLdFglmUvDXTEXKeZal_Q2sRZ-unvH2p-NuER4pvdX4qewDph06AIhx0p3WZrxtDuF9dI4m89RWBry2Xsoy6PIHRhu9_80YYqCjIh0-d5L9K9g%26cry%3D1%26dbm_d%3DAKAmf-Dn9ErNWysqZ5iMeMbi-G0Gjsgpv664SvBfogZvMxy2oNKtfCx5uaAf9Fk4GiF2JZklUcvDPM7Zs1rXh0jTS2ipuEUv2fxz30BCPVBe3sttFJam4yLtSx8bwAALpQzQFdmLHwojyGtf6YonjerlP7LyQVo0t2h1PLHXl0DigOkiUXPUPYY7ZUhMi-09MdPVcB9FAOGLGTK26UvI1uz0qWM4JI2VrD9C7-I9RoTn1e3dYiwhWs_gYtqClm4T_S2XDnHUAJDNkqeWXytr0bPS-Ctza1Z0yUOW9Mi2jYLosrAJuSdKDLu7tffdBqpL3kNaxgS6UwEoli7gtUwHB2dDzUeKcevRFIf-9LbkttWpqQSnV_Upa_dIgftVDl11UZXSjyR9ny21FlI3YXDrY6SERW-KcVOMXoHHQP18pvcxVeCyjtAXgXq3y-hfcPRdmbpbX9yXpMH8sxjs4c1MRMZ7Ysbw-kVaM1ArFDARuEiooMLSaAMQYIeAtEWeMQ5O8jHKe6-JRvHKc7GGpFWD4uSFie7Hbm45RA%26adurl%3D&documentReferer=https%3A%2F%2Fcolunadofla.com%2F&ancestorOrigins=https%3A%2F%2Fcolunadofla.com&random=695345089873&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.121.248.44 , France, ASN16276 (OVH, FR),
Reverse DNS
ip44.ip-91-121-248.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers
gtm.js
www.googletagmanager.com/ Frame 4A01 		179 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF
Requested by
Host: adv.office-partner.de
URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d51b5ca6ac911eaf609785c23cbf8db3111386132555995d7edac30ee28ed774
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adv.office-partner.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 16:16:37 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65232
x-xss-protection
0
last-modified
Mon, 22 Jan 2024 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 22 Jan 2024 16:16:37 GMT
js
www.googletagmanager.com/gtag/ Frame 4A01 		276 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-Q7C756EV6G&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a9d0bdccf251b58716ddd7fee8c65b66ebcded9bdb0e6c8247d6dd010a8a0106
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adv.office-partner.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 16:16:37 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
93297
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 22 Jan 2024 16:16:37 GMT
pvClk.min.js
analytics.webgains.io/ Frame 304F 		54 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.webgains.io/pvClk.min.js
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=498343&wgcampaignid=99582&js=1&viewref=48099500138177804444994012577027&nw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.103.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-103-16.zrh50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5ca4b5260e5b7a45b242e3c117e96451cb1d43563baee057f0d609548a112db7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 05:23:26 GMT
content-encoding
gzip
via
1.1 7245e91891539560c1f484b1e46159c8.cloudfront.net (CloudFront)
last-modified
Thu, 11 Jan 2024 16:01:13 GMT
server
AmazonS3
x-amz-cf-pop
ZRH50-C1
age
39192
x-amz-server-side-encryption
AES256
etag
W/"1885e2f5560c2347761a6db4984ea717"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
7bp9AqSwGwCXxFh0TozvrOwR8DQ5m6c9F3-ns19Hhi7om0nWQmyr-A==
1x1.gif
cdn.track.production.webgains.team/7121/ Frame 304F 		85 B
438 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.track.production.webgains.team/7121/1x1.gif?Expires=1705940497&Signature=mqKJk9yST0FxLiCGVUJdPNV6VmmTeOll4n0haVAvNB-~qFd8aS0le0xhANXWgCv677R6xcGk1wM2mcKqOnbkRU6deJUpoQGMDmL1ohn11aEVfQ9EcRnbTs-mYWsQxB45sdz1wuy5YoVEZypiHYvNvEPHHt5yX8~iXiIxKmEoBTGTVAb7jFnfKViTTQ2vDUByyOcB7P67rtYaDZkv5T5Gfe-jHiujMQQWpXOzExtuhD36KuQ9QrUqV1fSPffUr~poy9BH5ESqT581tTt6Vx~~D~UHfAqJJj5DVBV12hKuaRW7FHAFSNNryIJs1qIvGHiOHEuSUuZavtkIwSGgPOlgvw__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by
Host: 48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com
URL: https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.183.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-183-76.zrh55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
08409d08d8d118c6c6d1c375e079bfce656ac367ff4d1dd9551fff110033c185

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id
null
date
Mon, 22 Jan 2024 09:26:15 GMT
via
1.1 179ba4c3ce59451c080c2ed7517bcb96.cloudfront.net (CloudFront)
last-modified
Fri, 06 May 2022 11:40:06 GMT
server
AmazonS3
x-amz-cf-pop
ZRH55-P1
age
24657
etag
"70af33d70b6810475aae19743c8c435b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/gif
accept-ranges
bytes
content-length
85
x-amz-cf-id
eSQgdfsQhGGTO6zaSkEZYmvEnPggPL9UjnAwE46Tmbn8A8_N9xaSrg==
ts.js
cdn.retailads.net/ Frame A003 		5 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.retailads.net/ts.js
Requested by
Host: futalis.de
URL: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3480009841
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
2a01:4f8:d0a:2321::2 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
Apache /
Resource Hash
525e7c89461afb3f73ea7030fbceba4f9e9383570159926acee637b4f86b8148

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://futalis.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 16:16:37 GMT
last-modified
Wed, 05 Apr 2023 20:14:46 GMT
server
Apache
etag
"1416-5f89c717cdc2f"
content-type
application/javascript
xphp81
true
accept-ranges
bytes
content-length
5142
11822513
api.attentionxyz.com/api/event/ Frame 4C61 		2 B
17 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.attentionxyz.com/api/event/11822513
Requested by
Host: attentionxyz.com
URL: https://attentionxyz.com/160-3c6e1570/amt.js?tagLabel=Dept_Agency_cm360&attrAdvertiser=11822513&attrCampaign=31208750&attrSite=7847497&attrPlacement=385568821&attrCreative=208026589&attrAd=576600420&attr1=%edclid!&attr2=j
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.222.118 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
118.222.117.34.bc.googleusercontent.com
Software
/
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Accepts
application/json
Referer
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/
Amt-Event
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJrZXkiOiJhbXQtcHJvZCJ9.8dotrQPk6rXdTZUfYiTmmCx3BKBZ0ngS9huOY_9Rk9s
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 22 Jan 2024 16:16:37 GMT
via
1.1 google
vary
Origin
content-type
text/html
access-control-allow-origin
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
11822513
api.attentionxyz.com/api/event/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.attentionxyz.com/api/event/11822513
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.222.118 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
118.222.117.34.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
accepts,amt-event,content-type
Access-Control-Request-Method
POST
Origin
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
accepts,amt-event,content-type
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Mon, 22 Jan 2024 16:16:37 GMT
vary
Origin, Access-Control-Request-Headers
via
1.1 google
activityi;dc_pre=CMrhlLyy8YMDFR1LHgIdawYGLw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5507977492695.828
5994599.fls.doubleclick.net/ Frame 4952
Redirect Chain
  • https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5507977492695.828?
  • https://5994599.fls.doubleclick.net/activityi;dc_pre=CMrhlLyy8YMDFR1LHgIdawYGLw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5507977492695.828?
391 B
327 B 		Document
General
Check archive.org
Download Go to
Full URL
https://5994599.fls.doubleclick.net/activityi;dc_pre=CMrhlLyy8YMDFR1LHgIdawYGLw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5507977492695.828?
Requested by
Host: 48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com
URL: https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s01-in-f6.1e100.net
Software
cafe /
Resource Hash
6546af074ffdf078d2767a671778e74def5d9e5f6fe0f768607ee7cd7d10f2aa
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
218
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 22 Jan 2024 16:16:38 GMT
expires
Mon, 22 Jan 2024 16:16:38 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 22 Jan 2024 16:16:38 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://5994599.fls.doubleclick.net/activityi;dc_pre=CMrhlLyy8YMDFR1LHgIdawYGLw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5507977492695.828?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
request_content.php
hal900027.redintelligence.net/ Frame 91A3 		7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hal900027.redintelligence.net/request_content.php?s=48099500138177804444994012577027&a=626c46bc
Requested by
Host: 48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com
URL: https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
78.46.111.106 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.106.111.46.78.clients.your-server.de
Software
Apache /
Resource Hash
0deaa650a7fe01f8a6a7e08269022e8db0b67c19c3137a734dab508726fe4590

Request headers

Referer
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Encoding
gzip
Content-Length
2125
Content-Type
text/html; charset=utf-8
Date
Mon, 22 Jan 2024 16:16:38 GMT
Expires
Mon, 22 Jan 2024 16:16:38 +0100
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma
no-cache
Server
Apache
Vary
Accept-Encoding
truncated
/ Frame 304F 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6483497030d8a8a867ad8d73741e2ef5db405364ac86a2c28bc93f39aa6f1cf1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/png
dt
dt.adsafeprotected.com/ Frame 5422 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1474271&asId=dcc17185-d318-4fed-4bef-e2516e11c71d&tv=%7Bc:2300TQ,pingTime:1,time:2521,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:970,h:90,t:12%7D,%7Bpiv:100,vs:i,r:,t:1499%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:1022,o:1499,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:12,wc:0.0.1600.1200,ac:NaN.NaN.970.90,am:i,cc:NaN.NaN.970.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1494~0,0~100%5D,as:%5B1494~970.90%5D%7D%7D,%7Bsl:i,t:1499,wc:0.0.1600.1200,ac:NaN.NaN.970.90,am:i,cc:NaN.NaN.970.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1022~100%5D,as:%5B1022~970.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:115,fm:u26PcEG+11%7C12%7C13%7C14%7C15%7C16%7C171%7C172%7C173%7C18%7C191%7C192%7C193%7C194%7C1a.1874223-77019481%7C1a1%7C1a2%7C1a31%7C1b.1350098-69352127%7C1b1%7C1b2%7C1b3%7C1b4%7C1c%7C1d1%7C1d2%7C1e*.1474271-76103297%7C1e1,idMap:1e*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:13,sis:282%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:7d2:94c5:1ce1:2c8f Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 16:16:38 GMT
server
nginx
x-server-name
dt24.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 5422 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1474271&asId=dcc17185-d318-4fed-4bef-e2516e11c71d&tv=%7Bc:2300TQ,pingTime:1,time:2521,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:970,h:90,t:12%7D,%7Bpiv:100,vs:i,r:,t:1499%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:1022,o:1499,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:12,wc:0.0.1600.1200,ac:NaN.NaN.970.90,am:i,cc:NaN.NaN.970.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1494~0,0~100%5D,as:%5B1494~970.90%5D%7D%7D,%7Bsl:i,t:1499,wc:0.0.1600.1200,ac:NaN.NaN.970.90,am:i,cc:NaN.NaN.970.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1022~100%5D,as:%5B1022~970.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:115,fm:u26PcEG+11%7C12%7C13%7C14%7C15%7C16%7C171%7C172%7C173%7C18%7C191%7C192%7C193%7C194%7C1a.1874223-77019481%7C1a1%7C1a2%7C1a31%7C1b.1350098-69352127%7C1b1%7C1b2%7C1b3%7C1b4%7C1c%7C1d1%7C1d2%7C1e*.1474271-76103297%7C1e1,idMap:1e*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:13,sis:282%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:7d2:94c5:1ce1:2c8f Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 16:16:38 GMT
server
nginx
x-server-name
dt25.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
css
fonts.googleapis.com/ Frame 91A3 		5 KB
682 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Requested by
Host: hal900027.redintelligence.net
URL: https://hal900027.redintelligence.net/request_content.php?s=48099500138177804444994012577027&a=626c46bc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e334ca19f092778f57815a534078daf8e3fce269e56f7ea374ab3a117eee92ad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900027.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 22 Jan 2024 16:16:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 22 Jan 2024 14:18:10 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 22 Jan 2024 16:16:38 GMT
/
hal9000.redintelligence.net/scale/ Frame 91A3 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/30229/creativesup/1200x627_Office-Partner.jpg
Requested by
Host: hal900027.redintelligence.net
URL: https://hal900027.redintelligence.net/request_content.php?s=48099500138177804444994012577027&a=626c46bc
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.149 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.149.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
b34944bed035257d12c44baa3ff066dbb6589fdb89870724d3105c6f9633227b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900027.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 22 Jan 2024 16:16:38 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
16513
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame 91A3 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/6383/creativesup/produkte-kredite-privatkredit-mann-auf-pferd-teaser-logout-1200x627.jpg
Requested by
Host: hal900027.redintelligence.net
URL: https://hal900027.redintelligence.net/request_content.php?s=48099500138177804444994012577027&a=626c46bc
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.149 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.149.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
0ba0d95f6584fe1c04215b4aa924eb21b06e7d7c13ed6aa4f3a18efafd01df89

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900027.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 22 Jan 2024 16:16:38 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
16982
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame 91A3 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/55487/creativesup/1200x627.jpg
Requested by
Host: hal900027.redintelligence.net
URL: https://hal900027.redintelligence.net/request_content.php?s=48099500138177804444994012577027&a=626c46bc
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.149 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.149.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
a31245a86f3d29f88e77afd309ae08f9ae63760d29772bc405fb269f743a470d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900027.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 22 Jan 2024 16:16:38 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
12994
Vary
Accept-Encoding
Content-Type
image/png
viewability
hal900027.redintelligence.net/ Frame 91A3 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900027.redintelligence.net/viewability?s=48099500138177804444994012577027&a=f9dd4c60&vb=m
Requested by
Host: hal900027.redintelligence.net
URL: https://hal900027.redintelligence.net/request_content.php?s=48099500138177804444994012577027&a=626c46bc
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
78.46.111.106 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.106.111.46.78.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900027.redintelligence.net/request_content.php?s=48099500138177804444994012577027&a=626c46bc
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 22 Jan 2024 16:16:38 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame 91A3 		14 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hal900027.redintelligence.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 08:36:49 GMT
x-content-type-options
nosniff
age
459589
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14824
x-xss-protection
0
last-modified
Thu, 01 Jun 2023 22:52:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 16 Jan 2025 08:36:49 GMT
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame 91A3 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hal900027.redintelligence.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 20 Jan 2024 00:04:46 GMT
x-content-type-options
nosniff
age
231112
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14892
x-xss-protection
0
last-modified
Thu, 01 Jun 2023 22:52:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 19 Jan 2025 00:04:46 GMT
dc_pre=CMrhlLyy8YMDFR1LHgIdawYGLw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5507977492695.828
adservice.google.com/ddm/fls/z/ Frame 4952 		42 B
401 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CMrhlLyy8YMDFR1LHgIdawYGLw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5507977492695.828
Requested by
Host: 5994599.fls.doubleclick.net
URL: https://5994599.fls.doubleclick.net/activityi;dc_pre=CMrhlLyy8YMDFR1LHgIdawYGLw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5507977492695.828?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5994599.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 16:16:38 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tracking-event
api.webgains.io/ Frame 304F 		16 B
209 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.134.214.132 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-134-214-132.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/8.1.14
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 22 Jan 2024 16:16:38 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/8.1.14
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
tracking-event
api.webgains.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.134.214.132 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-134-214-132.eu-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-headers
Authorization, Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
*
date
Mon, 22 Jan 2024 16:16:38 GMT
server
nginx
collect
region1.analytics.google.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-K5T6DQS0LR&gtm=45je41h0v878194228&_p=1705940191534&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1599854402.1705940192&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEI&sid=1705940191&sct=1&seg=0&dl=https%3A%2F%2Fcolunadofla.com%2F&dt=Flamengo%20%7C%20Not%C3%ADcias%2C%20jogos%20e%20v%C3%ADdeos&_s=3&tfd=9033
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-K5T6DQS0LR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://colunadofla.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 16:16:38 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://colunadofla.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 2A88 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CiSzc45SuZY38FcHd1PIPqcSfkAupjsflcuDWzamNEsCNtwEQASAAYJWqs4LAB4IBHWNhLXZpZGVvLXB1Yi04MTcwOTY2NTM4MTUyNTQzyAEF4AIAqAMBmAQAqgSgAk_QrLZrbWpJkjHDvR0waejsxaK9_H0yG_58g3LnAlvax-lKhFGJM1N5e1HeGA-1ZMy6yQWoeftgRYQooQYoCn3MTHTSDrQO4h5vpkl_WQdkhhLgDDOih8O4GWIuDGKPNTaSjTI2ZHwKNLBx02RvFKVu78kxAP4klLgPakUWJ77JQSQziKaUHp9lpLUWR76SQNhtfdDsz5ks4nj7_q74_sLO7PKj9M_9dpTO4NpCgLda_zbR8eacZ2-V39V-nYtf_PY31BUOEsIqoEIJktAGyPqs5_WN99gRrinJvrqHrjVDGUy_h0GFvAgS3W6qZkRzLbms64_cylUU00t_cQEEApwVoE7NmSNlqR1-74OHK85ixPqnexHdEeNFo10u9-Z8vOAEAYAGj_2K-qPj1a9WoAYqqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WIH05rqy8YMD-gsCCAGADAHiDRMIuLrnurLxgwMVwS5VCB0p4gey0BUBgBcB&sigh=0tSNIJZcia4&label=videoplaytime25&ad_mt=0&sdkv=h.3.613.0&vci=CosBCAESGHB1YmFkcy5nLmRvdWJsZWNsaWNrLm5ldBoLQWRTZW5zZS9BZFggBCoTNjIyMzc4ODk4MDI5MTQxOTc5MUDBBFIiEAQlAAAgQSgBOgd1bmtub3duQgd1bmtub3duSPcBUABgAloiZG91YmxlY2xpY2tieWdvb2dsZS5jb20tb21pZC12aWRlbxgB
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 16:16:39 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 304F 		0
25 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=9595364795348&version=m202309260101&ct=77&x=1&cor=3181488269748385300
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 16:16:39 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
11822513
api.attentionxyz.com/api/event/ Frame 4C61 		2 B
17 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.attentionxyz.com/api/event/11822513
Requested by
Host: attentionxyz.com
URL: https://attentionxyz.com/160-3c6e1570/amt.js?tagLabel=Dept_Agency_cm360&attrAdvertiser=11822513&attrCampaign=31208750&attrSite=7847497&attrPlacement=385568821&attrCreative=208026589&attrAd=576600420&attr1=%edclid!&attr2=j
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.222.118 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
118.222.117.34.bc.googleusercontent.com
Software
/
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Accepts
application/json
Referer
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/
Amt-Event
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJrZXkiOiJhbXQtcHJvZCJ9.8dotrQPk6rXdTZUfYiTmmCx3BKBZ0ngS9huOY_9Rk9s
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 22 Jan 2024 16:16:40 GMT
via
1.1 google
vary
Origin
content-type
text/html
access-control-allow-origin
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
11822513
api.attentionxyz.com/api/event/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.attentionxyz.com/api/event/11822513
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.222.118 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
118.222.117.34.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
accepts,amt-event,content-type
Access-Control-Request-Method
POST
Origin
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
accepts,amt-event,content-type
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Mon, 22 Jan 2024 16:16:40 GMT
vary
Origin, Access-Control-Request-Headers
via
1.1 google
dt
dt.adsafeprotected.com/ Frame E7D8 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1874223&asId=e6e6cb43-d112-5d96-5a03-45b5fbae2e9d&tv=%7Bc:2301ym,pingTime:5,time:6068,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:11%7D,%7Bpiv:100,vs:i,r:,t:1068%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:5000,o:1068,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:11,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1063~0,0~100%5D,as:%5B1063~300.250%5D%7D%7D,%7Bsl:i,t:1068,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5000~100%5D,as:%5B5000~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:115,fm:u26PcEG+11%7C12%7C13%7C14%7C15%7C16%7C171%7C172%7C173%7C18%7C19%7C1a*.1874223-77019481%7C1a1%7C1a2%7C1a3%7C1b.1350098-69352127%7C1e.1474271-76103297,idMap:1a*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:12,sis:162%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:7d2:94c5:1ce1:2c8f Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 16:16:40 GMT
server
nginx
x-server-name
dt04.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame E7D8 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1874223&asId=e6e6cb43-d112-5d96-5a03-45b5fbae2e9d&tv=%7Bc:2301yn,pingTime:5,time:6069,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:11%7D,%7Bpiv:100,vs:i,r:,t:1068%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:5001,o:1068,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:11,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1063~0,0~100%5D,as:%5B1063~300.250%5D%7D%7D,%7Bsl:i,t:1068,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5001~100%5D,as:%5B5001~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:115,fm:u26PcEG+11%7C12%7C13%7C14%7C15%7C16%7C171%7C172%7C173%7C18%7C19%7C1a*.1874223-77019481%7C1a1%7C1a2%7C1a3%7C1b.1350098-69352127%7C1e.1474271-76103297,idMap:1a*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:12,sis:162%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:7d2:94c5:1ce1:2c8f Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 16:16:40 GMT
server
nginx
x-server-name
dt14.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
/
b1t-eudc1.zemanta.com/t/video/midpoint/S5X5ZPWQJEWLXQXWO376MD7XHY53UNQVDRN2VBMELMPYZH3BILSR4A73GIYTASXNW5FZWL2LP4U7LASSKOVBI3K27XA4GW7XBMYZPY4MF27OQKHD3NWT6MMHHVMLQJLPN2HNCHB75ODDQBAIX56NNXVTS3W6PX... Frame 2A88 		26 B
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b1t-eudc1.zemanta.com/t/video/midpoint/S5X5ZPWQJEWLXQXWO376MD7XHY53UNQVDRN2VBMELMPYZH3BILSR4A73GIYTASXNW5FZWL2LP4U7LASSKOVBI3K27XA4GW7XBMYZPY4MF27OQKHD3NWT6MMHHVMLQJLPN2HNCHB75ODDQBAIX56NNXVTS3W6PXSGTNEVB6YPOX2JCRRQIRN7AULALBVMSZWEONIMHVCYR656QI7GDGREJ5LHSZD6XJTKAUYBHFLWJAT33VOTOU2DLY2D2SJ7FZM5RIK22NXYZ4EAQFKCQU2WUJZJDS3MUZP5S36XRS6RHPBE4Z5BUWVAL55POL76AYID7R7BSFHJUPWJQEPXPURBANLMD2775WC3BNOKAPAM6BSISWEVHBCYSZHEUEYNIOYY/?
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.227.153.220 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
v182.ce13.ams-01.nl.leaseweb.net
Software
/
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 22 Jan 2024 16:16:41 GMT
Connection
keep-alive
Content-Length
26
Content-Type
image/gif
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 2A88 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CiSzc45SuZY38FcHd1PIPqcSfkAupjsflcuDWzamNEsCNtwEQASAAYJWqs4LAB4IBHWNhLXZpZGVvLXB1Yi04MTcwOTY2NTM4MTUyNTQzyAEF4AIAqAMBmAQAqgSgAk_QrLZrbWpJkjHDvR0waejsxaK9_H0yG_58g3LnAlvax-lKhFGJM1N5e1HeGA-1ZMy6yQWoeftgRYQooQYoCn3MTHTSDrQO4h5vpkl_WQdkhhLgDDOih8O4GWIuDGKPNTaSjTI2ZHwKNLBx02RvFKVu78kxAP4klLgPakUWJ77JQSQziKaUHp9lpLUWR76SQNhtfdDsz5ks4nj7_q74_sLO7PKj9M_9dpTO4NpCgLda_zbR8eacZ2-V39V-nYtf_PY31BUOEsIqoEIJktAGyPqs5_WN99gRrinJvrqHrjVDGUy_h0GFvAgS3W6qZkRzLbms64_cylUU00t_cQEEApwVoE7NmSNlqR1-74OHK85ixPqnexHdEeNFo10u9-Z8vOAEAYAGj_2K-qPj1a9WoAYqqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WIH05rqy8YMD-gsCCAGADAHiDRMIuLrnurLxgwMVwS5VCB0p4gey0BUBgBcB&sigh=0tSNIJZcia4&label=videoplaytime50&ad_mt=0&sdkv=h.3.613.0&vci=CosBCAESGHB1YmFkcy5nLmRvdWJsZWNsaWNrLm5ldBoLQWRTZW5zZS9BZFggBCoTNjIyMzc4ODk4MDI5MTQxOTc5MUDBBFIiEAQlAAAgQSgBOgd1bmtub3duQgd1bmtub3duSPcBUABgAloiZG91YmxlY2xpY2tieWdvb2dsZS5jb20tb21pZC12aWRlbxgB
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 16:16:41 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ Frame B57D 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1350098&asId=25b9d9e9-1d95-accb-ba98-1e1a95dac902&tv=%7Bc:2301HZ,pingTime:5,time:6130,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:18%7D,%7Bpiv:58,vs:pp,r:,t:1129%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:1129,n:0,pp:5001,pm:0%7D,slEvents:%5B%7Bsl:o,t:18,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1125~0,0~50%5D,as:%5B1125~300.250%5D%7D%7D,%7Bsl:pp,t:1129,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:58,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5001~50%5D,as:%5B5001~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:132,fm:u26PcEG+11%7C12%7C13%7C14%7C15%7C16%7C171%7C172%7C173%7C18%7C191%7C192%7C193%7C194%7C1a.1874223-77019481%7C1a1%7C1a2%7C1a311%7C1b*.1350098-69352127%7C1b1%7C1b2%7C1b3%7C1c%7C1d%7C1e.1474271-76103297,idMap:1b*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:18,sis:174%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:7d2:94c5:1ce1:2c8f Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 16:16:41 GMT
server
nginx
x-server-name
dt23.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 5422 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1474271&asId=dcc17185-d318-4fed-4bef-e2516e11c71d&tv=%7Bc:2301W0,pingTime:5,time:6499,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:970,h:90,t:12%7D,%7Bpiv:100,vs:i,r:,t:1499%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:5000,o:1499,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:12,wc:0.0.1600.1200,ac:NaN.NaN.970.90,am:i,cc:NaN.NaN.970.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1494~0,0~100%5D,as:%5B1494~970.90%5D%7D%7D,%7Bsl:i,t:1499,wc:0.0.1600.1200,ac:NaN.NaN.970.90,am:i,cc:NaN.NaN.970.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5001~100%5D,as:%5B5001~970.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:114,fm:u26PcEG+11%7C12%7C13%7C14%7C15%7C16%7C171%7C172%7C173%7C18%7C191%7C192%7C193%7C194%7C1a.1874223-77019481%7C1a1%7C1a2%7C1a31%7C1b.1350098-69352127%7C1b1%7C1b2%7C1b3%7C1b4%7C1c%7C1d1%7C1d2%7C1e*.1474271-76103297%7C1e1,idMap:1e*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:13,sis:282%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:7d2:94c5:1ce1:2c8f Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 16:16:42 GMT
server
nginx
x-server-name
dt11.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 5422 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1474271&asId=dcc17185-d318-4fed-4bef-e2516e11c71d&tv=%7Bc:2301W1,pingTime:5,time:6500,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:970,h:90,t:12%7D,%7Bpiv:100,vs:i,r:,t:1499%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:5001,o:1499,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:12,wc:0.0.1600.1200,ac:NaN.NaN.970.90,am:i,cc:NaN.NaN.970.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1494~0,0~100%5D,as:%5B1494~970.90%5D%7D%7D,%7Bsl:i,t:1499,wc:0.0.1600.1200,ac:NaN.NaN.970.90,am:i,cc:NaN.NaN.970.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5001~100%5D,as:%5B5001~970.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:114,fm:u26PcEG+11%7C12%7C13%7C14%7C15%7C16%7C171%7C172%7C173%7C18%7C191%7C192%7C193%7C194%7C1a.1874223-77019481%7C1a1%7C1a2%7C1a31%7C1b.1350098-69352127%7C1b1%7C1b2%7C1b3%7C1b4%7C1c%7C1d1%7C1d2%7C1e*.1474271-76103297%7C1e1,idMap:1e*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:13,sis:282%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:7d2:94c5:1ce1:2c8f Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 16:16:42 GMT
server
nginx
x-server-name
dt12.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
/
info.nsmedia-advertising.com/ 		143 B
599 B 		Script
General
Check archive.org
Download Go to
Full URL
https://info.nsmedia-advertising.com/
Requested by
Host: scripts.nsn-server.xyz
URL: https://scripts.nsn-server.xyz/js/d2d1f42b6e8c57a17c3ec9ec1874f1fb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
a0b68371bf28651c37d47439b4696b4a93db6e2a1e66015bb371197bc4139e05

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://colunadofla.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 16:16:43 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s3FGPhYW2%2BNbDx9sNYy24laXKpgF%2Fg7Jfl6Do8rY6YZhJ1R%2BJ4l5fvRPCVyQ%2FTUIJlentDRygRU%2FsSBnZuP8mTZ38QyduNfxm9Nd%2BrCY3RNM%2BCKLysjYPrraZqnMytdRt4WWBtDz%2Bp3W434PkEGQG3CZ%2Fy15APJSJlRS"}],"group":"cf-nel","max_age":604800}
content-type
application/json
cf-ray
84991a5d5df418f5-FRA
alt-svc
h3=":443"; ma=86400
cf-placement
local-FRA
DE
c.nsmedia-advertising.com/unibet-32red/ Frame 9CF9 		678 B
642 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c.nsmedia-advertising.com/unibet-32red/DE?l=59046d39-36f5-40b4-82f9-7c31f54eee01&token=512f9a0d-02bf-4d7f-b151-46f4e52f51af&country=DE&region=undefined&ref=&path=aHR0cHM6Ly9jb2x1bmFkb2ZsYS5jb20v&url=aHR0cHM6Ly9iMS50cmlja3lyb2NrLmNvbS9yZWRpcmVjdC5hc3B4P3BpZD03NDQ0NDAyMSZiaWQ9MzQ2NjQ=
Requested by
Host: scripts.nsn-server.xyz
URL: https://scripts.nsn-server.xyz/js/d2d1f42b6e8c57a17c3ec9ec1874f1fb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
194df184f92e5a38d2d2216df38a41e2ed5c2ac7992a0479069a6a1127301e21

Request headers

Referer
https://colunadofla.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
apigw-requestid
R8w0zjUcjoEEM4A=
cf-cache-status
DYNAMIC
cf-ray
84991a5deecf18f5-FRA
content-encoding
br
content-type
text/html
date
Mon, 22 Jan 2024 16:16:43 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vl%2FMawhuDzBkpxfzbNJrOCUY4H0bxQY4ArGlO0QXVuyi3MUqRlw47dYvVwIrKEl5Ymzbr0rxtOBEQumNzUWWIqtsLEiprPuK74Yc%2BRO%2Fhx2yPjkDt1%2F3Ng0R67EE5wqjgep0O4DEZx499gaDvTSLzFG1K0BUMSq3"}],"group":"cf-nel","max_age":604800}
server
cloudflare
11822513
api.attentionxyz.com/api/event/ Frame 4C61 		2 B
17 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.attentionxyz.com/api/event/11822513
Requested by
Host: attentionxyz.com
URL: https://attentionxyz.com/160-3c6e1570/amt.js?tagLabel=Dept_Agency_cm360&attrAdvertiser=11822513&attrCampaign=31208750&attrSite=7847497&attrPlacement=385568821&attrCreative=208026589&attrAd=576600420&attr1=%edclid!&attr2=j
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.222.118 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
118.222.117.34.bc.googleusercontent.com
Software
/
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Accepts
application/json
Referer
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/
Amt-Event
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJrZXkiOiJhbXQtcHJvZCJ9.8dotrQPk6rXdTZUfYiTmmCx3BKBZ0ngS9huOY_9Rk9s
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 22 Jan 2024 16:16:43 GMT
via
1.1 google
vary
Origin
content-type
text/html
access-control-allow-origin
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
11822513
api.attentionxyz.com/api/event/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.attentionxyz.com/api/event/11822513
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.222.118 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
118.222.117.34.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
accepts,amt-event,content-type
Access-Control-Request-Method
POST
Origin
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
accepts,amt-event,content-type
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Mon, 22 Jan 2024 16:16:43 GMT
vary
Origin, Access-Control-Request-Headers
via
1.1 google
btag=81765197_35BBC6679B4D40E3A84416FDB0255F3D
b1.trickyrock.com/ Frame 3079
Redirect Chain
  • https://b1.trickyrock.com/redirect.aspx?pid=74444021&bid=34664
  • https://b1.trickyrock.com/btag=81765197_35BBC6679B4D40E3A84416FDB0255F3D
1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://b1.trickyrock.com/btag=81765197_35BBC6679B4D40E3A84416FDB0255F3D
Requested by
Host: c.nsmedia-advertising.com
URL: https://c.nsmedia-advertising.com/unibet-32red/DE?l=59046d39-36f5-40b4-82f9-7c31f54eee01&token=512f9a0d-02bf-4d7f-b151-46f4e52f51af&country=DE&region=undefined&ref=&path=aHR0cHM6Ly9jb2x1bmFkb2ZsYS5jb20v&url=aHR0cHM6Ly9iMS50cmlja3lyb2NrLmNvbS9yZWRpcmVjdC5hc3B4P3BpZD03NDQ0NDAyMSZiaWQ9MzQ2NjQ=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
dc1d54dab6ec8c00f70137927504e4f222c8395f10760b6beecfcfa94e08249f

Request headers

Referer
https://c.nsmedia-advertising.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store
content-length
1245
content-type
text/html
date
Mon, 22 Jan 2024 16:16:43 GMT
pragma
no-cache
x-azure-ref
20240122T161643Z-1sc72q2b592shf695vg6dbkbts000000034g000000003rt9
x-cache
CONFIG_NOCACHE

Redirect headers

access-control-expose-headers
Request-Context
cache-control
private,no-cache, no-store
content-length
0
content-type
text/html
date
Mon, 22 Jan 2024 16:16:43 GMT
location
btag=81765197_35BBC6679B4D40E3A84416FDB0255F3D
p3p
CP="This is not a P3P policy! It is used to bypass IEs problematic handling of cookies"
pragma
no-cache
request-context
appId=cid-v1:83ffbda4-9458-475e-90ec-4427cfb5c3b0
x-aspnet-version
4.0.30319
x-azure-ref
20240122T161643Z-1sc72q2b592shf695vg6dbkbts000000034g000000003rt0
x-cache
CONFIG_NOCACHE
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 2A88 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CiSzc45SuZY38FcHd1PIPqcSfkAupjsflcuDWzamNEsCNtwEQASAAYJWqs4LAB4IBHWNhLXZpZGVvLXB1Yi04MTcwOTY2NTM4MTUyNTQzyAEF4AIAqAMBmAQAqgSgAk_QrLZrbWpJkjHDvR0waejsxaK9_H0yG_58g3LnAlvax-lKhFGJM1N5e1HeGA-1ZMy6yQWoeftgRYQooQYoCn3MTHTSDrQO4h5vpkl_WQdkhhLgDDOih8O4GWIuDGKPNTaSjTI2ZHwKNLBx02RvFKVu78kxAP4klLgPakUWJ77JQSQziKaUHp9lpLUWR76SQNhtfdDsz5ks4nj7_q74_sLO7PKj9M_9dpTO4NpCgLda_zbR8eacZ2-V39V-nYtf_PY31BUOEsIqoEIJktAGyPqs5_WN99gRrinJvrqHrjVDGUy_h0GFvAgS3W6qZkRzLbms64_cylUU00t_cQEEApwVoE7NmSNlqR1-74OHK85ixPqnexHdEeNFo10u9-Z8vOAEAYAGj_2K-qPj1a9WoAYqqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WIH05rqy8YMD-gsCCAGADAHiDRMIuLrnurLxgwMVwS5VCB0p4gey0BUBgBcB&sigh=0tSNIJZcia4&label=videoplaytime75&ad_mt=0&sdkv=h.3.613.0&vci=CosBCAESGHB1YmFkcy5nLmRvdWJsZWNsaWNrLm5ldBoLQWRTZW5zZS9BZFggBCoTNjIyMzc4ODk4MDI5MTQxOTc5MUDBBFIiEAQlAAAgQSgBOgd1bmtub3duQgd1bmtub3duSPcBUABgAloiZG91YmxlY2xpY2tieWdvb2dsZS5jb20tb21pZC12aWRlbxgB
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 16:16:44 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMInZfqubLxgwMVtti7CB0qbwlWEAEYACDd95hj;dc_eps=AHas8cB4DN_IRHm3mAXdHuSCePUBrdCdr5IQbra_8BD2f02l5hP1wxf0vqEsMMGEMgaiCdgflqpTWE8;met=1;&timestamp=1705940204164;eid1=871060;ecn1=1;etm1=0;eid2=2...
ade.googlesyndication.com/ddm/activity/ Frame 4C61 		42 B
401 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMInZfqubLxgwMVtti7CB0qbwlWEAEYACDd95hj;dc_eps=AHas8cB4DN_IRHm3mAXdHuSCePUBrdCdr5IQbra_8BD2f02l5hP1wxf0vqEsMMGEMgaiCdgflqpTWE8;met=1;&timestamp=1705940204164;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 16:16:44 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMI5dCcurLxgwMVDsm7CB0Cyg6YEAEYACDDm9Rh;dc_eps=AHas8cBugMFlgLe5XM9HFc0OtPu9y6yRRXE3IS7CXQkyGK-yAt3Nyh9J24Sopk2y0fLIxJk2TCBnPiY;met=1;&timestamp=1705940204879;eid1=871060;ecn1=1;etm1=0;eid2=2...
ade.googlesyndication.com/ddm/activity/ Frame DA11 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI5dCcurLxgwMVDsm7CB0Cyg6YEAEYACDDm9Rh;dc_eps=AHas8cBugMFlgLe5XM9HFc0OtPu9y6yRRXE3IS7CXQkyGK-yAt3Nyh9J24Sopk2y0fLIxJk2TCBnPiY;met=1;&timestamp=1705940204879;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 16:16:44 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMI7cunurLxgwMVyfQRCB2WNwb4EAAYACDo3M1iQhMIkciCurLxgwMVj9C7CB1h3gPL;dc_eps=AHas8cCR62VfqWEQ6XnYNSNkLUFHm0wmPYCIPK-aSRfk2Jxcfy2mfzdY4xPSSukyFTEZzGTLkqJOzqA;met=1;&timestamp=1705940204945;eid1...
ade.googlesyndication.com/ddm/activity/ Frame E7D8 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI7cunurLxgwMVyfQRCB2WNwb4EAAYACDo3M1iQhMIkciCurLxgwMVj9C7CB1h3gPL;dc_eps=AHas8cCR62VfqWEQ6XnYNSNkLUFHm0wmPYCIPK-aSRfk2Jxcfy2mfzdY4xPSSukyFTEZzGTLkqJOzqA;met=1;&timestamp=1705940204945;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 16:16:45 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
DE
c.nsmedia-advertising.com/entain-bwin-de/ Frame B995 		662 B
617 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c.nsmedia-advertising.com/entain-bwin-de/DE?l=239cff6f-3b7d-4c69-a210-880bf0602ea4&token=512f9a0d-02bf-4d7f-b151-46f4e52f51af&country=DE&region=undefined&ref=&path=aHR0cHM6Ly9jb2x1bmFkb2ZsYS5jb20v&url=aHR0cHM6Ly93d3cuYndpbi5kZS9lbi9tb2JpbGVwb3J0YWwvY29udGFjdD93bT01MzIyOTM3
Requested by
Host: scripts.nsn-server.xyz
URL: https://scripts.nsn-server.xyz/js/d2d1f42b6e8c57a17c3ec9ec1874f1fb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
17d206c671ea31ec9cbdb36da6f132b1d9bff0db72a2eef191384baa525f04f1

Request headers

Referer
https://colunadofla.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
apigw-requestid
R8w1GiepDoEEMrw=
cf-cache-status
DYNAMIC
cf-ray
84991a6a580818f5-FRA
content-encoding
br
content-type
text/html
date
Mon, 22 Jan 2024 16:16:45 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QBgTYTT8SSpYC9EYoQRvb2%2B7Rn8RgJqGhPhPA4gaTje6g%2BQfb1Ygqhjy7Mt6QXnOqIv6VHkbEDpEsFikHeg3qSxdzunIEOMGZtZsGxr%2FGJTxNfgi0k%2FH7y5M3ZlruS5DWlZYIz7SSCRU4QGDRdB1B43mJMDFxnxz"}],"group":"cf-nel","max_age":604800}
server
cloudflare
contact
www.bwin.de/en/mobileportal/ Frame 58E3 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.bwin.de/en/mobileportal/contact?wm=5322937
Requested by
Host: c.nsmedia-advertising.com
URL: https://c.nsmedia-advertising.com/entain-bwin-de/DE?l=239cff6f-3b7d-4c69-a210-880bf0602ea4&token=512f9a0d-02bf-4d7f-b151-46f4e52f51af&country=DE&region=undefined&ref=&path=aHR0cHM6Ly9jb2x1bmFkb2ZsYS5jb20v&url=aHR0cHM6Ly93d3cuYndpbi5kZS9lbi9tb2JpbGVwb3J0YWwvY29udGFjdD93bT01MzIyOTM3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.28.137 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-src *
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://c.nsmedia-advertising.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache
cf-cache-status
DYNAMIC
cf-ray
84991a6b4fd13aa2-FRA
content-encoding
br
content-security-policy
frame-src *
content-type
text/html; charset=utf-8
date
Mon, 22 Jan 2024 16:16:45 GMT
expires
Mon, 22 Jan 2024 16:16:45 GMT
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
server-timing
vanilla;dur=148.3656
strict-transport-security
max-age=2592000
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
dc_oe=ChMI0dvQurLxgwMVGuURCB1TIgeDEAAYACDI0uhaQhMI0422urLxgwMVLs-7CB39LgYk;dc_eps=AHas8cCMqVp1sgW0GXUIXQWqFHecYtdKW_Ol8MHelYVbKRuJgrs6WSPYf-rVbeKjUMxAI0NI9eYJn9g;met=1;&timestamp=1705940205338;eid1...
ade.googlesyndication.com/ddm/activity/ Frame B57D 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI0dvQurLxgwMVGuURCB1TIgeDEAAYACDI0uhaQhMI0422urLxgwMVLs-7CB39LgYk;dc_eps=AHas8cCMqVp1sgW0GXUIXQWqFHecYtdKW_Ol8MHelYVbKRuJgrs6WSPYf-rVbeKjUMxAI0NI9eYJn9g;met=1;&timestamp=1705940205338;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 16:16:45 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMIuLSEu7LxgwMVV0P2CB3HIQOQEAAYACCAwaJbQhMIy-rGurLxgwMV9u27CB3i8AvV;dc_eps=AHas8cDCej3NtA_3XX-CFSSmXUNRtStoNntxvqRC0epgkklAFf81vO-nQRg3KXn4EfgetBXuA9za5nA;met=1;&timestamp=1705940206070;eid1...
ade.googlesyndication.com/ddm/activity/ Frame 5422 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIuLSEu7LxgwMVV0P2CB3HIQOQEAAYACCAwaJbQhMIy-rGurLxgwMV9u27CB3i8AvV;dc_eps=AHas8cDCej3NtA_3XX-CFSSmXUNRtStoNntxvqRC0epgkklAFf81vO-nQRg3KXn4EfgetBXuA9za5nA;met=1;&timestamp=1705940206070;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 16:16:46 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
b1t-eudc1.zemanta.com/t/video/complete/S5X5ZPWQJEWLXQXWO376MD7XHY53UNQVDRN2VBMELMPYZH3BILSR4A73GIYTASXNW5FZWL2LP4U7LASSKOVBI3K27XA4GW7XBMYZPY4MF27OQKHD3NWT6MMHHVMLQJLPN2HNCHB75ODDQBAIX56NNXVTS3W6PX... Frame 2A88 		0
0
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 2A88 		0
0
csi
csi.gstatic.com/ Frame 2A88 		0
0
colunadofla_11431.js
ads.vidoomy.com/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.vidoomy.com/colunadofla_11431.js
Requested by
Host: tags.juicebarads.com
URL: https://tags.juicebarads.com/js/colunadofla.js?cachebust=1705940192201
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.133.85.98 -, , ASN (),
Reverse DNS
Software
Apache/2.4.54 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33 / PHP/7.0.33
Resource Hash
05563cef2249b05003b3b5a327b4cdbd03f6c51b026995bd857712371413b602

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://colunadofla.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 Jan 2024 16:16:46 GMT
Server
Apache/2.4.54 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33
X-Powered-By
PHP/7.0.33
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Connection
Keep-Alive
Keep-Alive
timeout=2, max=300
Content-Length
2584
ads
securepubads.g.doubleclick.net/gampad/ 		158 KB
44 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=294181521280792&correlator=331221524920723&eid=31080584%2C31080521%2C31079724&output=ldjh&gdfp_req=1&vrg=202401170101&ptt=17&impl=fifs&iu_parts=21715141650%3A22515816402%2Ccolunadofla.com&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x250&ifi=11&didk=2335549179&sfv=1-0-40&sc=1&cookie=ID%3D4c3a249bd5b78a8a%3AT%3D1705940193%3ART%3D1705940193%3AS%3DALNI_MYDAVEIsb3uESj_zEVJgOheuM-d2g&gpic=UID%3D00000d4791202854%3AT%3D1705940193%3ART%3D1705940193%3AS%3DALNI_MZ3b9m_LhKYiupcKmCnZBuxYAsElQ&abxe=1&dt=1705940206160&lmt=1705940206&adxs=307&adys=6054&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=5&ucis=b&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fcolunadofla.com%2F&vis=1&psz=1600x-1&msz=1600x-1&fws=4&ohw=1600&ga_vid=1599854402.1705940192&ga_sid=1705940193&ga_hid=759708928&ga_fc=true&dlt=1705940191519&idt=916&prev_scp=site%3Dcolunadofla%26place%3Dslider-video&cust_params=Version%3D1.02%26Estilos-de-Vida%3Dna%26Interesses%3Dna%26Times-de-Futebol%3Dna%26Renda%3Dna%26Micro-Segmentos%3Dna%26Audiencias%3Dna%26Equipamentos%3Dna%26Faixa-Etaria%3Dna%26Genero%3Dna&adks=2545855778&frm=20&eo_id_str=ID%3D8023e89718981db4%3AT%3D1705940193%3ART%3D1705940193%3AS%3DAA-AfjYfxisHrswccW7TFhfLDh8l
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401170101/pubads_impl.js?cb=31080521
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
56a5537922108a136b902e889d8f654cd4ecbd20af988e6e7719c5d00a5ab021
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://colunadofla.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 16:16:46 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
44862
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://colunadofla.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
vidoomy-player.js
vpaid.vidoomy.com/player/latest/ 		332 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vpaid.vidoomy.com/player/latest/vidoomy-player.js
Requested by
Host: ads.vidoomy.com
URL: https://ads.vidoomy.com/colunadofla_11431.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::18 -, , ASN (),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
8ea45c13252367fc259c1471f58c262fe44818caa0dc456e55bcad63efc357e8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://colunadofla.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Mon, 22 Jan 2024 16:16:46 GMT
content-encoding
gzip
x-age-lb
872563
x-amz-request-id
tx00000e68a15d44d1989e3-0065a1447b-2bc58ec-prg
x-77-cache
HIT
x-amz-storage-class
STANDARD
x-accel-date
1705067643
x-77-nzt
A5ySIYs3Nzf/c1ANACUTwjE3Nzf/AAAAAFm7vKnNuIcA
x-accel-expires
@1706104443
x-77-age
872563
x-cache-lb
HIT
last-modified
Fri, 12 Jan 2024 13:54:01 GMT
server
CDN77-Turbo
x-amz-meta-s3cmd-attrs
atime:1705067639/ctime:1705067639/gid:114/gname:jenkins/md5:82df382054c7e3ca9f321e2b166db612/mode:33188/mtime:1705067639/uid:108/uname:jenkins
etag
W/"82df382054c7e3ca9f321e2b166db612"
x-77-nzt-ray
cf878727080a9934ee94ae653bc45a22
vary
Accept-Encoding, Accept-Encoding
content-type
text/plain
access-control-allow-origin
*
x-rgw-object-type
Normal
access-control-allow-credentials
true
timing-allow-origin
*
sync
x.bidswitch.net/ 		43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=vidoomy&user_id=459806380.058083831968687559.7694733
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.214.149.91 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://colunadofla.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 22 Jan 2024 16:16:46 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
sync.php
pixel.rubiconproject.com/exchange/ 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-vidoomy
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://colunadofla.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
1f4afaf10c6b5898421df1cdca3fc7f5
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
container.html
48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 91BB 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401170101/pubads_impl.js?cb=31080521
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://colunadofla.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
13
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 22 Jan 2024 16:16:33 GMT
expires
Tue, 21 Jan 2025 16:16:33 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
4b0ef9dfa83525e0607f42119c034d23.js
www.gstatic.com/mysidia/ Frame 2D59 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/4b0ef9dfa83525e0607f42119c034d23.js?tag=client_fast_engine_2019
Requested by
Host: colunadofla.com
URL: https://colunadofla.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
97c530c44249746307c2b01b37eed0f53757d139bc4243798f468c71da9844da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 17:14:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
428517
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4079
x-xss-protection
0
last-modified
Thu, 11 Jan 2024 22:51:41 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Tue, 16 Apr 2024 17:14:49 GMT
9e7d3f247d8b0aa5115615da07ecb571.js
www.gstatic.com/mysidia/ Frame 2D59 		42 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/9e7d3f247d8b0aa5115615da07ecb571.js?tag=html5_display_upload/html5_exit_api
Requested by
Host: colunadofla.com
URL: https://colunadofla.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
44f6db744eeb76ff8647b8791179a3f7d92e9a8a4a0e339d907b0c4b2869224c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 18:10:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
425172
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16673
x-xss-protection
0
last-modified
Thu, 11 Jan 2024 04:29:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Tue, 16 Apr 2024 18:10:34 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame 2D59 		2 KB
833 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: colunadofla.com
URL: https://colunadofla.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 18:29:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
78449
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795
x-xss-protection
0
server
cafe
etag
4925184154378345226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 04 Feb 2024 18:29:17 GMT
e9e356ec41155b008235c83648cb19be.js
www.gstatic.com/mysidia/ Frame 2D59 		23 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/e9e356ec41155b008235c83648cb19be.js?tag=exit_2019
Requested by
Host: colunadofla.com
URL: https://colunadofla.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d233ae3f0c2b48dc6f71e32ad7e23ba5e1d64b59af7e8d5592375d14887f3e97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 18:10:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
425172
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9775
x-xss-protection
0
last-modified
Sat, 13 Jan 2024 00:04:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Tue, 16 Apr 2024 18:10:34 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/ Frame 2D59 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/abg_lite_fy2021.js
Requested by
Host: colunadofla.com
URL: https://colunadofla.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 09:41:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
23692
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9276
x-xss-protection
0
server
cafe
etag
3558958386372919956
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 05 Feb 2024 09:41:54 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame 2D59 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/window_focus_fy2021.js
Requested by
Host: colunadofla.com
URL: https://colunadofla.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 09:41:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
23721
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 05 Feb 2024 09:41:25 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame 2D59 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: colunadofla.com
URL: https://colunadofla.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 18:29:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
78449
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8492
x-xss-protection
0
server
cafe
etag
9878124937798820110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 04 Feb 2024 18:29:17 GMT
l
www.google.com/ads/measurement/ Frame 2D59 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTiXH2JtP7XqblkllVKMl090wi7wwKBiFYnGU2c1lxMkOz-7Xi6PrQySDzlvXttsVSFeNYGlv6G8E925TX-xOF6SILxww
Requested by
Host: colunadofla.com
URL: https://colunadofla.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 2D59 		206 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: colunadofla.com
URL: https://colunadofla.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 16:16:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66453
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1705495733332172"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 22 Jan 2024 16:16:46 GMT
4cee352c918c506f58256258d534a665.js
www.gstatic.com/mysidia/ Frame 2D59 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/4cee352c918c506f58256258d534a665.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: colunadofla.com
URL: https://colunadofla.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e6b20a1535a6d3ca3d7a611ae199a6f4b464e0b67b450379ed43a7ef3e66957c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 17:10:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
428763
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15452
x-xss-protection
0
last-modified
Sat, 13 Jan 2024 00:04:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Tue, 16 Apr 2024 17:10:43 GMT
index.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3267810564073031531/ Frame 7C52 		88 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3267810564073031531/index.html
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/9e7d3f247d8b0aa5115615da07ecb571.js?tag=html5_display_upload/html5_exit_api
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9b059c3e4037c4cc0176dfa1ef99f324dceb6d45a11fc2059e44f7a6049b092b
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
281762
allow-fenced-frame-automatic-beacons
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
18863
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
cross-origin-resource-policy
cross-origin
date
Fri, 19 Jan 2024 10:00:44 GMT
expires
Sat, 18 Jan 2025 10:00:44 GMT
last-modified
Wed, 27 Jul 2022 15:37:40 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 8D46 		1 KB
649 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com
URL: https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
83162
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 21 Jan 2024 17:10:44 GMT
etag
48472445140208031
expires
Mon, 22 Jan 2024 17:10:44 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 2D59 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9b9b05f6766e37df8d46ec386fdd949e27c6ed1d762fec3fa670b558fc484743

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/png
Enabler.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 7C52 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3267810564073031531/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3267810564073031531/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 20:29:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
71226
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5660
x-xss-protection
0
server
cafe
etag
544157900006238945
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Mon, 22 Jan 2024 20:29:40 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 7C52 		34 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3267810564073031531/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3267810564073031531/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 19:07:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
76167
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13035
x-xss-protection
0
server
cafe
etag
2319883687766034370
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Mon, 22 Jan 2024 19:07:19 GMT
dpixel
cms.quantserve.com/ Frame 8D46 		35 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEO-Fkj_nYo9sJxUHHD7TdSI&google_cver=1&google_push=AXcoOmRrsJen_HX3WiRKK5qfYtPwLRsRXg1HYZkU1mxjnpwKpvsueX8xaoMDeIXNJAzYh97W608kCwvo091ebFi1yAkZFYGhTHB-Ehw
Requested by
Host: 48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com
URL: https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:7eb1:3826:be7e:d981 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 16:16:46 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 8D46 		0
174 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEPJHeICpqssKkqCm9F61bqs&google_cver=1&google_push=AXcoOmTy5kMdNEKibKa9UHMRHW6v443V5zGsch36LU-9V4-0um9EYDXHAMQli7zle-DPQW1qWEwM4tpBMTdsNgr65wUoj68dnY62vA
Requested by
Host: 48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com
URL: https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.105.8 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 16:16:46 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pixel
cm.g.doubleclick.net/ Frame 8D46
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESELSWbRvwaruo9rah2OlfStg&google_cver=1&google_push=AXcoOmRTbhG4GbBB0zMYVW0p-tKVoZduyvlFJCwRUvlvPjnQZAokHHVf0oQUeN-_Hnzfutic7b0Ipoef...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESELSWbRvwaruo9rah2OlfStg&google_cver=1&google_push=AXcoOmRTbhG4GbBB0zMYVW0p-tKVoZduyvlFJCwRUvlvPjnQZAokHHVf0oQUeN-_Hnzfutic7b0...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTY3MTk5MjU2NjQ2ODg5NzE3&google_push=AXcoOmRTbhG4GbBB0zMYVW0p-tKVoZduyvlFJCwRUvlvPjnQZAokHHVf0oQUeN-_Hnzfutic7b0Ipoef...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTY3MTk5MjU2NjQ2ODg5NzE3&google_push=AXcoOmRTbhG4GbBB0zMYVW0p-tKVoZduyvlFJCwRUvlvPjnQZAokHHVf0oQUeN-_Hnzfutic7b0IpoefG5apAbYXUnHpYDoxWNhWOPA
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 16:16:47 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 22 Jan 2024 16:16:47 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTY3MTk5MjU2NjQ2ODg5NzE3&google_push=AXcoOmRTbhG4GbBB0zMYVW0p-tKVoZduyvlFJCwRUvlvPjnQZAokHHVf0oQUeN-_Hnzfutic7b0IpoefG5apAbYXUnHpYDoxWNhWOPA
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame 8D46
Redirect Chain
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESELnhxrpRzFhM__XprZkoV18&google_cver=1&google_push=AXcoOmSo1Lbn5L98lU93WJtM0VQWIIq2MpCIqoCRFJA5b7HJAq0USk62q13g4WzI4CWSC2_3T0S7ZUwc0Zm9m...
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESELnhxrpRzFhM__XprZkoV18&google_push=AXcoOmSo1Lbn5L98lU93WJtM0VQWIIq2MpCIqoCRFJA5b7HJAq0USk62q13g4WzI4CWSC2_3T0S7ZUwc0Zm9m...
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmSo1Lbn5L98lU93WJtM0VQWIIq2MpCIqoCRFJA5b7HJAq0USk62q13g4WzI4CWSC2_3T0S7ZUwc0Zm9m3V1a_Wb7wuZ3bfrAIc&google_hm=cmttWmtpY2RLa2g4e...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmSo1Lbn5L98lU93WJtM0VQWIIq2MpCIqoCRFJA5b7HJAq0USk62q13g4WzI4CWSC2_3T0S7ZUwc0Zm9m3V1a_Wb7wuZ3bfrAIc&google_hm=cmttWmtpY2RLa2g4eGxaZGJmTEk=
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 16:16:47 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 22 Jan 2024 16:16:47 GMT
Content-Type
text/html; charset=utf-8
Location
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmSo1Lbn5L98lU93WJtM0VQWIIq2MpCIqoCRFJA5b7HJAq0USk62q13g4WzI4CWSC2_3T0S7ZUwc0Zm9m3V1a_Wb7wuZ3bfrAIc&google_hm=cmttWmtpY2RLa2g4eGxaZGJmTEk=
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
239
Expires
Thu, 01 Dec 1994 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 8D46
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEO6bSV2MtZzStihMViXr8IA&google_cver=1&google_push=AXcoOmRvSoWpZ7wXp8h6PIyAOrfTfe47iV_xxiIkaWz1ORbSuPepFoDMEscNo_Gni3IlybU7jE4O6gPJAgyJlOP...
  • https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=E7_xoKAeWlp-KcPAGLya59ly14M&google_push=AXcoOmRvSoWpZ7wXp8h6PIyAOrfTfe47iV_xxiIkaWz1ORbSuPepFoDMEscNo_Gni3IlybU7jE4O6gPJAgyJlO...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=E7_xoKAeWlp-KcPAGLya59ly14M&google_push=AXcoOmRvSoWpZ7wXp8h6PIyAOrfTfe47iV_xxiIkaWz1ORbSuPepFoDMEscNo_Gni3IlybU7jE4O6gPJAgyJlOP0sFyV0l6_361g3_0
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 16:16:47 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=E7_xoKAeWlp-KcPAGLya59ly14M&google_push=AXcoOmRvSoWpZ7wXp8h6PIyAOrfTfe47iV_xxiIkaWz1ORbSuPepFoDMEscNo_Gni3IlybU7jE4O6gPJAgyJlOP0sFyV0l6_361g3_0
Date
Mon, 22 Jan 2024 16:16:47 GMT
Connection
keep-alive
Content-Length
245
Content-Type
text/html; charset=utf-8
attr
cm.g.doubleclick.net/pixel/ Frame 8D46 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JkfkIcCI5kqijdCjHmYLkaIa2LP8IqOdOfu7C1Z6uyhkSEJJjqTq1NsMg
Requested by
Host: 48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com
URL: https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 16:16:46 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
/
www.googleadservices.com/pagead/ar-adview/ Frame 2D59
Redirect Chain
  • https://securepubads.g.doubleclick.net/pagead/adview?ai=CMFx_7pSuZeeYDceH7_UPl7yLwAqY09S3dYr26ui5EWQQASDmsPlnYJWSmoKsB6ABlvm10QPIAQmpAhbsStpbRrI-4AIAqAMByANIqgSpAk_QeMMLXzGrWSGsSoeuajYtvPA1HUtfSsdy...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%223039794733200396493%22,%22debug_reporting%22:true,%22destination%22:%22https://suzuki.de%22,%22event_report_window%22:%222...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%223039794733200396493%22,%22debug_reporting%22:true,%22destination%22:%22https://suzuki.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22976059542%22],%2222%22:[%22true%22],%224%22:[%2201-22%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2212152161893216858385%22}&andc=true
Protocol
H3
Server
142.250.186.98 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 16:16:47 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"debug_key":"3039794733200396493","debug_reporting":true,"destination":"https://suzuki.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["976059542"],"22":["true"],"4":["01-22"],"6":["true"]},"priority":"500","source_event_id":"12152161893216858385"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
null
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 22 Jan 2024 16:16:47 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Mon, 22 Jan 2024 16:16:47 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"3039794733200396493","debug_reporting":true,"destination":"https://suzuki.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["976059542"],"22":["true"],"4":["01-22"],"6":["true"]},"priority":"500","source_event_id":"12152161893216858385"}&andc=true
access-control-allow-origin
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
adview
securepubads.g.doubleclick.net/pagead/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CMFx_7pSuZeeYDceH7_UPl7yLwAqY09S3dYr26ui5EWQQASDmsPlnYJWSmoKsB6ABlvm10QPIAQmpAhbsStpbRrI-4AIAqAMByANIqgSpAk_QeMMLXzGrWSGsSoeuajYtvPA1HUtfSsdy7qOiyddXdeEME2bK-0poC4ubCisp2DT6zqNfe8MxysLONIWIsGO9gPSXrujJjQnrXh9A4bSn9mCKT7peg8cinLv6mVfSIcZzvo4KQwGzmv_4pHt09jUPag1DzdFn8HkfwlytCqOBGJE0ZcgIVITk_GEhocSTnhuNwE35sKcC26qcGDwUmQ9jgSVY5oNrl1zxQCgFmut_BQeL4q8qPdILGwrILzdjORJKOzn5ijIaOAkyWg-rji4UREtYgBBT6JYwTjAKiROP360gpmfH6bxU7RyAm2nMXMoc47sazoiUKOmh_rfuWaTGPOi_a7PSIVKzcaUEJFHBegqnpV1nH4KDvyFFsHXNfszfOprYjnOfgcAE0s_j75AE4AQBiAW1hoHVSZIFBAgEGAGSBQQIBRgEoAYugAfShsouqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyBwQQpYcE0ggfCIDhgBAQARgdMgKqAjoCgEBIvf3BOljdi_6_svGDA5oJRWh0dHBzOi8vYXV0by5zdXp1a2kuZGUvbW9kZWxsZS9zd2lmdC9zdXp1a2ktc3dpZnQtNS10dWVyZXIvcHJvYmVmYWhydIAKAcgLAaIMCCoGCgSsurEC4g0TCIS8_r-y8YMDFcfDuwgdF94CqNgTDogUAdAVAZgWAYAXAbIXHgocCAASFHB1Yi02MjAxODM2OTY5NDI0OTg2GJHzbA&sigh=ZnNfQahABrM&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSOwAvHhf__Tls8HSZPRszytXhFeWQ_4801MdBVWAYlUk2aUwTGWoioCnuJnXaVjvuZ0Kn0DGG-NoYJAE-GAE&template_id=419&cbvp=2&vis=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Mon, 22 Jan 2024 16:16:46 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
i_I7gtk5u389ZGUJiYlLngBTR4no54KgcGkAXYvtCUw.js
pagead2.googlesyndication.com/bg/ Frame D99D 		51 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/i_I7gtk5u389ZGUJiYlLngBTR4no54KgcGkAXYvtCUw.js
Requested by
Host: 48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com
URL: https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8bf23b82d939bb7f3d64650989894b9e00534789e8e782a07069005d8bed094c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 02:17:03 GMT
content-encoding
br
x-content-type-options
nosniff
age
482383
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19704
x-xss-protection
0
last-modified
Mon, 15 Jan 2024 09:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 16 Jan 2025 02:17:03 GMT
i_I7gtk5u389ZGUJiYlLngBTR4no54KgcGkAXYvtCUw.js
pagead2.googlesyndication.com/bg/ Frame 7C52 		51 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/i_I7gtk5u389ZGUJiYlLngBTR4no54KgcGkAXYvtCUw.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8bf23b82d939bb7f3d64650989894b9e00534789e8e782a07069005d8bed094c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 02:17:03 GMT
content-encoding
br
x-content-type-options
nosniff
age
482383
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19704
x-xss-protection
0
last-modified
Mon, 15 Jan 2024 09:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 16 Jan 2025 02:17:03 GMT
logo.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3267810564073031531/ Frame 7C52 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3267810564073031531/logo.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eece101072f56e4f8310173b57df0fe30a4a022ebdd7ed2842a5440ddd041d61
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3267810564073031531/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Sat, 18 Jan 2025 23:03:14 GMT
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Fri, 19 Jan 2024 23:03:14 GMT
x-content-type-options
nosniff
age
234812
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1058
x-xss-protection
0
last-modified
Wed, 27 Jul 2022 15:37:40 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
headline_end.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3267810564073031531/ Frame 7C52 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3267810564073031531/headline_end.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6fdc8e3711ec8a92eab0c0b0c6cab132a32952f82120505f5232ccbbaf58f6a4
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3267810564073031531/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Sat, 18 Jan 2025 23:03:14 GMT
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Fri, 19 Jan 2024 23:03:14 GMT
x-content-type-options
nosniff
age
234812
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2167
x-xss-protection
0
last-modified
Wed, 27 Jul 2022 15:37:40 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
cta.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3267810564073031531/ Frame 7C52 		876 B
909 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3267810564073031531/cta.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
089e272d2ab92086fb22f6645e11108f328fc655f35f29cab15da20e37c0e968
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3267810564073031531/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Sat, 18 Jan 2025 10:00:44 GMT
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Fri, 19 Jan 2024 10:00:44 GMT
x-content-type-options
nosniff
age
281762
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
876
x-xss-protection
0
last-modified
Wed, 27 Jul 2022 15:37:40 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
people_2.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3267810564073031531/ Frame 7C52 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3267810564073031531/people_2.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7e2f86ad6ec72057d9f2637a493fd57baf8119fc0eaab5cba162f69a1e6fe966
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3267810564073031531/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Sat, 18 Jan 2025 10:00:44 GMT
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Fri, 19 Jan 2024 10:00:44 GMT
x-content-type-options
nosniff
age
281762
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13543
x-xss-protection
0
last-modified
Wed, 27 Jul 2022 15:37:40 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
people_1.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3267810564073031531/ Frame 7C52 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3267810564073031531/people_1.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
28c3c870b108de44515202b00add27b8b61bd8c0daea633f5948ef748dbd2c15
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3267810564073031531/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Tue, 21 Jan 2025 10:39:58 GMT
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Mon, 22 Jan 2024 10:39:58 GMT
x-content-type-options
nosniff
age
20208
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13567
x-xss-protection
0
last-modified
Wed, 27 Jul 2022 15:37:40 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
subline_2.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3267810564073031531/ Frame 7C52 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3267810564073031531/subline_2.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6331962d9a394637b13f868a1a8444fbf6493822f7f22ecaf50b4d873cebd000
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3267810564073031531/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Sat, 18 Jan 2025 23:03:14 GMT
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Fri, 19 Jan 2024 23:03:14 GMT
x-content-type-options
nosniff
age
234812
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1527
x-xss-protection
0
last-modified
Wed, 27 Jul 2022 15:37:40 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
subline_1.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3267810564073031531/ Frame 7C52 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3267810564073031531/subline_1.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
891434a53c2259333f992e7e3407dec9b5ec0749d2a8b1de71df30372f158fbe
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3267810564073031531/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Sat, 18 Jan 2025 10:00:44 GMT
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Fri, 19 Jan 2024 10:00:44 GMT
x-content-type-options
nosniff
age
281762
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1600
x-xss-protection
0
last-modified
Wed, 27 Jul 2022 15:37:40 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
copy.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3267810564073031531/ Frame 7C52 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3267810564073031531/copy.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d2b8eb4b25026dc28297e5e4bee3e730ef23b32543bf1ab99065a01864d141de
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3267810564073031531/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Sat, 18 Jan 2025 10:00:44 GMT
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Fri, 19 Jan 2024 10:00:44 GMT
x-content-type-options
nosniff
age
281762
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1403
x-xss-protection
0
last-modified
Wed, 27 Jul 2022 15:37:40 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
headline.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3267810564073031531/ Frame 7C52 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3267810564073031531/headline.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0875475a32cdebb10f70bee3abe4f59d6a68e78306e8f2c5d52e690d2707267d
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3267810564073031531/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Sat, 18 Jan 2025 10:00:44 GMT
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Fri, 19 Jan 2024 10:00:44 GMT
x-content-type-options
nosniff
age
281762
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3004
x-xss-protection
0
last-modified
Wed, 27 Jul 2022 15:37:40 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
car_model.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3267810564073031531/ Frame 7C52 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3267810564073031531/car_model.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dca2dc88a2515ffb2f30233d21ed04de2c4356b198c1a52d02dbaf333f152c27
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3267810564073031531/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Sat, 18 Jan 2025 23:03:14 GMT
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Fri, 19 Jan 2024 23:03:14 GMT
x-content-type-options
nosniff
age
234812
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1339
x-xss-protection
0
last-modified
Wed, 27 Jul 2022 15:37:40 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
rectangle.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3267810564073031531/ Frame 7C52 		77 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3267810564073031531/rectangle.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fb916d5dc89b0b14ce223fc59fb3cd122bc3cd97405689e3805acbdb12f3ef7c
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3267810564073031531/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Sat, 18 Jan 2025 10:00:44 GMT
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Fri, 19 Jan 2024 10:00:44 GMT
x-content-type-options
nosniff
age
281762
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
x-xss-protection
0
last-modified
Wed, 27 Jul 2022 15:37:40 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
background.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3267810564073031531/ Frame 7C52 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3267810564073031531/background.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e880270c612e1660acce59b0cc54b0b3a9cdc5ac2772002a38fd13025ec30785
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3267810564073031531/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Sat, 18 Jan 2025 10:00:44 GMT
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Fri, 19 Jan 2024 10:00:44 GMT
x-content-type-options
nosniff
age
281762
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16518
x-xss-protection
0
last-modified
Wed, 27 Jul 2022 15:37:40 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
/
www.googleadservices.com/pagead/ar-adview/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%223039794733200396493%22,%22debug_reporting%22:true,%22destination%22:%22https://suzuki.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22976059542%22],%2222%22:[%22true%22],%224%22:[%2201-22%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2212152161893216858385%22}&andc=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
null
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Mon, 22 Jan 2024 16:16:47 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
DE
c.nsmedia-advertising.com/stakecom/ Frame E12F 		616 B
746 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c.nsmedia-advertising.com/stakecom/DE?l=91415f86-0c2d-45ad-98fb-f81df7f55862&token=512f9a0d-02bf-4d7f-b151-46f4e52f51af&country=DE&region=undefined&ref=&path=aHR0cHM6Ly9jb2x1bmFkb2ZsYS5jb20v&url=aHR0cHM6Ly9zdGFrZS5jb20vP2M9NmRhY2FjMzdmYw==
Requested by
Host: scripts.nsn-server.xyz
URL: https://scripts.nsn-server.xyz/js/d2d1f42b6e8c57a17c3ec9ec1874f1fb.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
7156463940940f05c469ec58036a8b1ce3e2056ddae69f97f78aebee81a797de

Request headers

Referer
https://colunadofla.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
apigw-requestid
R8w1dj2-joEEPQQ=
cf-cache-status
DYNAMIC
cf-ray
84991a772e348236-IAD
content-encoding
br
content-type
text/html
date
Mon, 22 Jan 2024 16:16:47 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=72Ho%2BDiJnEU1NnZ6WPA098lSZ5Ll%2Btemwo78DmNqnfoIRQZZySMJSScoMNh3epoZOnwaA%2BcMaWQpeelo5zWk%2BdU40tdoeRklHCwVuNYIyg6%2F32LUWjF2deMLh5bVsHvvaFSSXkPos5w5oH0Fki8Wa4Yt8ghX5cgF"}],"group":"cf-nel","max_age":604800}
server
cloudflare
/
stake.com/ Frame 78DD 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://stake.com/?c=6dacac37fc
Requested by
Host: c.nsmedia-advertising.com
URL: https://c.nsmedia-advertising.com/stakecom/DE?l=91415f86-0c2d-45ad-98fb-f81df7f55862&token=512f9a0d-02bf-4d7f-b151-46f4e52f51af&country=DE&region=undefined&ref=&path=aHR0cHM6Ly9jb2x1bmFkb2ZsYS5jb20v&url=aHR0cHM6Ly9zdGFrZS5jb20vP2M9NmRhY2FjMzdmYw==
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.150.27 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://c.nsmedia-advertising.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-mitigated
challenge
cf-ray
84991a79ed874516-TXL
content-encoding
br
content-type
text/html; charset=UTF-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
same-origin
date
Mon, 22 Jan 2024 16:16:47 GMT
expires
Thu, 01 Jan 1970 00:00:01 GMT
origin-agent-cluster
?1
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy
same-origin
server
cloudflare
strict-transport-security
max-age=63072000; preload
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
get
ad.vidoomy.com/api/adserver/ad/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ad.vidoomy.com/api/adserver/ad/get?data=ZG9tYWluPWNvbHVuYWRvZmxhLmNvbSZmb3JtYXQ9MSZ1PTVlMjk1MDczLWI2OGMtNDFkYy04YTdmLThlOTY2ZjQ3MzBlZiZ6b25lSWQ9MTIzMDkmbG9vcD0wJmNhbGxUeXBlPXJvdW5kJnB2ZXJzaW9uPTMuNi4xJnNpdGVVcmw9aHR0cHMlM0ElMkYlMkZjb2x1bmFkb2ZsYS5jb20lMkYma2V5d29yZHM9
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.36.83.215 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-transfer-encoding,vidoomy-brandlift
Access-Control-Request-Method
GET
Origin
https://colunadofla.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
content-transfer-encoding,vidoomy-brandlift
Access-Control-Allow-Methods
HEAD,GET,POST,PUT,DELETE,PATCH,OPTIONS
Access-Control-Allow-Origin
https://colunadofla.com
Access-Control-Expose-Headers
X-VD-C
Connection
keep-alive
Content-Length
0
Date
Mon, 22 Jan 2024 16:16:48 GMT
Server
nginx
get
ad.vidoomy.com/api/adserver/ad/ 		7 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.vidoomy.com/api/adserver/ad/get?data=ZG9tYWluPWNvbHVuYWRvZmxhLmNvbSZmb3JtYXQ9MSZ1PTVlMjk1MDczLWI2OGMtNDFkYy04YTdmLThlOTY2ZjQ3MzBlZiZ6b25lSWQ9MTIzMDkmbG9vcD0wJmNhbGxUeXBlPXJvdW5kJnB2ZXJzaW9uPTMuNi4xJnNpdGVVcmw9aHR0cHMlM0ElMkYlMkZjb2x1bmFkb2ZsYS5jb20lMkYma2V5d29yZHM9
Requested by
Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.36.83.215 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
d9d9e42433a607aeb8a6aeabd9d1194c81c1d1ee641fdb72653e8ec42a16f577

Request headers

Referer
https://colunadofla.com/
Content-Transfer-Encoding
base64
vidoomy-brandlift
W10=
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 22 Jan 2024 16:16:48 GMT
Server
nginx
Access-Control-Allow-Methods
HEAD,GET,POST,PUT,DELETE,PATCH,OPTIONS
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
https://colunadofla.com
Access-Control-Expose-Headers
X-VD-C
Access-Control-Allow-Credentials
true
Content-Transfer-Encoding
base64
Connection
keep-alive
Access-Control-Allow-Headers
*
Content-Length
7472
11822513
api.attentionxyz.com/api/event/ Frame 4C61 		2 B
17 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.attentionxyz.com/api/event/11822513
Requested by
Host: attentionxyz.com
URL: https://attentionxyz.com/160-3c6e1570/amt.js?tagLabel=Dept_Agency_cm360&attrAdvertiser=11822513&attrCampaign=31208750&attrSite=7847497&attrPlacement=385568821&attrCreative=208026589&attrAd=576600420&attr1=%edclid!&attr2=j
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.222.118 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
118.222.117.34.bc.googleusercontent.com
Software
/
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Accepts
application/json
Referer
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/
Amt-Event
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJrZXkiOiJhbXQtcHJvZCJ9.8dotrQPk6rXdTZUfYiTmmCx3BKBZ0ngS9huOY_9Rk9s
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 22 Jan 2024 16:16:48 GMT
via
1.1 google
vary
Origin
content-type
text/html
access-control-allow-origin
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
11822513
api.attentionxyz.com/api/event/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.attentionxyz.com/api/event/11822513
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.222.118 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
118.222.117.34.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
accepts,amt-event,content-type
Access-Control-Request-Method
POST
Origin
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
accepts,amt-event,content-type
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Mon, 22 Jan 2024 16:16:48 GMT
vary
Origin, Access-Control-Request-Headers
via
1.1 google
swfIndex.php
ads.stickyadstv.com/www/delivery/ 		67 B
416 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=7439281&_fw_us_privacy=&schain=1.0%2C1!vidoomy.com%2C52453%2C1%2C97527655624020343881492419615%2C%2C&_fw_gdpr=0&_fw_gdpr_consent=
Requested by
Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
2607:ae80:4::26 , United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://colunadofla.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 Jan 2024 16:16:48 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://colunadofla.com
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
x-sticky-vk
1705940208751041-550
7585793
ads.stickyadstv.com/vast/vpaid-adapter/ 		832 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/vast/vpaid-adapter/7585793?supportsJavascript=true&supportsFlash=true&_fw_us_privacy=&schain=1.0%2C1!vidoomy.com%2C52453%2C1%2C97527655624020343881492419615%2C%2C&_fw_gdpr=0&_fw_gdpr_consent=
Requested by
Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
2607:ae80:4::26 , United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software
nginx /
Resource Hash
77cb1878bbed73b5a5ce48dcd4689d950dfbb69cd27b0596ae5648417bd261f7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://colunadofla.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 Jan 2024 16:16:48 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin
https://colunadofla.com
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
x-sticky-vk
1705940208765030-551
swfIndex.php
ads.stickyadstv.com/www/delivery/ 		0
328 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=33730156&_fw_us_privacy=&schain=1.0%2C1!vidoomy.com%2C52453%2C1%2C97527655624020343881492419615%2C%2C&_fw_gdpr=0&_fw_gdpr_consent=&playerSize=400x225&loc=https%3A%2F%2Fcolunadofla.com%2F
Requested by
Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
2607:ae80:4::26 , United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://colunadofla.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 Jan 2024 16:16:48 GMT
x-sticky-debug
Request blocked, limitation reached
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://colunadofla.com
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
ad
v.lkqd.net/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1189502&output=vastvpaid&support=html5&execution=any&placement=&playinit=auto&volume=0&width=400&height=225&dnt=&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fcolunadofla.com%2F
Requested by
Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.20.43.192 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
c0b07404833da90a0b086ad69e7adc6d4d2b2d6298b57d2baa43dd9c94055f28

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://colunadofla.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 16:16:49 GMT
content-encoding
gzip
server
nginx
content-type
application/xml; charset=UTF-8
access-control-allow-origin
https://colunadofla.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
1306
rtb
a.vidoomy.com/api/rtbserver/ 		0
365 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.vidoomy.com/api/rtbserver/rtb?id=161512&w=400&h=225&skip=1&req_type=1&ip=217.114.215.131&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F120.0.6099.224%20Safari%2F537.36&l=en-US&dt=2&c=DE&pid=52453&sid=12309&sname=colunadofla.com_12309&d=colunadofla.com&sp=https%3A%2F%2Fcolunadofla.com%2F&coppa=&gdpr=0&gdprcs=&vpaid=1
Requested by
Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.36.83.246 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://colunadofla.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 22 Jan 2024 16:16:49 GMT
Server
nginx
Access-Control-Allow-Methods
HEAD,GET,POST,PUT,DELETE,PATCH,OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
https://colunadofla.com
Access-Control-Expose-Headers
X-VD-C
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
*
pixel
cm.g.doubleclick.net/
Redirect Chain
  • https://vidoomy-d.openx.net/v/1.0/av?auid=559614560&url=https%3A%2F%2Fcolunadofla.com%2F&cb=832558&vwd=400&vht=225&schain=1.0%2C1!vidoomy.com%2C52453%2C1%2C97527655624020343881492419615%2C%2C&gdpr=...
  • https://vidoomy-d.openx.net/v/1.0/av?cc=1&auid=559614560&url=https%3A%2F%2Fcolunadofla.com%2F&cb=832558&vwd=400&vht=225&schain=1.0%2C1!vidoomy.com%2C52453%2C1%2C97527655624020343881492419615%2C%2C&...
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NGE0Njc4ZTUtNmQwMS02NzZkLTRkZDQtOGEyOWE0OTczZTQ4
0
0
vast.xml
optimized-by.rubiconproject.com/a/api/ 		28 B
307 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://optimized-by.rubiconproject.com/a/api/vast.xml?account_id=24386&site_id=473012&zone_id=2804598&size_id=275&p_aso.video.protocols=2,5,3,6,7,8,11,12,13,14&p_aso.video.maxduration=250&p_aso.video.mimes=video/3gpp,video/mp4,video/webm,video/x-flv&p_aso.video.playbackmethod=2&rp_schain=1.0%2C1!vidoomy.com%2C52453%2C1%2C97527655624020343881492419615%2C%2C&gdpr=0&gdpr_consent=
Requested by
Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.75.149.24 -, , ASN (),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
460cbcd29fb15c6c3e3819b5e810c1c5237714eb894fe1f02fe47e74dd55ebbf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://colunadofla.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Wed, 17 Sep 1975 21:32:10 GMT
pragma
no-cache
date
Mon, 22 Jan 2024 16:16:48 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://colunadofla.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
28
x-http2-stream-id
20539
33787225
ads.stickyadstv.com/vast/vpaid-adapter/ 		833 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/vast/vpaid-adapter/33787225?_fw_gdpr=0&_fw_us_privacy=&_fw_gdpr_consent=&schain=1.0%2C1!vidoomy.com%2C52453%2C1%2C97527655624020343881492419615%2C%2C
Requested by
Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
2607:ae80:4::26 , United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software
nginx /
Resource Hash
35be1ebb43bed842807451baa451ce5ce858501724e712d008295d0044af80e9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://colunadofla.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 Jan 2024 16:16:48 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin
https://colunadofla.com
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
x-sticky-vk
1705940208741092-523
vast.xml
optimized-by.rubiconproject.com/a/api/ 		28 B
307 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://optimized-by.rubiconproject.com/a/api/vast.xml?account_id=24386&site_id=473012&zone_id=2804598&size_id=203&p_aso.video.protocols=2,5,3,6,7,8,11,12&p_aso.video.maxduration=250&p_aso.video.mimes=%22application/javascript%22,%22video/3gpp%22,%22video/mp4%22,%22video/webm%22,%22video/x-flv%22&p_aso.video.playbackmethod=2&p_aso.video.api=2,7,8,9&rp_schain=1.0%2C1!vidoomy.com%2C52453%2C1%2C97527655624020343881492419615%2C%2C&gdpr=0&gdpr_consent=
Requested by
Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.75.149.24 -, , ASN (),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
d06c733ba42b81cd66c7fcaabc75b51c59292cdbccdcfb6a88bf2b57d262047b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://colunadofla.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Wed, 17 Sep 1975 21:32:10 GMT
pragma
no-cache
date
Mon, 22 Jan 2024 16:16:48 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://colunadofla.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
28
x-http2-stream-id
30405
tag
4cywq-eqnre.ads.tremorhub.com/ad/
Redirect Chain
  • https://4cywq-eqnre.ads.tremorhub.com/ad/tag?adCode=4cywq-vgm1t&playerWidth=400&playerHeight=225&srcPageUrl=https%3A%2F%2Fcolunadofla.com%2F&gdpr=0&gdpr_consent=&cb=773538&schain=1.0%2C1!vidoomy.co...
  • https://4cywq-eqnre.ads.tremorhub.com/ad/tag?adCode=4cywq-vgm1t&playerWidth=400&playerHeight=225&srcPageUrl=https%3A%2F%2Fcolunadofla.com%2F&gdpr=0&gdpr_consent=&cb=773538&schain=1.0%2C1!vidoomy.co...
119 B
507 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://4cywq-eqnre.ads.tremorhub.com/ad/tag?adCode=4cywq-vgm1t&playerWidth=400&playerHeight=225&srcPageUrl=https%3A%2F%2Fcolunadofla.com%2F&gdpr=0&gdpr_consent=&cb=773538&schain=1.0%2C1!vidoomy.com%2C52453%2C1%2C97527655624020343881492419615%2C%2C&_tur=T
Protocol
H2
Server
2a05:d018:1914:d700:cc0:d4c3:f0a9:6185 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
5616a6e1823b43919f7d1a33817cccfa1d9f30c9f10f2deb00d9c3671f91d5f0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://colunadofla.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 16:16:49 GMT
content-encoding
gzip
server
nginx
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
access-control-allow-origin
https://colunadofla.com
content-type
text/xml;charset=UTF-8
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-tremorvideo-status
NO_AD

Redirect headers

location
https://4cywq-eqnre.ads.tremorhub.com/ad/tag?adCode=4cywq-vgm1t&playerWidth=400&playerHeight=225&srcPageUrl=https%3A%2F%2Fcolunadofla.com%2F&gdpr=0&gdpr_consent=&cb=773538&schain=1.0%2C1!vidoomy.com%2C52453%2C1%2C97527655624020343881492419615%2C%2C&_tur=T
access-control-allow-origin
https://colunadofla.com
date
Mon, 22 Jan 2024 16:16:48 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
/
adx.adform.net/adx/ 		160 B
818 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?mid=970530&t=2&url=https%3A%2F%2Fcolunadofla.com%2F&schain=1.0%2C1!vidoomy.com%2C52453%2C1%2C97527655624020343881492419615%2C%2C&w=400&h=225
Requested by
Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.26 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
d6c3e0f4f8533e47221612354bde6bc71605720a6bcc5f2a10a53bf4665f1930
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://colunadofla.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 16:16:48 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma
no-cache
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS
content-type
text/xml
access-control-allow-origin
https://colunadofla.com
access-control-max-age
86400
access-control-allow-credentials
true
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
vadtag.html
vpaid.pubmatic.com/ads/video/ 		1014 B
865 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=5285205&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0=&gdpr_consent=&kadpageurl=https%3A%2F%2Fcolunadofla.com%2F&cb=176262&schain=1.0%2C1!vidoomy.com%2C52453%2C1%2C97527655624020343881492419615%2C%2C
Requested by
Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
b8ec1febceb168d619f0eac5f43af9904a412487d3ea68663733c98aa6e07638

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://colunadofla.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 16:16:48 GMT
content-encoding
gzip
server
Apache
etag
"23da-5f762218eccb9-gzip"
vary
Origin, Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://colunadofla.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
629
expires
Mon, 22 Jan 2024 16:16:48 GMT
357265
vid.springserve.com/vast/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.springserve.com/vast/357265?w=400&h=225&cb=494604&url=https%3A%2F%2Fcolunadofla.com%2F&schain=1.0%2C1!vidoomy.com%2C52453%2C1%2C97527655624020343881492419615%2C%2C
Requested by
Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.210.46 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
9ead9370a81a011602258defc1010f1b2ff6e2ad18d9a6f6e968c70bb2d4b0a9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://colunadofla.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin
https://colunadofla.com
date
Mon, 22 Jan 2024 16:16:48 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/xml
vast.xml
optimized-by.rubiconproject.com/a/api/ 		28 B
308 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://optimized-by.rubiconproject.com/a/api/vast.xml?account_id=24386&site_id=416676&zone_id=2350390&size_id=201&p_aso.video.protocols=2,5,3,6,7,8,11,12,13,14&p_aso.video.maxduration=30&p_aso.video.playbackmethod=2&p_aso.video.api=2&gdpr=0&gdpr_consent=&rp_schain=1.0%2C1!vidoomy.com%2C52453%2C1%2C97527655624020343881492419615%2C%2C&tg_c.language=en-US&width=400&height=225
Requested by
Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.75.149.24 -, , ASN (),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
460cbcd29fb15c6c3e3819b5e810c1c5237714eb894fe1f02fe47e74dd55ebbf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://colunadofla.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Wed, 17 Sep 1975 21:32:10 GMT
pragma
no-cache
date
Mon, 22 Jan 2024 16:16:48 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://colunadofla.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
28
x-http2-stream-id
79729
715072
vid.springserve.com/vast/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.springserve.com/vast/715072?w=400&h=225&cb=362143&url=https%3A%2F%2Fcolunadofla.com%2F&schain=1.0%2C1!vidoomy.com%2C52453%2C1%2C97527655624020343881492419615%2C%2C
Requested by
Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.210.46 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
d47902916fe30415fa8729f980052b6051eb690f5dbd961ab4bf237336bdd5b3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://colunadofla.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin
https://colunadofla.com
date
Mon, 22 Jan 2024 16:16:48 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/xml
av
vidoomy-d.openx.net/v/1.0/
Redirect Chain
  • https://vidoomy-d.openx.net/v/1.0/av?auid=559614560&url=https%3A%2F%2Fcolunadofla.com%2F&cb=832558&vwd=400&vht=225&schain=1.0%2C1!vidoomy.com%2C52453%2C1%2C97527655624020343881492419615%2C%2C&gdpr=...
  • https://vidoomy-d.openx.net/v/1.0/av?cc=1&auid=559614560&url=https%3A%2F%2Fcolunadofla.com%2F&cb=832558&vwd=400&vht=225&schain=1.0%2C1!vidoomy.com%2C52453%2C1%2C97527655624020343881492419615%2C%2C&...
48 B
78 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vidoomy-d.openx.net/v/1.0/av?cc=1&auid=559614560&url=https%3A%2F%2Fcolunadofla.com%2F&cb=832558&vwd=400&vht=225&schain=1.0%2C1!vidoomy.com%2C52453%2C1%2C97527655624020343881492419615%2C%2C&gdpr=0&gdpr_consent=
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://colunadofla.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 16:16:48 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept-Encoding
content-type
text/xml
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://colunadofla.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date
Mon, 22 Jan 2024 16:16:48 GMT
via
1.1 google
server
OXGW/0.0.0
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://vidoomy-d.openx.net/v/1.0/av?cc=1&auid=559614560&url=https%3A%2F%2Fcolunadofla.com%2F&cb=832558&vwd=400&vht=225&schain=1.0%2C1!vidoomy.com%2C52453%2C1%2C97527655624020343881492419615%2C%2C&gdpr=0&gdpr_consent=
access-control-allow-origin
https://colunadofla.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
DE
c.nsmedia-advertising.com/unibet-32red/ Frame 5686 		678 B
739 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c.nsmedia-advertising.com/unibet-32red/DE?l=aefbab6b-ab68-4aa8-a4e1-e71c61963eac&token=512f9a0d-02bf-4d7f-b151-46f4e52f51af&country=DE&region=undefined&ref=&path=aHR0cHM6Ly9jb2x1bmFkb2ZsYS5jb20v&url=aHR0cHM6Ly9iMS50cmlja3lyb2NrLmNvbS9yZWRpcmVjdC5hc3B4P3BpZD03NDQ0NDAyMSZiaWQ9MjE3NzU=
Requested by
Host: scripts.nsn-server.xyz
URL: https://scripts.nsn-server.xyz/js/d2d1f42b6e8c57a17c3ec9ec1874f1fb.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
2511835e10bf832171c1f0444d0d055248c0facecfd6215000f3eff87703b99e

Request headers

Referer
https://colunadofla.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
apigw-requestid
R8w1viUrjoEEQtw=
cf-cache-status
DYNAMIC
cf-ray
84991a83aa328236-IAD
content-encoding
br
content-type
text/html
date
Mon, 22 Jan 2024 16:16:49 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xmF42%2BPaAlWfMWkjrYIVe9waOrlilEFwXDkty4Gub8YrI88dwIvceR2%2FU9dl6z8RvT9nCj2P2F7nrOGRpZDeZ0hxMUObAqr%2Bcr8GRZ3wfJlRftm5E6Nj7NDKwqXwu%2Bh3WYCaRS9vjKV05JsLh0s73dRn%2FlbjefVx"}],"group":"cf-nel","max_age":604800}
server
cloudflare
11822513
api.attentionxyz.com/api/event/ Frame 4C61 		2 B
17 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.attentionxyz.com/api/event/11822513
Requested by
Host: attentionxyz.com
URL: https://attentionxyz.com/160-3c6e1570/amt.js?tagLabel=Dept_Agency_cm360&attrAdvertiser=11822513&attrCampaign=31208750&attrSite=7847497&attrPlacement=385568821&attrCreative=208026589&attrAd=576600420&attr1=%edclid!&attr2=j
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.222.118 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
118.222.117.34.bc.googleusercontent.com
Software
/
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Accepts
application/json
Referer
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/
Amt-Event
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJrZXkiOiJhbXQtcHJvZCJ9.8dotrQPk6rXdTZUfYiTmmCx3BKBZ0ngS9huOY_9Rk9s
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 22 Jan 2024 16:16:49 GMT
via
1.1 google
vary
Origin
content-type
text/html
access-control-allow-origin
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
11822513
api.attentionxyz.com/api/event/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.attentionxyz.com/api/event/11822513
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.222.118 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
118.222.117.34.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
accepts,amt-event,content-type
Access-Control-Request-Method
POST
Origin
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
accepts,amt-event,content-type
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Mon, 22 Jan 2024 16:16:49 GMT
vary
Origin, Access-Control-Request-Headers
via
1.1 google
vpaid-adapter.min.js
cdn.stickyadstv.com/mustang/ Frame 3CF3 		446 KB
113 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Requested by
Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:11::215:14d8 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
2587c21e92433883573fb9a7d23f3219f7263fb61cc36e0cedc4dec4a3841b6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://colunadofla.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 22 Jan 2024 16:16:49 GMT
Content-Encoding
gzip
Last-Modified
Thu, 06 Jul 2023 01:58:31 GMT
ETag
"64a61fc7-6f992"
X-Cache-Status
MISS
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=68798, 7200
Access-Control-Allow-Credentials
true
Connection
keep-alive, Transfer-Encoding
Accept-Ranges
bytes
Expires
Tue, 23 Jan 2024 11:23:27 GMT
campaign.do
www.unibet.com/stan/ Frame D3DE
Redirect Chain
  • https://b1.trickyrock.com/redirect.aspx?pid=74444021&bid=21775
  • https://www.unibet.com/stan/campaign.do?cmpId=2582340&affiliateId=1&unibetTarget=/eng-int/sportsbook/multi-sports/index.html&targetDomain=https://welcome.unibet.com&btag=81765197_5AC82A9B681E4F25AB...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.unibet.com/stan/campaign.do?cmpId=2582340&affiliateId=1&unibetTarget=/eng-int/sportsbook/multi-sports/index.html&targetDomain=https://welcome.unibet.com&btag=81765197_5AC82A9B681E4F25AB212B63ECFDF86D&affiliateId=1&pid=74444021&bid=21775
Requested by
Host: c.nsmedia-advertising.com
URL: https://c.nsmedia-advertising.com/unibet-32red/DE?l=aefbab6b-ab68-4aa8-a4e1-e71c61963eac&token=512f9a0d-02bf-4d7f-b151-46f4e52f51af&country=DE&region=undefined&ref=&path=aHR0cHM6Ly9jb2x1bmFkb2ZsYS5jb20v&url=aHR0cHM6Ly9iMS50cmlja3lyb2NrLmNvbS9yZWRpcmVjdC5hc3B4P3BpZD03NDQ0NDAyMSZiaWQ9MjE3NzU=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
85.184.96.28 -, , ASN (),
Reverse DNS
Software
kindred-loadbalancer /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
Strict-Transport-Security max-age=63072000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://c.nsmedia-advertising.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-security-policy
default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
content-type
text/html
date
Mon, 22 Jan 2024 16:16:49 GMT
etag
W/"65ae555c-1676c3"
last-modified
Mon, 22 Jan 2024 11:45:32 GMT
server
kindred-loadbalancer
strict-transport-security
max-age=63072000; preload
vary
Accept-Encoding
x-browser-class
A
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-ooops-debug
/500-pages/www.unibet.com/index.html
x-os-class
M
x-xss-protection
1; mode=block

Redirect headers

access-control-expose-headers
Request-Context
cache-control
private,no-cache, no-store
content-length
0
content-type
text/html
date
Mon, 22 Jan 2024 16:16:49 GMT
location
https://www.unibet.com/stan/campaign.do?cmpId=2582340&affiliateId=1&unibetTarget=/eng-int/sportsbook/multi-sports/index.html&targetDomain=https://welcome.unibet.com&btag=81765197_5AC82A9B681E4F25AB212B63ECFDF86D&affiliateId=1&pid=74444021&bid=21775
p3p
CP="This is not a P3P policy! It is used to bypass IEs problematic handling of cookies"
pragma
no-cache
request-context
appId=cid-v1:83ffbda4-9458-475e-90ec-4427cfb5c3b0
x-aspnet-version
4.0.30319
x-azure-ref
20240122T161649Z-1sc72q2b592shf695vg6dbkbts000000034g000000003smp
x-cache
CONFIG_NOCACHE
bandwidth-test-25ko
cdn.stickyadstv.com/mustang/ Frame 3CF3 		0
0
stv
match.prod.bidr.io/cookie-sync/
Redirect Chain
  • https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null&gpp_string=&gpp_sid=
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=3a9c19184d5ea072f5e6556cc8626083&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7b...
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=uml280d_7326969544838784390&gdpr=0&gdpr_consent=null
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=M2E5YzE5MTg0ZDVlYTA3MmY1ZTY1NTZjYzg2MjYwODM=&gdpr=0&gdpr_consent=null
  • https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEMmCp3KNgEr-gNj5ws9H1oI&google_cver=1&gdpr=0&gdpr_consent=null
  • https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=null
  • https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=null&_bee_ppp=1
23 B
23 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=null&_bee_ppp=1
Protocol
HTTP/1.1
Server
52.209.222.107 -, , ASN (),
Reverse DNS
Software
gunicorn /
Resource Hash
b74e7c9dbf57703b7b6bde0f9ef962837d00c74dfd9c5560e88ba61ea47a456b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://colunadofla.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 22 Jan 2024 16:16:50 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
23
content-type
text/plain

Redirect headers

location
https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=null&_bee_ppp=1
Date
Mon, 22 Jan 2024 16:16:50 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
/
ads.stickyadstv.com/additional-scripts/ Frame 3CF3 		301 B
606 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/additional-scripts/?zoneId=7585793&loc=https%3A%2F%2Fcolunadofla.com%2F
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
2607:ae80:4::26 , United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software
nginx /
Resource Hash
64a14c1566ed5e882e60ea9d6e3722949c5767823cd23dc1244503991661dc27

Request headers

Accept
application/xml, text/xml
Referer
https://colunadofla.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 Jan 2024 16:16:49 GMT
Server
nginx
Transfer-Encoding
chunked
Access-Control-Allow-Origin
https://colunadofla.com
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
x-sticky-vk
1705940209662058-530
swfIndex.php
ads.stickyadstv.com/www/delivery/ Frame 3CF3 		67 B
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?zoneId=7585793&_fw_us_privacy=&_fw_gdpr=0&schain=1.0%2C1!vidoomy.com%2C52453%2C1%2C97527655624020343881492419615%2C%2C&_fw_gdpr_consent=&vav=22bc7324ba5080a26267df128f331705&vaviv=04ea109f0be95008d594d9aba47233fa&reqType=AdsSetup&protocolVersion=2.0&mustangVersion=1.12.8.1&focus=true&percentViewable=0&componentId=vpaid-adapter&loc=https%3A%2F%2Fcolunadofla.com%2F&playerSize=400x225&supportsFlash=false&supportsJavascript=true
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
2607:ae80:4::26 , United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
application/xml, text/xml
Referer
https://colunadofla.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 Jan 2024 16:16:49 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://colunadofla.com
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
x-sticky-vk
1705940209722013-509
pixel
cm.g.doubleclick.net/
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=M2E5YzE5MTg0ZDVlYTA3MmY1ZTY1NTZjYzg2MjYwODM=&gdpr=0&gdpr_consent=&_fw_gdpr=0&_fw_gdpr_consent=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=M2E5YzE5MTg0ZDVlYTA3MmY1ZTY1NTZjYzg2MjYwODM=&gdpr=0&gdpr_consent=&_fw_gdpr=0&_fw_gdpr_consent=
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://colunadofla.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 16:16:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 22 Jan 2024 16:16:49 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=M2E5YzE5MTg0ZDVlYTA3MmY1ZTY1NTZjYzg2MjYwODM=&gdpr=0&gdpr_consent=&_fw_gdpr=0&_fw_gdpr_consent=
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1705940209717053-523
ecm3
s.amazon-adsystem.com/
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent=
  • https://s.amazon-adsystem.com/ecm3?id=3a9c19184d5ea072f5e6556cc8626083&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=&_fw_gdpr=0&_fw_gdpr_consent=
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=3a9c19184d5ea072f5e6556cc8626083&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=&_fw_gdpr=0&_fw_gdpr_consent=
Protocol
HTTP/1.1
Server
52.46.155.104 -, , ASN (),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://colunadofla.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 Jan 2024 16:16:50 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
RAVZZ15FT5AFW58V6WB7
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 22 Jan 2024 16:16:49 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://s.amazon-adsystem.com/ecm3?id=3a9c19184d5ea072f5e6556cc8626083&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=&_fw_gdpr=0&_fw_gdpr_consent=
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1705940209742012-514
7585793
ads.stickyadstv.com/vast/vpaid-adapter/ 		832 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/vast/vpaid-adapter/7585793?supportsJavascript=true&supportsFlash=true&_fw_us_privacy=&schain=1.0%2C1!vidoomy.com%2C52453%2C1%2C97527655624020343881492419615%2C%2C&_fw_gdpr=0&_fw_gdpr_consent=
Requested by
Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
2607:ae80:4::26 , United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software
nginx /
Resource Hash
5dc4e95bb80ec44783c7c39a5ae1fcf7a4bf67350c289a342b6596b89e409db8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://colunadofla.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 Jan 2024 16:16:49 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin
https://colunadofla.com
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
x-sticky-vk
1705940209783023-598
swfIndex.php
ads.stickyadstv.com/www/delivery/ 		67 B
416 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=33730156&_fw_us_privacy=&schain=1.0%2C1!vidoomy.com%2C52453%2C1%2C97527655624020343881492419615%2C%2C&_fw_gdpr=0&_fw_gdpr_consent=&playerSize=400x225&loc=https%3A%2F%2Fcolunadofla.com%2F
Requested by
Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
2607:ae80:4::26 , United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://colunadofla.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 Jan 2024 16:16:49 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://colunadofla.com
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
x-sticky-vk
1705940209906000-570
swfIndex.php
ads.stickyadstv.com/www/delivery/ 		0
328 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=7439281&_fw_us_privacy=&schain=1.0%2C1!vidoomy.com%2C52453%2C1%2C97527655624020343881492419615%2C%2C&_fw_gdpr=0&_fw_gdpr_consent=
Requested by
Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
2607:ae80:4::26 , United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://colunadofla.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 Jan 2024 16:16:50 GMT
x-sticky-debug
Request blocked, limitation reached
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://colunadofla.com
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
collect
t.clarity.ms/ 		0
295 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.clarity.ms/collect
Requested by
Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.114.189.70 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://colunadofla.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://colunadofla.com
Date
Mon, 22 Jan 2024 16:16:50 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d
vpaid-adapter.min.js
cdn.stickyadstv.com/mustang/ Frame 5412 		446 KB
113 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Requested by
Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:11::215:14d8 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
2587c21e92433883573fb9a7d23f3219f7263fb61cc36e0cedc4dec4a3841b6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://colunadofla.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 22 Jan 2024 16:16:50 GMT
Content-Encoding
gzip
Last-Modified
Thu, 06 Jul 2023 01:58:31 GMT
ETag
"64a61fc7-6f992"
X-Cache-Status
MISS
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=68797, 7200
Access-Control-Allow-Credentials
true
Connection
keep-alive, Transfer-Encoding
Accept-Ranges
bytes
Expires
Tue, 23 Jan 2024 11:23:27 GMT
bandwidth-test-25ko
cdn.stickyadstv.com/mustang/ Frame 5412 		0
0
stv
match.prod.bidr.io/cookie-sync/
Redirect Chain
  • https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null&gpp_string=&gpp_sid=
  • https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=null
23 B
23 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=null
Protocol
HTTP/1.1
Server
52.209.222.107 -, , ASN (),
Reverse DNS
Software
gunicorn /
Resource Hash
b74e7c9dbf57703b7b6bde0f9ef962837d00c74dfd9c5560e88ba61ea47a456b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://colunadofla.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 22 Jan 2024 16:16:50 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
23
content-type
text/plain

Redirect headers

Pragma
no-cache
Date
Mon, 22 Jan 2024 16:16:50 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=null
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1705940210665040-506
/
ads.stickyadstv.com/additional-scripts/ Frame 5412 		301 B
606 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/additional-scripts/?zoneId=33787225&loc=https%3A%2F%2Fcolunadofla.com%2F
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
2607:ae80:4::26 , United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software
nginx /
Resource Hash
64a14c1566ed5e882e60ea9d6e3722949c5767823cd23dc1244503991661dc27

Request headers

Accept
application/xml, text/xml
Referer
https://colunadofla.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 Jan 2024 16:16:50 GMT
Server
nginx
Transfer-Encoding
chunked
Access-Control-Allow-Origin
https://colunadofla.com
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
x-sticky-vk
1705940210657060-590
swfIndex.php
ads.stickyadstv.com/www/delivery/ Frame 5412 		67 B
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?zoneId=33787225&_fw_gdpr=0&_fw_us_privacy=&_fw_gdpr_consent=&schain=1.0%2C1!vidoomy.com%2C52453%2C1%2C97527655624020343881492419615%2C%2C&vav=f1489d172f4d1ceacc1b66fab79ffff6&vaviv=abfe8dc9ca982529ec6519dcf2245444&reqType=AdsSetup&protocolVersion=2.0&mustangVersion=1.12.8.1&focus=true&percentViewable=0&componentId=vpaid-adapter&loc=https%3A%2F%2Fcolunadofla.com%2F&playerSize=400x225&supportsFlash=false&supportsJavascript=true
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
2607:ae80:4::26 , United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
application/xml, text/xml
Referer
https://colunadofla.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 Jan 2024 16:16:50 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://colunadofla.com
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
x-sticky-vk
1705940210622099-570
pixel
cm.g.doubleclick.net/
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=M2E5YzE5MTg0ZDVlYTA3MmY1ZTY1NTZjYzg2MjYwODM=&gdpr=0&gdpr_consent=&_fw_gdpr=0&_fw_gdpr_consent=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=M2E5YzE5MTg0ZDVlYTA3MmY1ZTY1NTZjYzg2MjYwODM=&gdpr=0&gdpr_consent=&_fw_gdpr=0&_fw_gdpr_consent=
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://colunadofla.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Jan 2024 16:16:50 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 22 Jan 2024 16:16:50 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=M2E5YzE5MTg0ZDVlYTA3MmY1ZTY1NTZjYzg2MjYwODM=&gdpr=0&gdpr_consent=&_fw_gdpr=0&_fw_gdpr_consent=
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1705940210737000-580
ecm3
s.amazon-adsystem.com/
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent=
  • https://s.amazon-adsystem.com/ecm3?id=3a9c19184d5ea072f5e6556cc8626083&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=&_fw_gdpr=0&_fw_gdpr_consent=
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=3a9c19184d5ea072f5e6556cc8626083&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=&_fw_gdpr=0&_fw_gdpr_consent=
Protocol
HTTP/1.1
Server
52.46.155.104 -, , ASN (),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://colunadofla.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 Jan 2024 16:16:50 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
BNRRS4DZJ3A2FJS4BTTH
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 22 Jan 2024 16:16:50 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://s.amazon-adsystem.com/ecm3?id=3a9c19184d5ea072f5e6556cc8626083&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=&_fw_gdpr=0&_fw_gdpr_consent=
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1705940210700030-601
11822513
api.attentionxyz.com/api/event/ Frame 4C61 		2 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.attentionxyz.com/api/event/11822513
Requested by
Host: attentionxyz.com
URL: https://attentionxyz.com/160-3c6e1570/amt.js?tagLabel=Dept_Agency_cm360&attrAdvertiser=11822513&attrCampaign=31208750&attrSite=7847497&attrPlacement=385568821&attrCreative=208026589&attrAd=576600420&attr1=%edclid!&attr2=j
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.222.118 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
118.222.117.34.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

Accepts
application/json
Referer
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com/
Amt-Event
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJrZXkiOiJhbXQtcHJvZCJ9.8dotrQPk6rXdTZUfYiTmmCx3BKBZ0ngS9huOY_9Rk9s
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 22 Jan 2024 16:16:50 GMT
via
1.1 google
vary
Origin
content-type
text/html
access-control-allow-origin
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
11822513
api.attentionxyz.com/api/event/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.attentionxyz.com/api/event/11822513
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.222.118 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
118.222.117.34.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
accepts,amt-event,content-type
Access-Control-Request-Method
POST
Origin
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
accepts,amt-event,content-type
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
https://48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Mon, 22 Jan 2024 16:16:50 GMT
vary
Origin, Access-Control-Request-Headers
via
1.1 google
33787225
ads.stickyadstv.com/vast/vpaid-adapter/ 		833 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/vast/vpaid-adapter/33787225?_fw_gdpr=0&_fw_us_privacy=&_fw_gdpr_consent=&schain=1.0%2C1!vidoomy.com%2C52453%2C1%2C97527655624020343881492419615%2C%2C
Requested by
Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
2607:ae80:4::26 , United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software
nginx /
Resource Hash
fc59ef41c60b7f255d5561bee48e359de898fbd49c52bef0b43736d9b862f002

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://colunadofla.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 Jan 2024 16:16:50 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin
https://colunadofla.com
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
x-sticky-vk
1705940210731049-562
vast.xml
optimized-by.rubiconproject.com/a/api/ 		28 B
308 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://optimized-by.rubiconproject.com/a/api/vast.xml?account_id=24386&site_id=416676&zone_id=2350390&size_id=201&p_aso.video.protocols=2,5,3,6,7,8,11,12,13,14&p_aso.video.maxduration=30&p_aso.video.playbackmethod=2&p_aso.video.api=2&gdpr=0&gdpr_consent=&rp_schain=1.0%2C1!vidoomy.com%2C52453%2C1%2C97527655624020343881492419615%2C%2C&tg_c.language=en-US&width=400&height=225
Requested by
Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.75.149.24 -, , ASN (),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
460cbcd29fb15c6c3e3819b5e810c1c5237714eb894fe1f02fe47e74dd55ebbf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://colunadofla.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Wed, 17 Sep 1975 21:32:10 GMT
pragma
no-cache
date
Mon, 22 Jan 2024 16:16:50 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://colunadofla.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
28
x-http2-stream-id
188225
vast.xml
optimized-by.rubiconproject.com/a/api/ 		28 B
307 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://optimized-by.rubiconproject.com/a/api/vast.xml?account_id=24386&site_id=473012&zone_id=2804598&size_id=275&p_aso.video.protocols=2,5,3,6,7,8,11,12,13,14&p_aso.video.maxduration=250&p_aso.video.mimes=video/3gpp,video/mp4,video/webm,video/x-flv&p_aso.video.playbackmethod=2&rp_schain=1.0%2C1!vidoomy.com%2C52453%2C1%2C97527655624020343881492419615%2C%2C&gdpr=0&gdpr_consent=
Requested by
Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.75.149.24 -, , ASN (),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
460cbcd29fb15c6c3e3819b5e810c1c5237714eb894fe1f02fe47e74dd55ebbf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://colunadofla.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Wed, 17 Sep 1975 21:32:10 GMT
pragma
no-cache
date
Mon, 22 Jan 2024 16:16:51 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://colunadofla.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
28
x-http2-stream-id
74373
vast.xml
optimized-by.rubiconproject.com/a/api/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
sync.search.spotxchange.com
URL
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESECTNZ2feq2tOOqU9chLyOO0&google_cver=1
Domain
sync.search.spotxchange.com
URL
https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID
Domain
b1t-eudc1.zemanta.com
URL
https://b1t-eudc1.zemanta.com/t/video/complete/S5X5ZPWQJEWLXQXWO376MD7XHY53UNQVDRN2VBMELMPYZH3BILSR4A73GIYTASXNW5FZWL2LP4U7LASSKOVBI3K27XA4GW7XBMYZPY4MF27OQKHD3NWT6MMHHVMLQJLPN2HNCHB75ODDQBAIX56NNXVTS3W6PXSGTNEVB6YPOX2JCRRQIRN7AULALBVMSZWEONIMHVCYR656QI7GDGREJ5LHSZD6XJTKAUYBHFLWJAT33VOTOU2DLY2D2SJ7FZM5RIK22NXYZ4EAQFKCQU2WUJZJDS3MUZP5S36XRS6RHPBE4Z5BUWVAL55POL76AYID7R7BSFHJUPWJQEPXPURBANLMD2775WC3BNOKAPAM6BSISWEVHBCYSZHEUEYNIOYY/?
Domain
googleads.g.doubleclick.net
URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CiSzc45SuZY38FcHd1PIPqcSfkAupjsflcuDWzamNEsCNtwEQASAAYJWqs4LAB4IBHWNhLXZpZGVvLXB1Yi04MTcwOTY2NTM4MTUyNTQzyAEF4AIAqAMBmAQAqgSgAk_QrLZrbWpJkjHDvR0waejsxaK9_H0yG_58g3LnAlvax-lKhFGJM1N5e1HeGA-1ZMy6yQWoeftgRYQooQYoCn3MTHTSDrQO4h5vpkl_WQdkhhLgDDOih8O4GWIuDGKPNTaSjTI2ZHwKNLBx02RvFKVu78kxAP4klLgPakUWJ77JQSQziKaUHp9lpLUWR76SQNhtfdDsz5ks4nj7_q74_sLO7PKj9M_9dpTO4NpCgLda_zbR8eacZ2-V39V-nYtf_PY31BUOEsIqoEIJktAGyPqs5_WN99gRrinJvrqHrjVDGUy_h0GFvAgS3W6qZkRzLbms64_cylUU00t_cQEEApwVoE7NmSNlqR1-74OHK85ixPqnexHdEeNFo10u9-Z8vOAEAYAGj_2K-qPj1a9WoAYqqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WIH05rqy8YMD-gsCCAGADAHiDRMIuLrnurLxgwMVwS5VCB0p4gey0BUBgBcB&sigh=0tSNIJZcia4&label=videoplaytime100&ad_mt=0&sdkv=h.3.613.0&vci=CosBCAESGHB1YmFkcy5nLmRvdWJsZWNsaWNrLm5ldBoLQWRTZW5zZS9BZFggBCoTNjIyMzc4ODk4MDI5MTQxOTc5MUDBBFIiEAQlAAAgQSgBOgd1bmtub3duQgd1bmtub3duSPcBUABgAloiZG91YmxlY2xpY2tieWdvb2dsZS5jb20tb21pZC12aWRlbxgB
Domain
csi.gstatic.com
URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=4~lrp4qvwi&c=7075895314372&slotId=3537947657186&qqid=CM356Lqy8YMDFcEuVQgdKeIHsg&gqid=45SuZai_E__41PIPoty9wAE&fb=ima_html5-lima&sdkv=h.3.613.0&ppt=google%2Fcodepen-demo-&ppv=1.0.0&mrd=4&aab=1&itv=1&uet=2&rec=loaded-1%7Cshow_ad-1%7CcreativeView-1%7Cstart-1%7Cimpression-1%7Cmeasurable_impression-1%7CfirstQuartile-1%7Cmidpoint-1%7CthirdQuartile-1%7Ccomplete-1%7Cstop-1
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NGE0Njc4ZTUtNmQwMS02NzZkLTRkZDQtOGEyOWE0OTczZTQ4
Domain
cdn.stickyadstv.com
URL
https://cdn.stickyadstv.com/mustang/bandwidth-test-25ko?cachebuster=1705940209688
Domain
cdn.stickyadstv.com
URL
https://cdn.stickyadstv.com/mustang/bandwidth-test-25ko?cachebuster=1705940210674
Domain
optimized-by.rubiconproject.com
URL
https://optimized-by.rubiconproject.com/a/api/vast.xml?account_id=24386&site_id=473012&zone_id=2804598&size_id=203&p_aso.video.protocols=2,5,3,6,7,8,11,12&p_aso.video.maxduration=250&p_aso.video.mimes=%22application/javascript%22,%22video/3gpp%22,%22video/mp4%22,%22video/webm%22,%22video/x-flv%22&p_aso.video.playbackmethod=2&p_aso.video.api=2,7,8,9&rp_schain=1.0%2C1!vidoomy.com%2C52453%2C1%2C97527655624020343881492419615%2C%2C&gdpr=0&gdpr_consent=

Verdicts & Comments Add Verdict or Comment

263 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| dataLayer function| gtag object| _wpemojiSettings object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| googletag function| onYouTubeIframeAPIReady object| gaGlobal function| $ function| jQuery object| a2a_config object| a2a_localize object| rest_config function| check_instagram_cache function| fetch_and_cache_instagram_count object| objectL10n object| helper function| YOPPollBasicScrollToMessage function| YOPPollSendBasicVoteWithReCaptchaV2Invisible object| YOPPollReCaptchaElements object| YOPPollHCaptchaElements function| YOPPollOnLoadRecaptcha function| YOPPollOnLoadHCaptcha object| wpp_params object| WordPressPopularPosts object| rest_api_conf object| wsluFrontObj function| xs_social_sharer object| cnArgs function| documentInitOneSignal function| OneSignal object| script function| clarity object| gaplugins object| gaData object| a2a function| a2a_init object| _google_rum_ns_ object| google_persistent_state_async number| google_global_correlator object| google_js_reporting_queue function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList number| google_srt object| google object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$companion_ad_selection_settings object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_rendering_settings object| ima object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error_event object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_event object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_manager_loaded_event object| goog object| ggeac object| webpackChunkcoluna_do_fla object| Popper function| b2a function| a2b function| ai_load_cookie function| ai_get_cookie function| ai_set_cookie object| $jscomp function| ai_process_elements object| targetNode object| config function| ai_adsense_callback object| observer object| Arrive function| ai_process_element_lists function| getAllUrlParams function| ai_process_element function| b64e function| b64d object| ai_front undefined| Cookies function| AiCookies function| ai_check_block function| ai_check_and_insert_block function| ai_get_cookie_text function| ai_insert function| ai_insert_code function| ai_insert_list_code function| ai_insert_viewport_code function| ai_insert_adsense_fallback_codes function| ai_insert_code_by_class function| ai_insert_client_code boolean| ai_process_elements_active function| MobileDetect function| ai_run_713077988569 boolean| ai_js_code function| ai_document_write string| selector_string function| YOPPollBasicIsFacebookBrowser function| YOPPollBasicGetPollCookieData function| YOPPollBasicGetCookieData function| YOPPollBasicSetCookieData function| YOPPollBasicIsResultsShowPercentages function| YOPPollBasicIsResultsShowVotes function| YOPPollBasicGetClassForColumns function| YopPollBasicShowResultsForTextQuestion function| YopPollBasicLoadBuiltInCaptcha function| YOPPollBasicLoadReCaptchaV2Invisible function| YOPPollBasicLoadHCaptcha function| YOPPollReCaptchaFilled function| YOPPollSendBasicVote function| YOPPollBasicUpdateToken function| ai_process_rotation function| ai_process_single_rotation function| ai_process_rotations function| ai_process_rotations_in_element function| ai_process_lists function| ai_process_ip_addresses object| twemoji object| wp undefined| google_measure_js_timing number| __oneSignalSdkLoadCount object| _oneSignalInitOptions function| __jp0 function| _0x3775 function| _0x3680 function| _0x404c boolean| NSNLoader object| NSN object| jbaMaps function| addSize function| createSizeMapping function| getSizesToPrebid function| getBrowserName function| detectDeviceType function| insertDiv function| getOSName function| createElementWithAttributes function| injectElement function| TrackingHelper object| jbaBannersHome object| jbaBannersCategoria object| jbaBannersPost object| jbaSpotConfig function| AfterMarket function| insertBanners undefined| networksAdUnit boolean| bannerIsEureka object| style object| arrAdunits object| slots string| scriptVersion function| ouller function| runAds function| tailGPTKeyValues function| jbaInsHeader function| outOfPages function| insertAdSense function| modalAdRewarded function| loadScript function| displayModalAdRewarded function| atingiuNumeroVisitaEspecifica function| premioResgatado function| setCookie function| getCookie function| insertAndConfigurePrebid function| prebid function| displayThirdAd object| data object| refreshCounts object| impressionCounters function| GPTLoaded function| isInViewport function| createElementsSticky function| positionInsertAdjacentElement string| confirmSlider function| jbaHide function| jbaShowHide function| jbaCreateDivsParQuerySelector function| afterJbaCreateDivsParQuerySelector function| jbaQuerySelector function| replaceJbaQuerySelector function| afterJbaQuerySelector function| beforeJbaQuerySelector number| contaOverlay function| jbaInsAd2 function| jbaInsAd number| meuScriptCarregado object| _ttprofilescache object| google_reactive_ads_global_state object| googlefc object| TTTagManager function| TTTagManagerError object| _ttq_tteurekaads object| dkpbjsChunk object| dkpbjs object| default_ContributorServingResponseClientJs object| _F_toggles object| __googlefc string| __fcInvoked string| __fcexpdef string| ZjkwY2YxMTBmMzMyOGQ1MGxvYWRlcl9qcw== string| ZjkwY2YxMTBmMzMyOGQ1MGNhY2hlZF9qcw== object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady number| google_unique_id string| n object| cmds object| _tteurekaads object| ttcNamespace object| _comscore object| _ttq string| nq object| _ttconversion string| version string| _ttcNamespace string| _ttqNamespace function| TTConversionBase function| ttConversionBaseE object| _ttconversionHolder object| ttqNamespace object| COMSCORE object| ns_p object| GooglebQhCsO object| GoogleGcLKhOms function| TTBase function| ttBaseE object| _ttqHolder number| __google_lidar_ function| __google_lidar_radf_ boolean| 07261338-344b-48bb-8536-6e30e9edcd18 boolean| force boolean| debug function| a0_0x13fb function| a0_0xda0f function| getScriptURL object| google_image_requests object| closure_lm_856784 object| closure_lm_776973 object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager function| arrive function| unbindArrive function| leave function| unbindLeave

63 Cookies

Domain/Path Name / Value
.colunadofla.com/ Name: _gid
Value: GA1.2.1424359539.1705940192
.colunadofla.com/ Name: _gat_gtag_UA_60738862_1
Value: 1
.onesignal.com/ Name: __cf_bm
Value: ZJUazSaF3kjIGRobNC7b1Hw16icuUo_os5E2aQDX8Ck-1705940192-1-AezD5sJCdz+8t8b6v8n4/CNIoJLpKL5aH7Ur6R/5KAZ6GPjXxw2bRpiPS9jBj66CPEU1LLfG3tTHY1PB4IDYsdo=
.ad.webads.media/ Name: uuid
Value: 11e07a6f-d972d783-65ae94e0-5782-c9a18278
www.clarity.ms/ Name: CLID
Value: 058e16a57a8d4733bdbc6a6736c93803.20240122.20250121
.colunadofla.com/ Name: _clck
Value: 1go0a60%7C2%7Cfim%7C0%7C1482
.colunadofla.com/ Name: _clsk
Value: 1vhfske%7C1705940193104%7C1%7C0%7Ct.clarity.ms%2Fcollect
.colunadofla.com/ Name: _ga_P70CXNKW5H
Value: GS1.1.1705940193.1.0.1705940193.0.0.0
.colunadofla.com/ Name: _ga
Value: GA1.1.1599854402.1705940192
.adnxs.com/ Name: receive-cookie-deprecation
Value: 1
.rubiconproject.com/ Name: khaos
Value: LRP4QTMG-J-G3Q1
.rubiconproject.com/ Name: audit
Value: 1|naVuGyos1qr0c4eKwX/zj8zzH/SUMvpGs1wMD2ZZQDLgyZJK9vs5UVORscWZ2JMfNndO8UJkHkG1EZDq2xA7yCYbB5SW5XQ3Rk/4rLqL7noijy0RC4Zd8Ri5j99IjSR+
colunadofla.com/ Name: tt_c_vmt
Value: 1705940194
colunadofla.com/ Name: tt_c_c
Value: direct
colunadofla.com/ Name: tt_c_s
Value: direct
colunadofla.com/ Name: tt_c_m
Value: direct
.colunadofla.com/ Name: _gcl_au
Value: 1.1.1593730856.1705940194
colunadofla.com/ Name: _ttuu.s
Value: 1705940193823
.doubleclick.net/ Name: IDE
Value: AHWqTUkMm5bC-mghmBjaQTza7D2InLGpGLB2P8HDVTSGyi-GxI2TEK3lSnnx5nEu
.adnxs.com/ Name: uuid2
Value: 806418147471273994
.tt-9964-3.seg.t.tailtarget.com/ Name: trk
Value: 48g4gc6Uau2UcSl8yyLFW9ZW+VCHEtE1VWrViWzM4H+XF/WHG72TXnnOj2cNdvllFb5Wh7HOAvAfuTA3vPYnyJCFEXKr5BGaJPlWnIus77A=
.t.tailtarget.com/ Name: _ssc
Value: y
.t.tailtarget.com/ Name: u
Value: fwAAAWWulOF1KQaXXQL4AgB=
.bing.com/ Name: MUID
Value: 0D74168E42E26CD418090280434E6D3F
.c.bing.com/ Name: MR
Value: 0
.c.bing.com/ Name: SRM_B
Value: 0D74168E42E26CD418090280434E6D3F
colunadofla.com/ Name: tt.u
Value: 0100007FE194AE659706297502F8025D
.casalemedia.com/ Name: CMPS
Value: 5182
.colunadofla.com/ Name: FCNEC
Value: %5B%5B%22AKsRol_kJ99Ra3ugWWgqBfktmcSHOgPMqAbteSTUmfFjID2Ha81GnCZbRCAnma4fgvjniPkYojJRPef1nRHAL0ADOzW4PmumcRBaL1hl5H9TJ8N4rueQ2ntDA-Kz2vZt7zF7Bg0BoLt3pQqWUl-G6PfAZvcSWwv0pQ%3D%3D%22%5D%5D
.c.clarity.ms/ Name: SM
Value: C
.clarity.ms/ Name: MUID
Value: 0D74168E42E26CD418090280434E6D3F
.c.clarity.ms/ Name: MR
Value: 0
.c.clarity.ms/ Name: ANONCHK
Value: 0
.casalemedia.com/ Name: CMID
Value: Za6U4ZN7oIWYpN0MSEQ1kAAA
.casalemedia.com/ Name: CMPRO
Value: 3248
.t.tailtarget.com/ Name: ttbprf
Value: ___de_1705940194133_3648182147
.t.tailtarget.com/ Name: ttc
Value: 1
.t.tailtarget.com/ Name: ttnprf
Value:
colunadofla.com/ Name: tt.nprf
Value:
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2E?esx@UG!]tb68i_iqf!oN/@E'zz<*Z0QhkHE`0TSFtBy<yBr*G.gF=W/xJ)oNl1xN./TD._*PlZ[C[-kX-Drv2m
.doubleclick.net/ Name: APC
Value: AfxxVi45dzfcvE62z7SSfJpZsI66e8B-0E0FD3nXMbBqFnvX4aryJQ
.tt-11382-4.seg.t.tailtarget.com/ Name: ttca
Value: _1705940194
.colunadofla.com/ Name: _ttdmp
Value: |LS:
.adnxs.com/ Name: XANDR_PANID
Value: AkO2PuUHgDR2amOz8eVrHkULl0FP9TkKEaiGke6ojiepuJzOUuDRQqcNdg9DtGbkHpNY5QyHJnDALsX9qunPwvE8V4XnamNYyBz4shRExoM.
.bluekai.com/ Name: bkdc
Value: phx
.bluekai.com/ Name: bkpa
Value: KJyNpWWvQY9xxBcENejNjLhjuJLrWiD6AY/k7EXHVdblIB1MJDy1krh0ujEiNjCwuzVcBbx0yYGh527A3s6J+sn3+Mzp5RYmTzKf3VSa8nEepgAoWJLjtK9cj46kYx==
.bluekai.com/ Name: bku
Value: ts6O9mmDgZP+gdGh
.tt-9964-3.seg.t.tailtarget.com/ Name: ttca
Value: CA15795,CA15771_1705940195
.doubleclick.net/ Name: DSID
Value: NO_DATA
.t.tailtarget.com/ Name: n
Value: 1705940196
.t.tailtarget.com/ Name: tp1
Value: CAESECzx4GxJdq6slsNhk3duKrA
.t.tailtarget.com/ Name: dc
Value: 1
.colunadofla.com/ Name: __eoi
Value: ID=8023e89718981db4:T=1705940193:RT=1705940193:S=AA-AfjYfxisHrswccW7TFhfLDh8l
.colunadofla.com/ Name: __gads
Value: ID=4c3a249bd5b78a8a:T=1705940193:RT=1705940193:S=ALNI_MYDAVEIsb3uESj_zEVJgOheuM-d2g
.colunadofla.com/ Name: __gpi
Value: UID=00000d4791202854:T=1705940193:RT=1705940193:S=ALNI_MZ3b9m_LhKYiupcKmCnZBuxYAsElQ
.colunadofla.com/ Name: _ga_K5T6DQS0LR
Value: GS1.1.1705940191.1.0.1705940197.54.0.0
.doubleclick.net/ Name: ar_debug
Value: 1
.redintelligence.net/ Name: 8lcfmzhxc8d6_uid
Value: fa436a80b2934d2c
.retailads.net/ Name: ppb2172
Value: 3480009841
.ads.stickyadstv.com/ Name: UID
Value: 3a9c19184d5ea072f5e6556cc8626083
.ads.stickyadstv.com/ Name: uid-bp-159
Value: 1
.office-partner.de/ Name: source
Value: {"webgains_webgains":{"timestamp":1705940197579,"clickCookie":false}}
.futalis.de/ Name: raSIDb
Value: 3480009841

24 Console Messages

Source Level URL
Text
network error URL: https://www.sofascore.com/bundles/sofascoreweb/js/bin/util/embed.min.js?ver=6.2.3
Message:
Failed to load resource: the server responded with a status of 404 ()
deprecation warning URL: https://www.clarity.ms/s/0.7.20/clarity.js(Line 1)
Message:
The keyword 'push-button' specified to an 'appearance' property is not standardized. It will be removed in the future.
rendering warning URL: https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js(Line 14)
Message:
Canvas2D: Multiple readback operations using getImageData are faster with the willReadFrequently attribute set to true. See: https://html.spec.whatwg.org/multipage/canvas.html#concept-canvas-will-read-frequently
rendering warning URL: https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js(Line 14)
Message:
Canvas2D: Multiple readback operations using getImageData are faster with the willReadFrequently attribute set to true. See: https://html.spec.whatwg.org/multipage/canvas.html#concept-canvas-will-read-frequently
rendering warning URL: https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js(Line 14)
Message:
Canvas2D: Multiple readback operations using getImageData are faster with the willReadFrequently attribute set to true. See: https://html.spec.whatwg.org/multipage/canvas.html#concept-canvas-will-read-frequently
rendering warning URL: https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js(Line 14)
Message:
Canvas2D: Multiple readback operations using getImageData are faster with the willReadFrequently attribute set to true. See: https://html.spec.whatwg.org/multipage/canvas.html#concept-canvas-will-read-frequently
rendering warning URL: https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js(Line 14)
Message:
Canvas2D: Multiple readback operations using getImageData are faster with the willReadFrequently attribute set to true. See: https://html.spec.whatwg.org/multipage/canvas.html#concept-canvas-will-read-frequently
rendering warning URL: https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js(Line 14)
Message:
Canvas2D: Multiple readback operations using getImageData are faster with the willReadFrequently attribute set to true. See: https://html.spec.whatwg.org/multipage/canvas.html#concept-canvas-will-read-frequently
rendering warning URL: https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js(Line 14)
Message:
Canvas2D: Multiple readback operations using getImageData are faster with the willReadFrequently attribute set to true. See: https://html.spec.whatwg.org/multipage/canvas.html#concept-canvas-will-read-frequently
rendering warning URL: https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js(Line 14)
Message:
Canvas2D: Multiple readback operations using getImageData are faster with the willReadFrequently attribute set to true. See: https://html.spec.whatwg.org/multipage/canvas.html#concept-canvas-will-read-frequently
security warning URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 507)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
network error URL: https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESECTNZ2feq2tOOqU9chLyOO0&google_cver=1
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://pv.medialead.de/trck/eview/e99aace94e6e58733936cdd965d03e75?subid=48099500138177804444994012577027&t=htlp&gdpr=1&consent=1&gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 500 ()
rendering warning URL: https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js(Line 14)
Message:
Canvas2D: Multiple readback operations using getImageData are faster with the willReadFrequently attribute set to true. See: https://html.spec.whatwg.org/multipage/canvas.html#concept-canvas-will-read-frequently
network error URL: https://b1.trickyrock.com/btag=81765197_35BBC6679B4D40E3A84416FDB0255F3D
Message:
Failed to load resource: the server responded with a status of 404 ()
other error URL: chrome-error://chromewebdata/
Message:
Refused to display 'https://www.bwin.de/' in a frame because it set 'X-Frame-Options' to 'sameorigin'.
javascript error URL: https://colunadofla.com/
Message:
Access to XMLHttpRequest at 'https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NGE0Njc4ZTUtNmQwMS02NzZkLTRkZDQtOGEyOWE0OTczZTQ4' (redirected from 'https://vidoomy-d.openx.net/v/1.0/av?auid=559614560&url=https%3A%2F%2Fcolunadofla.com%2F&cb=832558&vwd=400&vht=225&schain=1.0%2C1!vidoomy.com%2C52453%2C1%2C97527655624020343881492419615%2C%2C&gdpr=0&gdpr_consent=') from origin 'https://colunadofla.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NGE0Njc4ZTUtNmQwMS02NzZkLTRkZDQtOGEyOWE0OTczZTQ4
Message:
Failed to load resource: net::ERR_FAILED
security warning URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
other error URL: chrome-error://chromewebdata/
Message:
Refused to display 'https://www.unibet.com/' in a frame because it set 'X-Frame-Options' to 'sameorigin'.
network error URL: https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=null&_bee_ppp=1
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)
security warning URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
network error URL: https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=null
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff nosniff
X-Frame-Options “DENY” “DENY”
X-Xss-Protection 1; mode=block 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1f2e7.v.fwmrm.net
48ef028dddf3a4840570a474250858c6.safeframe.googlesyndication.com
4cywq-eqnre.ads.tremorhub.com
4funevyslk.execute-api.sa-east-1.amazonaws.com
5994599.fls.doubleclick.net
a.vidoomy.com
ad.doubleclick.net
ad.vidoomy.com
ad.webads.media
ade.googlesyndication.com
ads.stickyadstv.com
ads.vidoomy.com
adservice.google.com
adv.office-partner.de
adx.adform.net
analytics.webgains.io
api.attentionxyz.com
api.webgains.io
attentionxyz.com
b.t.tailtarget.com
b1-eudc1.zemanta.com
b1.trickyrock.com
b1sync.zemanta.com
b1t-eudc1.zemanta.com
bid.g.doubleclick.net
c.bing.com
c.clarity.ms
c.nsmedia-advertising.com
c1.adform.net
cdn.ampproject.org
cdn.onesignal.com
cdn.retailads.net
cdn.stickyadstv.com
cdn.track.production.webgains.team
cdnjs.cloudflare.com
cm.g.doubleclick.net
cm.t.tailtarget.com
cms.quantserve.com
colunadofla.com
colunadofla.com.br
csi.gstatic.com
d.tailtarget.com
dsum-sec.casalemedia.com
dt.adsafeprotected.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
futalis.de
fw.adsafeprotected.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
hal9000.redintelligence.net
hal900027.redintelligence.net
ib.adnxs.com
imasdk.googleapis.com
info.nsmedia-advertising.com
libs.outbrain.com
match.prod.bidr.io
onesignal.com
onetag-sys.com
optimized-by.rubiconproject.com
pagead2.googlesyndication.com
pixel.rubiconproject.com
prebid-us.creativecdn.com
prg.smartadserver.com
pubads.g.doubleclick.net
pv.medialead.de
region1.analytics.google.com
region1.google-analytics.com
rtads.s3.sa-east-1.amazonaws.com
rtb-csync.smartadserver.com
s.amazon-adsystem.com
s0.2mdn.net
sb.scorecardresearch.com
scripts.nsn-server.xyz
securepubads.g.doubleclick.net
stake.com
static.addtoany.com
static.adsafeprotected.com
stats.g.doubleclick.net
sync.search.spotxchange.com
sync.srv.stackadapt.com
sync.teads.tv
t.clarity.ms
t.tailtarget.com
tags.bluekai.com
tags.denakop.com
tags.juicebarads.com
tags.t.tailtarget.com
token.rubiconproject.com
tpc.googlesyndication.com
tr.blismedia.com
track.webgains.com
tt-11382-4.seg.t.tailtarget.com
tt-9964-3.seg.t.tailtarget.com
ups.analytics.yahoo.com
us-u.openx.net
v.lkqd.net
vid.springserve.com
vidoomy-d.openx.net
vpaid.pubmatic.com
vpaid.vidoomy.com
widgets.outbrain.com
www.bwin.de
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.google.pt
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.sofascore.com
www.unibet.com
x.bidswitch.net
zem.outbrainimg.com
b1t-eudc1.zemanta.com
cdn.stickyadstv.com
cm.g.doubleclick.net
csi.gstatic.com
googleads.g.doubleclick.net
optimized-by.rubiconproject.com
sync.search.spotxchange.com
104.18.28.137
104.18.36.155
116.203.19.36
13.224.103.16
13.42.201.144
138.201.63.149
142.250.184.198
142.250.185.129
142.250.185.130
142.250.186.130
142.250.186.98
146.75.122.132
172.217.16.194
172.64.150.27
172.67.14.13
18.134.214.132
18.134.84.23
18.165.183.30
18.165.183.57
18.165.183.76
184.30.22.30
185.184.10.30
185.86.138.123
185.89.210.90
190.89.238.20
190.89.238.88
2.16.97.41
20.114.189.70
2001:4860:4802:34::36
212.36.83.215
212.36.83.246
213.227.153.220
213.227.153.225
216.58.212.166
23.35.236.201
23.35.237.86
2600:1f18:1aca:4280:7d2:94c5:1ce1:2c8f
2600:9000:2450:e000:8:48e:53c0:93a1
2600:9000:25a2:5a00:1:825a:8300:93a1
2602:803:c003:200::45
2606:4700:10::6816:47c5
2606:4700::6811:180e
2606:4700::6812:170e
2606:4700::6812:d63b
2606:4700::6812:d73b
2607:ae80:4::26
2620:116:800d:21:7eb1:3826:be7e:d981
2620:1ec:46::45
2620:1ec:bdf::45
2620:1ec:c11::200
2800:3f0:4004:802::2003
2a00:1450:4001:800::2001
2a00:1450:4001:801::200a
2a00:1450:4001:80e::2002
2a00:1450:4001:810::2003
2a00:1450:4001:810::2008
2a00:1450:4001:811::2002
2a00:1450:4001:813::2003
2a00:1450:4001:81c::2002
2a00:1450:4001:827::2003
2a00:1450:4001:828::2004
2a00:1450:4001:82a::200a
2a00:1450:4001:82b::200e
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2006
2a00:1450:4001:830::200e
2a00:1450:4001:831::2001
2a00:1450:4001:831::2003
2a00:1450:400c:c0b::9b
2a01:4f8:d0a:2321::2
2a02:2638:3::c
2a02:26f0:3500:11::215:14d8
2a02:6ea0:c700::18
2a03:2880:f176:181:face:b00c:0:25de
2a05:d018:1914:d700:cc0:d4c3:f0a9:6185
2a06:98c1:3120::3
2a06:98c1:3121::3
2a0b:4d07:101::1
3.133.85.98
3.5.234.115
3.71.149.231
3.75.149.24
34.102.185.99
34.117.222.118
34.96.105.8
35.201.123.184
35.214.149.91
35.244.159.8
37.157.3.26
49.12.22.42
5.196.111.72
51.75.86.98
52.209.222.107
52.46.155.104
52.67.30.58
54.156.106.93
54.207.143.148
54.73.100.143
54.77.210.46
64.202.112.127
66.102.1.154
68.219.88.97
69.173.144.138
69.20.43.192
72.246.169.24
78.46.111.106
85.184.96.28
91.121.248.44
000ece53b2387a99f868ac9944969bf7e35932c25515f8c1c1891d3cc8bb4291
0127ca2d8cb02fc6d26d60997ece08759fcd903eaf1d2204bffe904965fc9e20
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
029dedf319bc4536d9c663ae9c0b10c95d1e9f5dd1de0aa73172e9e89ae254cc
05563cef2249b05003b3b5a327b4cdbd03f6c51b026995bd857712371413b602
08409d08d8d118c6c6d1c375e079bfce656ac367ff4d1dd9551fff110033c185
086f68b75e10cff78c11ff7d8159c9bbe5bea67202280ea74a6ddf5a1d8e44c6
0875475a32cdebb10f70bee3abe4f59d6a68e78306e8f2c5d52e690d2707267d
08756c47213d461baa3b01f42448a76d11f524470c7a34f9018733889bd4f49c
089e272d2ab92086fb22f6645e11108f328fc655f35f29cab15da20e37c0e968
097db156a836a8fad51b77ac67f94b30ac55add0d16fe9b666ca4aeff3681e00
0985bf9b257363200e40708247b194352c42a5869820b522c7f8d05949026c55
0ad2c35b5c6285b74710e2e953b699ea781dcd49b455cf38eab359cc96db6baa
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ba0d95f6584fe1c04215b4aa924eb21b06e7d7c13ed6aa4f3a18efafd01df89
0c2afe310f81e0cc65e85d2ef9550b4cdae58b8ee6317eb39b163f0c289ae2ff
0cdcfa51bf7c0951161cf2e242a6ebfda64367f3aabce61b9a3a92b68baa0b49
0deaa650a7fe01f8a6a7e08269022e8db0b67c19c3137a734dab508726fe4590
0dfe1f9ce8410e9cd1eb921153319aa98dd53d12a6e4fb0efca81ab345bda814
0f45b8ed412490e0d354a3f0c68a730d2599456dbc2ee5bbe38487c047cdb939
108bcba14581350a7815b5caa02835f1157276a442ee1b426fbe23bb6fb8f3c3
128130c4ddda9b91546695f014149bc57d2acc8b698985bebe3602b8aa6e7d1f
14f146cd51b8689ecc324ea735199d3f90998a9075ae9ada58b40849e5ccb68b
15c19d3a4513b5ad0004bfdd0ccb80028ed2f3d5049b827a7fb8119a8a874902
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
17d206c671ea31ec9cbdb36da6f132b1d9bff0db72a2eef191384baa525f04f1
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
183ccec5677be65f03127c16d3b2e7e50987a0c4eaf110ac183c9d35d00744d5
194df184f92e5a38d2d2216df38a41e2ed5c2ac7992a0479069a6a1127301e21
197c59bab4312d499aefeeaa8d93c57f65c422db6e8e040b4d1f747d008d3c01
19dc5f765d51f715497f0eadd0dede8eaa5ee17447a22db60538f60ca7c0a01d
1a4b902ac54ad650b9a769f13341e985de506c4ca0e4cd6d6c4b0f36d61a6573
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432
1e842acee4094f83bf9950e72f7edd8996ecfd0b43f2151d042c30da6e63d439
1f83d57c4d06966676c266a3195b7ff0e8561ab8f2f61383951cdb22f4adbad9
1fc5ad13b04dfb7a0f29f735a67003d71d8f34966a7a74522c1cf7898e331f43
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
20f2a2a55eece0eac1b422599e89ab8c19bf06e64f38580c40e8519c664d54fb
215f7359036ccc412e703af5be1462f44cdf84aa907782a3b35d307cd46df68e
2201faf7dc1901c58428a4855b903fa2c161e298c5a8bba997e2e1642619df3b
235b98e9724beb6c5d4365e7f097c06fb0ac3208e38b1ddbd401a375203f655f
24366c51064fc57cb419cc93db561f43bf3461affb1d04deb4d552a7e2ba4956
247d97b8046a941994933d2da467829c240d01c86aef6705abe3850d25d1f264
2501e8e02f5d1fd15ffff691da384eec93ce81cdfacec12a8c41459b660bf0a8
2511835e10bf832171c1f0444d0d055248c0facecfd6215000f3eff87703b99e
2587c21e92433883573fb9a7d23f3219f7263fb61cc36e0cedc4dec4a3841b6b
26c6f50cb469395333f4d73b569af05aa27b786e731c3760882ee27f34eb6046
274d4116239b63097bb7c16e56e27cbb5a77be20392fb8e2317c0a0235185cad
288a22ffc91efc3d480223a6d01055f0a9cccd13edceeae7fb82ce9dee9d7896
28c3c870b108de44515202b00add27b8b61bd8c0daea633f5948ef748dbd2c15
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe
291ad59350731069a43cb924ae03eba4174c9157dbb1434679298877141e1fbb
2b42cd3660f6bf3f2c6f3a60cd9523eee7ac9b544e7ae928a269dc1c0fa1e366
2b67702d4e78a4b6d5981a50298b0989dea48fc7d95b5e593dfafbe96cdbb309
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2dbf0033c76d6c789cce7caa4dee2f95a16d6582f6081e6d22d5d466ad48eb87
2eefcc491168e6bebf37b7ad06fadfbc5f3ad2a2fa1f6b9fd4368830f472e4eb
308eb8b554a35b4a32b0a5837749cc8b31e14762014465d64d56ecb26aea49c5
31489288e85672dcc3dfb19e97f035fbef57b28ee36021a93de30463cc92cae3
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31d02f43dd0c7fc5c0d95db087a23f1c2d729c93f10450884c8da6b415f7839b
3233190287f115105de5b5a99c5418e34b73b59e56bb84f681f1b5f90c553cf5
3245bffb513edafcce8abd7e2d303a891cd060e39d029bcc1873d3c2a9da1e2e
326f8c72e1d162d98847121057bf611395ba0b9e157affe05208c9acfaedac65
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
35000276f83199c7bf1b7cdd6cd4e2e964922951185291bfeb7accc8c83f2408
35be1ebb43bed842807451baa451ce5ce858501724e712d008295d0044af80e9
372360f6d3fa2133dfbf08ba93b3b55985785cb74106d75839618b7d273dd3c6
37ab5c060ae53ccda75b8bd212d874a17650f7954b11c4e31f568990ab40196b
37fccb1c28e7bf54c11bec26a3ba55cc10f901b138fbd21aad32ef3578229da8
38105aac42d1610743fba1feb58227a93739e52333b57597bd988ae71dad6353
384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7
3860635dae56adc091d0f38baf9183d9373782e4fca9884535d8eb60d90e4ba3
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
39ac5f1027bcaf08d58abeadaef1d1a3f960334631e7dff4c87b470954fe7e2f
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3cc26bbf7beb47b9f7a4b9dc243188c9bbdbe260225b4e31ad6c18dc2c9ce7bb
3f6b1fb1e88bd5c6cfbc9b558ba3e5ceb8608f3e1730283becbfa0cc0b13bc53
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
404fc6033cbb4f69830fdbea2a5ddb36791b06d6d0ca28a27fd27ec66d47c19d
40b42a4b951e1debd0ebd175497e9d7e892f9f2b7f64494522347caf30de978a
4191d89ec03bce5dc273716075335e31851031184b0fff0ab9fc900a8442019f
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11
42a26146ae91a29d6f31a955b4d1ed23e36ae77bbdafb5467d24db269345a667
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
43939b89186b244eeefdd0dbb39c9562b4603d307b5274a4df9132e73949401c
43bee53229b0e308836bfd9b6bac0800ab708c82e352498264b7b4e68ca270d1
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44f6db744eeb76ff8647b8791179a3f7d92e9a8a4a0e339d907b0c4b2869224c
460cbcd29fb15c6c3e3819b5e810c1c5237714eb894fe1f02fe47e74dd55ebbf
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47fd816cb2e3da1fee07464daced010c851db9a68768a2ab7c1e05ed28195e6a
488e30e6f97933448a60975b7da58f45d88092cbb46b8e123c77eece3f3c9b44
4abba191223d78eea7532e5b14e836b24b4a391ae8039f4ef76fe6a68cbd9970
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4bbd7300e889d424cd0f3e8b57ead3910523c901da91a3368c37c4b19156e371
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4da9f9f876a19f081e2471300deb0e414a5a4cecfac55b0619c7b1238565b479
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e9dfe40d41586accab5e3019f91cdcc3ce67b70579842047bb412d17cc1b409
4f6bc8a60f49ac5dddf6fd0c24154365852936219dcdd2d3a8e6ff2212e9fc5f
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
50679e0e3933c945348a2db0cc128bb14b57a60a74fabf8cae13acc14efbb2e1
507a74eb21e9a16396d226f31f5e25345a8208db821d9fc5798284c38bec5e1b
525e7c89461afb3f73ea7030fbceba4f9e9383570159926acee637b4f86b8148
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
5431bf3cd2099a41e143f4ccab7ee74d223ea22941dfd9061c5d241ed05afade
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54930f8d5930ea73a5643b6e7cd4f3e5142609ed371fd9d1969ad38dba591ab4
55702ad7bd542f20600a014e59b095828e4c2df0860b2ee4707b298732acb175
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55ac839c18d495810e07a56d9f19fe2a37d1b776f4b40c88837a1344250f5d56
5616a6e1823b43919f7d1a33817cccfa1d9f30c9f10f2deb00d9c3671f91d5f0
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
56a5537922108a136b902e889d8f654cd4ecbd20af988e6e7719c5d00a5ab021
570e5935bf2d1e5866883b714d5a35073a1b21104ee0d6baaa2dae59fbc8eb83
582e283baa4cce4006055beb2eb8fe257c1ec5ef573a40f173b880636089e8cd
5c172991c182b24f947b01b8f5af8da4be6f3eddc665b0eaa2677cc29f93247d
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5c99f45ba59060acda2eadde3068025d50b2fa0f055c2a8d07fae8c61f8cd768
5ca4b5260e5b7a45b242e3c117e96451cb1d43563baee057f0d609548a112db7
5dc4e95bb80ec44783c7c39a5ae1fcf7a4bf67350c289a342b6596b89e409db8
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
5feb0418f2fa206c78b1da503b3f14ee8852ad25956f30c6db1ca92046badc8f
60ebd54f8b161fc21ec650f7d074c95eacbdf19bd617a70bae78e1aae631ecbc
60ee486be9faf989f46472517ee3598f7d62842fa1774657d9c97f217ab14b95
61bb6a12927ad37b7421b359b93b32d4c6bd48de246ff47b7c56d8b1e1986d76
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6210a6c4c95a7e3dfae5d73280b92f3435ab4e10d20d663ae4fc31aee3e6609d
621a52a805a8bf400ad1153b715536d6e6f34c87a047ebb33eeff3129af31581
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
6331962d9a394637b13f868a1a8444fbf6493822f7f22ecaf50b4d873cebd000
6483497030d8a8a867ad8d73741e2ef5db405364ac86a2c28bc93f39aa6f1cf1
64a14c1566ed5e882e60ea9d6e3722949c5767823cd23dc1244503991661dc27
6546af074ffdf078d2767a671778e74def5d9e5f6fe0f768607ee7cd7d10f2aa
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
6834c120fee916b51e0eea087308a0d758983840dd02646048fda85729f5371d
69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0
69df3b7920cf9a280f919e25f02cbb0990ab56e89f4aa42340ef11ec44da7288
6c22bbed0afe926a4ad7941291775e6b212006a5d26a720b253a8c028c870cd3
6c6bd0e70922a9996b2ad0dddc5053164128a677eb645e56041bbf29b9669eaf
6da805276a266f21e76a3baa90927665780099aed2a27c83befeddda91f14123
6dc6adc5cdfc68bdbd329f401683fd3a50cf03f5c3eb35d20eb3cadeda248b76
6fdc8e3711ec8a92eab0c0b0c6cab132a32952f82120505f5232ccbbaf58f6a4
6fdd4e9b40aca531e10530f776c3fbb6ef8c74d360d93a75a23cb22153fbecbc
70242fa4fc32014697cfb3f0354b1464db9d118b5f5bd9d9ce5e0005258fbeca
7081b35bdd0f1ba60fcb80e1ef5bc535b4010d10bd97cf40a362e67819ab5e98
714ffaa29a516013a6de7b1e8c5caa1e32f29eb1932bf9ef3735e991d81a2204
7156463940940f05c469ec58036a8b1ce3e2056ddae69f97f78aebee81a797de
744b436600cd35e7898be8843c04c1115c45bf08143d085ac149e8c4f8151e3d
76a635a7ed47dd7005fe201baf4c3d1633e6185f199b99b41755a77a51057677
77cb1878bbed73b5a5ce48dcd4689d950dfbb69cd27b0596ae5648417bd261f7
789c309db6cd9d6d31cbe19ae0adf1ceb07fc8b4f485f45bf3e444dd0de457ac
7a519c62e734157227e61ce5209158e1b7b484b5f2b68e3ccaed1ffe444de36d
7aa81bed43a77da928022ddde3a276a568fef79a7ead10e5a11d5396c6e88965
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
7bf0ae7646f9381dd200f2fc2f9b11f1cee4d0a7faf4bc3047e1575a4e75de93
7c237d08b31ee7882d5eb58e69ac94a479b4bdfd0bdb4bf04f91c37effad0fb2
7ce20db5c7aaf6ddebdca30ee9ec0ca76b1e317cef43ee20caeaba9800e64abd
7e2f86ad6ec72057d9f2637a493fd57baf8119fc0eaab5cba162f69a1e6fe966
7e94ac307f582667740067e3a7b956f8a7a3e682ba23d0a54e653641f01d41be
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628
83748e7d0dcc196fda4747369084720b0a3704c93e8be21b0f12fb5cd50a0ca8
84ec131112ca132c741450c29f43750d4cc516f7fe8d642a35092729373c2e90
8646c1db3a90c0f44884813424a81365a68e1a6b8597d8051798aed6eea890d5
87d3b016132d08785375bad54750e448501458f04a7e87912382c0d2a103aa9d
891434a53c2259333f992e7e3407dec9b5ec0749d2a8b1de71df30372f158fbe
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8bb76af1be9c401ef3da16e31401b74f7cb0627154925d8c9fa308fba2e1413c
8bb76b6ed760de97f8a40e71c79ce9704e965bb287761bd81fb2fb021b8609c5
8bf23b82d939bb7f3d64650989894b9e00534789e8e782a07069005d8bed094c
8ea45c13252367fc259c1471f58c262fe44818caa0dc456e55bcad63efc357e8
8f0316fc8452da46add24d4b481940a02fc19adcb04b9e6718714fa74ad60051
8ff902cb97f360fdfd00e9cb012ff782303ff800cb1ddfff8cd9534cc704c74b
90bd2d967051c98f6c3af6c56132e92a81470be38cc6a3826114e1833060d646
9159ff44d7094b8c99c902b187018a7e1115252e3c0438f9d4622295cd00d287
91cb02bfb33928a99d6c3457c7fa8df349a398fddbc9d1f0b8b16213964ec014
925a1524e21ee86526ce6afa23ac2408d2ea45adf8da204726be194f170995ce
929dc36297d25b8b341eead18b0f6e9a286e24471b4261bd03c2a343817a96a4
96085d39ff9098e43cb0346b92caab9040ee4aff4f60aada77322ccc2c07ed20
97c530c44249746307c2b01b37eed0f53757d139bc4243798f468c71da9844da
9810aee7e6d57d8cceaa96322b88e6df46710194689ae12b284149148cabc2f3
9875805105555fce0ea7336f32bb53232dab4913d49ead3628cecb5a63134517
98bc0ff841905cab19f5547a968e3b460b66db494f718b085a0e20278703ce68
98bfefae3e5a5985f992609b18504f8806a876e3cd7faeb28e674e913bc756c6
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9ac1966d4413f7cec47f7c3be288014ee9cf2b50d24ca55c530a718a0dad2cd5
9b059c3e4037c4cc0176dfa1ef99f324dceb6d45a11fc2059e44f7a6049b092b
9b9b05f6766e37df8d46ec386fdd949e27c6ed1d762fec3fa670b558fc484743
9ba56f5ffa579747efde1d2a429b325a9fb7220d30f4268e4a44ecbe4a9bf034
9cf86c10974e62704e743362cf42dee66e4fb00250f8661322ea0d9ee3ebf9c8
9d9faf92d5031707ade900a893ce95d561540cf4e8df13ccecfe2ee9c63dde01
9dfbb8e1be036059aea6dd87bdbefa7ecada3617fb3f404ba4647ebbbf8160b1
9ead9370a81a011602258defc1010f1b2ff6e2ad18d9a6f6e968c70bb2d4b0a9
9ec0b5ca45945ff681b90cbf9cbcc7c3046483d65894dc576f1ca2dcfe6726f8
9ed20db9dee571acb44c9bac65e974a4039edee8fbc70176d958bb3fbf685c30
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a03772619be364a1b7ed76e03b8533cbe7349d5ebae356251f9374dcaa18ae96
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0b68371bf28651c37d47439b4696b4a93db6e2a1e66015bb371197bc4139e05
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a112eaf2a1694b6ce90127e3ddc7692712b4331b3bc8e01c6573bc0526b150a5
a31245a86f3d29f88e77afd309ae08f9ae63760d29772bc405fb269f743a470d
a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f
a448773f6f8d12eb078e585d58bf4f1f4e1f4dd5d62118e10a530540ace7ce69
a55f386367cbcc30390435806075251b8ef4afb086409bc8e301558223398245
a5b2665050154a908f93b008604837aa6cd5d0fd6914338cbfe13c0ff0a2934f
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
a72990ce8413aceedbfbf2f1d7ca2231c726b29a4ab1ddbca32b45ad685b4e26
a8cb46c35bbff9b025efae81ad117510cccedc5df75e417696109f381472b673
a956fa209752ea88e56e702848e3439ff71af3acdbf7853648d6d6a87fbd58c4
a9d0bdccf251b58716ddd7fee8c65b66ebcded9bdb0e6c8247d6dd010a8a0106
aa1f211bb7e5e55474c82ad9c520623a0e456949bf70c45d5dae80861e2abce9
aa411e365e755452288fdcd76f77047d9add3515df614e149900b4bb6979ca39
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
abb0f964c9209344eba89cb789ed800a211da042d8341fbe4144f254d16e0458
aca566587618e75fa291a419c7c430be02e03fc72f6105658c1bc8e7d59a65e4
ad6c79ffad86b1b363fbe442f80653301568855a475130d9908b0c8a5f7b16a2
aed3ba6251e85d6729f7d2473e23d55287d70f3e9456546019992c0ac310083f
afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a
b127a23ecc6f89444978df823ef1e9086efb39b89cdc4ef7f2814d93d6eed2b0
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b27755987b778739fa8e53c14f08af5d671764324747151347b2924a72506242
b34944bed035257d12c44baa3ff066dbb6589fdb89870724d3105c6f9633227b
b3593c5d38a9de54e41220e2c52194a6bcd90b21ed66e70d05fb434d81a2c1b9
b6551ab75532088f09dd823ef9fde257cf73bddb82166326f97fbbcbf438deac
b74e7c9dbf57703b7b6bde0f9ef962837d00c74dfd9c5560e88ba61ea47a456b
b846e8deb6704662c84437b86d7be89b508bc3510e251d0fa8e34f4610b24e2d
b889285d70207e00882df1a4bfd4604d5feac7eb05aad677ad75599b816a77e1
b8ec1febceb168d619f0eac5f43af9904a412487d3ea68663733c98aa6e07638
b929ca11c78d94ed0967b5d4dd77eb6b209cebb07c536530eeb0c26bfd4dfca5
b98d68dfcac900dd387f517a3e8e5d84bc1c3b775222660221c780a73d729fb7
ba1b837ec05ba3020e0162a3a6f8b7c2761f4fb00b083f15b24a8c2b26d8d486
ba831bae8033d6f477c431e945b399a3c11d6b13da160fe81d0aa67530889c1f
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
bca2ddde06415cc02b37a7ed1844370dc9c1f9846b98b093bf3ec65094651cd3
bd42904f348d43d7c0c81ca57dc95aa94f644498c4f553c66d4a6774b05e3cb5
be4d1ef2273f2926eb6b68c83354d78367d45038b551a4ef69c92cea2fad16bc
bf89bd783d6b836aeaaa801080e2fc096e835f3a9bcfe17af07cfe76546a4a09
c0b07404833da90a0b086ad69e7adc6d4d2b2d6298b57d2baa43dd9c94055f28
c190eb38a3f491bcbf96b136cf4a4ab534ac1293d37d9047fd77db6365c86682
c19e3e4151ea4933fa9ba9703c51fe20ad469237771214b1c5001d1b107ddef5
c1f6b66e052e0dba3f115f59a94d7304a27a73848db4b8995e2a2017ba79046b
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2d152ff81d1629309cc5818b166b8727b17dfa973c3ab304d296166dbeda817
c48b1ff73db9191e083a11b99c66fac0e506e01081b0358f81a98a26facd8c45
c57e30f3e3440754bfd9c14304db0781d0d1226d5a3b093a4ed015f5007d5c62
c5c3526917e554524ba76f85f768fb11ef858a9f4316b787496812580d4886c9
c5da40f0910849e4b559b2e56fdf8ca275f4166a8d07f305eb2e4a2789eaba8f
c697f8b1f82783e81c52b3c29d4b99d4d0f2c041a7671f7a44b2451d260e9999
c730f32afff69123950c13fedf8211849ad76aff409870071fe0b407f39ce79f
c73d6eee425442ce00ca80b2b5bd22b41b44a274432e464fbd99ef57341a19e6
c7820e413e62717ba5ace6c8a5cb16e1ad5afc719ddf5faacb1838d636822ccd
c7a1125f0f178a5bd59ac15910b5e06e94821f182ac6006071c2409cde0f2a2b
c813a18b8cde71a8ca189a487367ae2f00893096d9c246204d0089db4b039e4a
c868679a384546d80661e6085c6a40e95de3be2ad0487c56e116703ffd1850bf
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
c9cacd70ab308f607d941cc9728d034e189506e8d020820adb112d7ff148762a
ca4c3ad9639830e6f8f8e29775549fc24fcab33b4eeec7ae77da27c5c9e6bc80
ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9
ca6f07ec1368dbc869318144688deac0eca76f09553a468c942c2d9a227ca4f5
ca730f149b7308e02af38b71c23a22868905e4f7a66dc4eeaad9e3b7c8f589ea
ca848bb459064d2d0a527bd0840ec4cbdea5545ab07b8dc7ebb61c8d0cb1a954
cb9ab788552ddfdb7e7c60a6585515bbd307e452183b311ecfae1b7ba66824e6
cbcfb303a1e7d1f9da8965565b535f4122f2de2f1f3ed9f61f3f9e2dad3dcf9d
cc45ca4d679d7085db8e71d09ccbfef07e7bc9acdbd06df18c5a24deba287884
cd3bec578049163e4cd3e91e52d55040e999465b011fde978ca10b689317ac4c
cd763592b7a2bd3d9e1cb34f53edb1d5c3e6a820dfe5a96ece069bec1e41010f
ce56080747fb3b762486b9ccc59bc01f871c9647d354a1c27b52cdb73fc1bfe1
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfb8eae40717fbf03b8ef7c9776158341a18dd29178628db8feb4e19277e3e21
d06c733ba42b81cd66c7fcaabc75b51c59292cdbccdcfb6a88bf2b57d262047b
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d10d13439e9b8fbb9782ee37cca7b50e04c8cdee301e1549c18bda85da3b0b77
d1c87d61697d144d62a45e704e89fff10ac0a6c448a0982f05b8a105e3968333
d1cbe1a53c29fbcc25e32b5427b16f9649269b15465382f9af3587394e594849
d1fac847db1d7eb55be35c93e3e6cd8b056bab3ce18d858dcd21d6686cd902bb
d233ae3f0c2b48dc6f71e32ad7e23ba5e1d64b59af7e8d5592375d14887f3e97
d2597376ff0aa821df542df988e9f0b0bdc84b358855ecda37c80aaf34db2adf
d2b8eb4b25026dc28297e5e4bee3e730ef23b32543bf1ab99065a01864d141de
d3cffbe32249c8aae52dbfaa3d5c3edbf86e42e73bdb48538a9170cedc3c6af7
d47902916fe30415fa8729f980052b6051eb690f5dbd961ab4bf237336bdd5b3
d51b5ca6ac911eaf609785c23cbf8db3111386132555995d7edac30ee28ed774
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
d5ef37381138e5c82aba1b09a5e9cb76a193c998e80f09e9ec9cdb8c0eac8e17
d6c3e0f4f8533e47221612354bde6bc71605720a6bcc5f2a10a53bf4665f1930
d9d9e42433a607aeb8a6aeabd9d1194c81c1d1ee641fdb72653e8ec42a16f577
db789cc3550446a25bbbc6edef34a6d737e9db7704c00c42c5827b07f98dcc6d
db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7
dc1d54dab6ec8c00f70137927504e4f222c8395f10760b6beecfcfa94e08249f
dca2dc88a2515ffb2f30233d21ed04de2c4356b198c1a52d02dbaf333f152c27
dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e0dcc44d0d45a79942a50f0a78ee69e380cbcd8d6c02316c2af886dc634c8997
e0fe83d875faf394978cd04227fb30838db2f4a9bd67e6862e6845c6eee1a09e
e11e426fe789060d189826c85f8cf007cc95ff4b73348723e16c90ab9797b28a
e1b5a7cc494f490beb0d17f0aef199fc399f6853d7a35f28c39ae15a583cce6c
e2bb6c97b20292d41f84bc1599d3f8d1bc52df2511661edbb862cee7535e3a0f
e2cc5cc991726477320685714be247b3440cbc402761a98e80db436f1a759a09
e2d000d8f2a825432b6b20b09c894946c5ef626366b546db9c0397ad7da75089
e334ca19f092778f57815a534078daf8e3fce269e56f7ea374ab3a117eee92ad
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4e05b04e7bd1147f1f2913f7ea7c9278f19b6540e54f6085a474047df1c19f3
e51140cdcd044ad76335646936ec53196a169aace83a8b266bc1c182a944609b
e5e166567ad908883ca1d769c38b6f65959bb067295e5ea3c2f850ec5fa2b8d9
e6b20a1535a6d3ca3d7a611ae199a6f4b464e0b67b450379ed43a7ef3e66957c
e7b8d433b88d210c6aeb414da6fc440f45c471fad1b5aaae9f0b66c50122c62b
e880270c612e1660acce59b0cc54b0b3a9cdc5ac2772002a38fd13025ec30785
e8cf1c9501e19b3bba8821897a532cdfb7dbb3254290cfe215308388c08f7702
ea51f498a2e11e522503ca4033674ae7233a3d2a5e5fe9c07491f5fbe5883ac7
eaa2aee98ac27ff97e81e010ff3b1d996a360f3a7f41fc532bd3f392ddca00af
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ebe0f94ca53bc5f7d865f89aec5b0315bca03ace6942d6c1c76d94d5b59d419a
ec3ae32aa8896c5c1df88bc8342fe3a58d6e83bc02cb8511126dc6d314b8c8be
ec845791aeb058de2649747b2d5fe37fe2e5aff507b67cc62266b4852f933032
ee5b69862ff709e871144188e68437b26b84c8a2e27c65d73a42bc1c893bcc9f
eece101072f56e4f8310173b57df0fe30a4a022ebdd7ed2842a5440ddd041d61
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef34301455784e8a56ecc7a80985d6fd317ddd8328b6232dc0bc3223d79c91c2
efc85c7eb141819717cda0033484a84b1c890d13b02e355a2fec79d424b20e7a
efcc5e85d4a853e6b9edce22e73c75c33c2a459810dcdf82988fc51eee1cf9a9
eff1143779f056e4bb4193933d2145a8f54fe7d9788407253a0c0eb70fffd110
f0d90e81a2ff97160fb785b159680eea315316d332fc2e3b135addfb758693f0
f0fee645e08a99ac0131365b2d3a7ea0384a6b916bf032d0136468e0d9d1a2f8
f3624b2e2adf3efa4e37fefeb6dd825564ead1acd29077a34f15ef5cce28d57a
f3ace36da1509f415d42f3fa17afd85eb755f8082546e029d4ab493b5f1cd5bf
f3d70165d1438b13b94b2aebf55f853777b6f44c8ca0b3473728bfefa90b115f
f46ecd8fc6cce0501cc56281db3bd8f38ec384bb025ee0acd6ddc44103db9878
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6772ebadab521c4f3abbb5c9741024a00ad6682892b9e8e125844e85ee9507a
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f7acc35ce7955cf7db9b0835385e506333b8c7678e106d44d71e0a18d2e55424
f7d21ca9da27fae5aa39640a9982cd2d897be961f98bf7c352c7845313c262c0
fb916d5dc89b0b14ce223fc59fb3cd122bc3cd97405689e3805acbdb12f3ef7c
fc59ef41c60b7f255d5561bee48e359de898fbd49c52bef0b43736d9b862f002
fc8d093da8f258b6b78f78590a24cbed9a81ef5981beb9874ff26971cd332bd4
fcc44d3c728207cad27ff18bd94adec286d757eec477f0512d5c34b5a41efd66
fcf9b4aeaed63c90b87405f2e74b08c3317077d24f2c8999a865d3d6323aa7a6
fd99a285d81a12f549b741db9604416a669e2ee8accf00cd40c0b0344e9ba63f
febaf4a1ace567d9e1c2a64b9721eaa47cb418db39c8869b38ecd480bdfde322
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48