www.paranaturismo.com.br Open in urlscan Pro
216.172.172.182 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://lunardelli.com.br/
Effective URL:
https://www.paranaturismo.com.br/lunardelli/
Submission Tags: phish.gg anti.fish automated Search All
Submission: On December 25 via api (December 25th 2023, 10:20:49 pm UTC) from DE — Scanned from DE

Summary HTTP 286 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 43 IPs in 10 countries across 52 domains to perform 286 HTTP transactions. The main IP is 216.172.172.182, located in United States and belongs to NETWORK-SOLUTIONS-HOSTING, US. The main domain is www.paranaturismo.com.br.
TLS certificate: Issued by R3 on November 16th 2023. Valid for: 3 months.

This is the only time www.paranaturismo.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	216.172.172.184 216.172.172.184	19871 (NETWORK-S...) (NETWORK-SOLUTIONS-HOSTING)
1 29	216.172.172.182 216.172.172.182	19871 (NETWORK-S...) (NETWORK-SOLUTIONS-HOSTING)
20	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
15	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::2008	15169 (GOOGLE) (GOOGLE)
1 4	2a03:2880:f17... 2a03:2880:f177:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2a03:2880:f08... 2a03:2880:f084:105:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
10	2a03:2880:f08... 2a03:2880:f083:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
7	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
80	2606:4700:20:... 2606:4700:20::681a:bd1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
15	2a00:1450:400... 2a00:1450:4001:81c::2001	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
3 3	151.101.194.49 151.101.194.49	54113 (FASTLY) (FASTLY)
6 35	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
3 3	35.204.74.118 35.204.74.118	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3 3	85.114.159.93 85.114.159.93	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
2 2	72.246.169.24 72.246.169.24	16625 (AKAMAI-AS) (AKAMAI-AS)
2	178.250.1.9 178.250.1.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4 4	37.157.5.84 37.157.5.84	198622 (ADFORM) (ADFORM)
3 6	2.19.245.101 2.19.245.101	16625 (AKAMAI-AS) (AKAMAI-AS)
3	2a02:fa8:8806... 2a02:fa8:8806:16::1400	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1 2	2606:4700::68... 2606:4700::6812:19ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	3.122.189.67 3.122.189.67	16509 (AMAZON-02) (AMAZON-02)
1 1	2a05:d018:d29... 2a05:d018:d29:3605:a06f:dd4:a27d:1cd9	16509 (AMAZON-02) (AMAZON-02)
3 3	213.155.156.184 213.155.156.184	1299 (TWELVE99 ...) (TWELVE99 Arelion)
1 1	51.89.9.253 51.89.9.253	16276 (OVH) (OVH)
6	2606:4700:20:... 2606:4700:20::681a:71b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 6	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (AMOBEE) (AMOBEE)
1 1	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
1 1	35.190.0.66 35.190.0.66	15169 (GOOGLE) (GOOGLE)
1 2	2620:116:800d... 2620:116:800d:21:93ca:31d8:d86e:38f6	16509 (AMAZON-02) (AMAZON-02)
1	98.98.134.242 98.98.134.242	21859 (ZEN-ECN) (ZEN-ECN)
2 2	3.120.47.246 3.120.47.246	16509 (AMAZON-02) (AMAZON-02)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
6	2600:1901:0:7... 2600:1901:0:76b9::	15169 (GOOGLE) (GOOGLE)
4 8	104.96.147.178 104.96.147.178	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2606:4700::68... 2606:4700::6813:afbe	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	13.41.26.165 13.41.26.165	16509 (AMAZON-02) (AMAZON-02)
8 8	172.217.16.134 172.217.16.134	15169 (GOOGLE) (GOOGLE)
1	87.118.116.9 87.118.116.9	31103 (KEYWEB-AS) (KEYWEB-AS)
6 6	84.200.5.215 84.200.5.215	44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net)
3	167.233.13.224 167.233.13.224	24940 (HETZNER-AS) (HETZNER-AS)
1	2a02:cb40:200... 2a02:cb40:200::242	20546 (SOPRADO-ANY) (SOPRADO-ANY)
1	37.208.110.235 37.208.110.235	58010 (UVENSYS) (UVENSYS)
2	18.66.147.41 18.66.147.41	16509 (AMAZON-02) (AMAZON-02)
2	52.84.45.100 52.84.45.100	16509 (AMAZON-02) (AMAZON-02)
2 2	3.121.34.204 3.121.34.204	16509 (AMAZON-02) (AMAZON-02)
1	34.96.105.8 34.96.105.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2606:4700:440... 2606:4700:4400::6812:20ce	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	147.135.143.66 147.135.143.66	16276 (OVH) (OVH)
2	52.58.49.138 52.58.49.138	16509 (AMAZON-02) (AMAZON-02)
1	54.37.204.178 54.37.204.178	16276 (OVH) (OVH)
4	35.177.175.102 35.177.175.102	16509 (AMAZON-02) (AMAZON-02)
286	43

1 216.172.172.184 (United States) 1 redirects

ASN19871 (NETWORK-SOLUTIONS-HOSTING, US)
PTR: srv150-ip05.prodns.com.br

lunardelli.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 216.172.172.182 (United States) 1 redirects

ASN19871 (NETWORK-SOLUTIONS-HOSTING, US)
PTR: srv150-ip03.prodns.com.br

www.paranaturismo.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.morretes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany) 1 redirects

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

static.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
scontent.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

80 2606:4700:20::681a:bd1 (United States)

ASN13335 (CLOUDFLARENET, US)

as.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:81c::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.194.49 (United States) 3 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

35 142.250.185.98 (United States) 6 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.204.74.118 (Groningen, Netherlands) 3 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 118.74.204.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 85.114.159.93 (Loerrach, Germany) 3 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 72.246.169.24 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a72-246-169-24.deploy.static.akamaitechnologies.com

e.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.157.5.84 (Denmark) 4 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2.19.245.101 (Düsseldorf, Germany) 3 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-245-101.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:fa8:8806:16::1400 (Singapore)

ASN41041 (VCLK-EU-SE, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:19ad (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.122.189.67 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-189-67.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3605:a06f:dd4:a27d:1cd9 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.155.156.184 (Sweden) 3 redirects

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.89.9.253 (London, United Kingdom) 1 redirects

ASN16276 (OVH, FR)
PTR: ip253.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:20::681a:71b (United States)

ASN13335 (CLOUDFLARENET, US)

static-de.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2001:678:cb4:bbbb::11 (United Kingdom) 3 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.193.173 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

gcm.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.0.66 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com

ads.travelaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:93ca:31d8:d86e:38f6 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 98.98.134.242 (United States)

ASN21859 (ZEN-ECN, US)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.120.47.246 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-47-246.eu-central-1.compute.amazonaws.com

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:1901:0:76b9:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

prod-rtb.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 104.96.147.178 (Vienna, Austria) 4 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-96-147-178.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6813:afbe (United States)

ASN13335 (CLOUDFLARENET, US)

www.conrad.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.41.26.165 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-41-26-165.eu-west-2.compute.amazonaws.com

track.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 172.217.16.134 (United States) 8 redirects

ASN15169 (GOOGLE, US)
PTR: zrh04s06-in-f134.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 87.118.116.9 (Germany)

ASN31103 (KEYWEB-AS, DE)
PTR: km36617.keymachine.de

banner.congstar.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 84.200.5.215 (Germany) 6 redirects

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)

www.telefonica-partner.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.lead-alliance.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 167.233.13.224 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.224.13.233.167.clients.your-server.de

partner.o2online.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partner.blau.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:cb40:200::242 (Germany)

ASN20546 (SOPRADO-ANY, DE)

t.adcell.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.208.110.235 (Germany)

ASN58010 (UVENSYS, DE)
PTR: web01.g-direct.de

www.guenther.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.147.41 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-41.fra60.r.cloudfront.net

analytics.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.84.45.100 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-84-45-100.mrs52.r.cloudfront.net

cdn.track.production.webgains.team	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.121.34.204 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-121-34-204.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com

tr.blismedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:20ce (United States)

ASN13335 (CLOUDFLARENET, US)

pvx.freenet-mobilfunk.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.135.143.66 (Montpellier, France)

ASN16276 (OVH, FR)

netzwerk.uppr.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.58.49.138 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-49-138.eu-central-1.compute.amazonaws.com

www.eprimo.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.37.204.178 (France)

ASN16276 (OVH, FR)
PTR: 178.ip-54-37-204.eu

ht.uppr.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.177.175.102 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-177-175-102.eu-west-2.compute.amazonaws.com

api.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
80	ad4m.at as.ad4m.at — Cisco Umbrella Rank: 25796 ad4m.at — Cisco Umbrella Rank: 11359 assets.ad4m.at — Cisco Umbrella Rank: 35458	805 KB
58	doubleclick.net 14 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 cm.g.doubleclick.net — Cisco Umbrella Rank: 219 ad.doubleclick.net — Cisco Umbrella Rank: 139	115 KB
35	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 102 tpc.googlesyndication.com — Cisco Umbrella Rank: 148	402 KB
28	paranaturismo.com.br 1 redirects www.paranaturismo.com.br	289 KB
12	ad4mat.net static-de.ad4mat.net — Cisco Umbrella Rank: 192580 prod-rtb.ad4mat.net — Cisco Umbrella Rank: 145563	5 KB
10	fbcdn.net static.xx.fbcdn.net — Cisco Umbrella Rank: 953 scontent.xx.fbcdn.net — Cisco Umbrella Rank: 445	176 KB
8	awin1.com 4 redirects www.awin1.com — Cisco Umbrella Rank: 13930	5 KB
7	google.com www.google.com — Cisco Umbrella Rank: 2	1016 B
6	webgains.io analytics.webgains.io — Cisco Umbrella Rank: 24395 api.webgains.io — Cisco Umbrella Rank: 59842	38 KB
6	turn.com 3 redirects ad.turn.com — Cisco Umbrella Rank: 773 r.turn.com — Cisco Umbrella Rank: 3570	3 KB
6	teads.tv 3 redirects sync.teads.tv — Cisco Umbrella Rank: 1299	1 KB
6	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 206	386 KB
6	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 36	410 KB
5	google-analytics.com ssl.google-analytics.com — Cisco Umbrella Rank: 587 www.google-analytics.com — Cisco Umbrella Rank: 27 region1.google-analytics.com — Cisco Umbrella Rank: 2189	39 KB
4	adform.net 4 redirects c1.adform.net — Cisco Umbrella Rank: 560	3 KB
4	facebook.com 1 redirects www.facebook.com — Cisco Umbrella Rank: 98	15 KB
3	lead-alliance.net 3 redirects www.lead-alliance.net — Cisco Umbrella Rank: 89094	1 KB
3	telefonica-partner.de 3 redirects www.telefonica-partner.de — Cisco Umbrella Rank: 88416	771 B
3	webgains.com track.webgains.com — Cisco Umbrella Rank: 49821	4 KB
3	de17a.com 3 redirects d5p.de17a.com — Cisco Umbrella Rank: 4497	925 B
3	bidswitch.net x.bidswitch.net — Cisco Umbrella Rank: 336	436 B
3	dotomi.com dclk-match.dotomi.com — Cisco Umbrella Rank: 2627	310 B
3	adition.com 3 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1428	2 KB
3	simpli.fi 3 redirects um.simpli.fi — Cisco Umbrella Rank: 780	2 KB
3	everesttech.net 3 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 685	1 KB
2	eprimo.de www.eprimo.de — Cisco Umbrella Rank: 213146	3 KB
2	uppr.de netzwerk.uppr.de — Cisco Umbrella Rank: 201430 ht.uppr.de — Cisco Umbrella Rank: 143474	6 KB
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 818	2 KB
2	webgains.team cdn.track.production.webgains.team — Cisco Umbrella Rank: 61264	30 KB
2	o2online.de partner.o2online.de — Cisco Umbrella Rank: 104746	3 KB
2	agkn.com 2 redirects d.agkn.com — Cisco Umbrella Rank: 686	1 KB
2	quantserve.com 1 redirects cms.quantserve.com — Cisco Umbrella Rank: 749	794 B
2	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 802 s.tribalfusion.com — Cisco Umbrella Rank: 2218	1 KB
2	criteo.com dis.criteo.com — Cisco Umbrella Rank: 550	725 B
2	addthis.com 2 redirects e.dlx.addthis.com — Cisco Umbrella Rank: 1786	1 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 168	89 KB
1	freenet-mobilfunk.de pvx.freenet-mobilfunk.de — Cisco Umbrella Rank: 305483	1 KB
1	blismedia.com tr.blismedia.com — Cisco Umbrella Rank: 1618	172 B
1	guenther.de www.guenther.de — Cisco Umbrella Rank: 988896	481 B
1	adcell.com t.adcell.com — Cisco Umbrella Rank: 58357	459 B
1	blau.de partner.blau.de — Cisco Umbrella Rank: 135343	1 KB
1	congstar.de banner.congstar.de — Cisco Umbrella Rank: 97477	549 B
1	conrad.de www.conrad.de — Cisco Umbrella Rank: 83743	494 B
1	rlcdn.com id.rlcdn.com — Cisco Umbrella Rank: 711	98 B
1	sitescout.com pixel-sync.sitescout.com — Cisco Umbrella Rank: 681	187 B
1	travelaudience.com 1 redirects ads.travelaudience.com — Cisco Umbrella Rank: 5555	553 B
1	ctnsnet.com 1 redirects gcm.ctnsnet.com — Cisco Umbrella Rank: 49153	610 B
1	onetag-sys.com 1 redirects onetag-sys.com — Cisco Umbrella Rank: 714	387 B
1	yahoo.com 1 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 474	715 B
1	google.de www.google.de — Cisco Umbrella Rank: 6765	455 B
1	morretes.com www.morretes.com	8 KB
1	lunardelli.com.br 1 redirects lunardelli.com.br	263 B
286	52

	Domain	Requested by
35	cm.g.doubleclick.net	6 redirects googleads.g.doubleclick.net www.paranaturismo.com.br
32	assets.ad4m.at	as.ad4m.at
28	www.paranaturismo.com.br	1 redirects www.paranaturismo.com.br
24	ad4m.at	as.ad4m.at ad4m.at
24	as.ad4m.at	googleads.g.doubleclick.net as.ad4m.at ad4m.at www.paranaturismo.com.br
20	pagead2.googlesyndication.com	www.paranaturismo.com.br pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com tpc.googlesyndication.com
15	tpc.googlesyndication.com	googleads.g.doubleclick.net www.paranaturismo.com.br pagead2.googlesyndication.com tpc.googlesyndication.com
15	googleads.g.doubleclick.net	pagead2.googlesyndication.com www.googletagmanager.com googleads.g.doubleclick.net www.paranaturismo.com.br
8	ad.doubleclick.net	8 redirects
8	www.awin1.com	4 redirects as.ad4m.at
8	static.xx.fbcdn.net	www.facebook.com static.xx.fbcdn.net
7	www.google.com	www.paranaturismo.com.br googleads.g.doubleclick.net tpc.googlesyndication.com
6	prod-rtb.ad4mat.net	googleads.g.doubleclick.net www.paranaturismo.com.br
6	static-de.ad4mat.net	as.ad4m.at
6	sync.teads.tv	3 redirects googleads.g.doubleclick.net www.paranaturismo.com.br
6	www.googletagservices.com	googleads.g.doubleclick.net www.paranaturismo.com.br
6	www.googletagmanager.com	www.paranaturismo.com.br www.googletagmanager.com
4	api.webgains.io	analytics.webgains.io
4	c1.adform.net	4 redirects
4	www.facebook.com	1 redirects www.paranaturismo.com.br connect.facebook.net
3	www.lead-alliance.net	3 redirects
3	www.telefonica-partner.de	3 redirects
3	track.webgains.com	as.ad4m.at
3	r.turn.com	www.paranaturismo.com.br
3	ad.turn.com	3 redirects
3	d5p.de17a.com	3 redirects
3	x.bidswitch.net	googleads.g.doubleclick.net
3	dclk-match.dotomi.com	googleads.g.doubleclick.net
3	dsp.adfarm1.adition.com	3 redirects
3	um.simpli.fi	3 redirects
3	sync-tm.everesttech.net	3 redirects
2	www.eprimo.de	netzwerk.uppr.de www.eprimo.de
2	pm.w55c.net	2 redirects
2	cdn.track.production.webgains.team	as.ad4m.at track.webgains.com
2	analytics.webgains.io	track.webgains.com
2	partner.o2online.de	as.ad4m.at
2	d.agkn.com	2 redirects
2	cms.quantserve.com	1 redirects googleads.g.doubleclick.net
2	dis.criteo.com	googleads.g.doubleclick.net
2	e.dlx.addthis.com	2 redirects
2	scontent.xx.fbcdn.net	www.facebook.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	connect.facebook.net	www.paranaturismo.com.br connect.facebook.net
2	ssl.google-analytics.com	www.paranaturismo.com.br
1	ht.uppr.de	as.ad4m.at
1	netzwerk.uppr.de	as.ad4m.at
1	pvx.freenet-mobilfunk.de	as.ad4m.at
1	tr.blismedia.com	googleads.g.doubleclick.net
1	www.guenther.de	as.ad4m.at
1	t.adcell.com	as.ad4m.at
1	partner.blau.de	as.ad4m.at
1	banner.congstar.de	as.ad4m.at
1	www.conrad.de	as.ad4m.at
1	id.rlcdn.com	googleads.g.doubleclick.net
1	pixel-sync.sitescout.com	googleads.g.doubleclick.net
1	ads.travelaudience.com	1 redirects
1	gcm.ctnsnet.com	1 redirects
1	onetag-sys.com	1 redirects
1	pr-bh.ybp.yahoo.com	1 redirects
1	s.tribalfusion.com	googleads.g.doubleclick.net
1	a.tribalfusion.com	1 redirects
1	www.google.de	www.paranaturismo.com.br
1	region1.google-analytics.com	www.googletagmanager.com
1	www.morretes.com	www.paranaturismo.com.br
1	lunardelli.com.br	1 redirects
286	65

This site contains links to these domains. Also see Links.

Domain
www.ipardes.gov.br
www.ibge.gov.br
www.facebook.com
www.007web.com.br
www.alcad.com.br
www.matinhos.com
www.morretes.com

Subject Issuer	Validity	Valid
*.paranaturismo.com.br R3	`2023-11-16` - `2024-02-14`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
morretes.com R3	`2023-12-12` - `2024-03-11`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-10-04` - `2024-01-02`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-07` - `2024-05-06`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-01` - `2024-03-01`	3 months	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2023-08-15` - `2024-09-15`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
ad4mat.net GTS CA 1P5	`2023-11-18` - `2024-02-16`	3 months	crt.sh
quantserve.com R3	`2023-10-28` - `2024-01-26`	3 months	crt.sh
*.sitescout.com GeoTrust Global TLS RSA4096 SHA256 2022 CA1	`2023-01-09` - `2024-02-02`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2023-02-02` - `2024-03-03`	a year	crt.sh
prod-rtb.ad4mat.net GTS CA 1D4	`2023-11-21` - `2024-02-19`	3 months	crt.sh
www.awin1.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-10` - `2024-03-09`	a year	crt.sh
*.webgains.com Amazon RSA 2048 M01	`2023-05-15` - `2024-06-13`	a year	crt.sh
adcell.com Certum Domain Validation CA SHA2	`2023-07-28` - `2024-07-27`	a year	crt.sh
*.webgains.io Amazon RSA 2048 M01	`2023-07-24` - `2024-08-22`	a year	crt.sh
cdn.track.production.webgains.team Amazon RSA 2048 M03	`2023-08-30` - `2024-09-27`	a year	crt.sh
tr.blismedia.com GTS CA 1D4	`2023-12-02` - `2024-03-01`	3 months	crt.sh
netzwerk.uppr.de R3	`2023-12-21` - `2024-03-20`	3 months	crt.sh
eprimo.de Amazon RSA 2048 M01	`2023-04-29` - `2024-05-27`	a year	crt.sh
ht.uppr.de R3	`2023-12-03` - `2024-03-02`	3 months	crt.sh

This page contains 44 frames:

Primary Page: https://www.paranaturismo.com.br/lunardelli/
Frame ID: 6743A818DF8488E42CA0DB21DAF64ED8
Requests: 54 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/zrt_lookup_fy2021.html
Frame ID: 53CDA8CB06DE12714976283F6ADC93D7
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com/paranaturismo&width=180&height=220&colorscheme=light&show_faces=true&border_color&stream=false&header=true
Frame ID: C50F064F666F8B55A3A65C7F98F77FF8
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4766656075352824&output=html&adk=1812271804&adf=3025194257&lmt=1703542843&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=236x1080_l%7C236x1080_r&format=0x0&url=https%3A%2F%2Fwww.paranaturismo.com.br%2Flunardelli%2F&ea=0&host=ca-host-pub-2644536267352236&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703542843201&bpp=222&bdt=198&idt=411&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6547080010031&frm=20&pv=2&ga_vid=369014989.1703542844&ga_sid=1703542844&ga_hid=1826749835&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C95320239%2C31080103%2C44795921%2C95320868%2C95320884&oid=2&pvsid=3275849631077340&tmod=184500927&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=427
Frame ID: CFF09EFFE5DDF0E3BCB391F0A28B8108
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4766656075352824&output=html&h=90&slotname=1117840744&adk=1721480579&adf=767381939&pi=t.ma~as.1117840744&w=728&lmt=1703542843&url=https%3A%2F%2Fwww.paranaturismo.com.br%2Flunardelli%2F&ea=0&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703542843424&bpp=2&bdt=422&idt=207&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&abxe=1&prev_fmts=0x0&nras=1&correlator=6547080010031&frm=20&pv=1&ga_vid=369014989.1703542844&ga_sid=1703542844&ga_hid=1826749835&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=612&ady=42&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C95320239%2C31080103%2C44795921%2C95320868%2C95320884&oid=2&pvsid=3275849631077340&tmod=184500927&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=210
Frame ID: 766BA18A69F748DD61FAB352F8FC5B97
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4766656075352824&output=html&h=60&slotname=7656980933&adk=2977947412&adf=295265960&pi=t.ma~as.7656980933&w=468&lmt=1703542843&url=https%3A%2F%2Fwww.paranaturismo.com.br%2Flunardelli%2F&ea=0&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703542843426&bpp=3&bdt=423&idt=212&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&abxe=1&prev_fmts=0x0&prev_slotnames=1117840744&nras=1&correlator=6547080010031&frm=20&pv=1&ga_vid=369014989.1703542844&ga_sid=1703542844&ga_hid=1826749835&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=297&ady=380&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C95320239%2C31080103%2C44795921%2C95320868%2C95320884&oid=2&pvsid=3275849631077340&tmod=184500927&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=214
Frame ID: 2BAB9FB105850E47F400FE1B29342717
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4766656075352824&output=html&h=600&slotname=1019247609&adk=1564824845&adf=2530054453&pi=t.ma~as.1019247609&w=300&lmt=1703542843&format=300x600&url=https%3A%2F%2Fwww.paranaturismo.com.br%2Flunardelli%2F&ea=0&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703542843438&bpp=2&bdt=436&idt=212&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&prev_slotnames=1117840744%2C7656980933&nras=1&correlator=6547080010031&frm=20&pv=1&ga_vid=369014989.1703542844&ga_sid=1703542844&ga_hid=1826749835&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=821&ady=476&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C95320239%2C31080103%2C44795921%2C95320868%2C95320884&oid=2&pvsid=3275849631077340&tmod=184500927&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=214
Frame ID: 2C58A80BCB715BB9292CCAAE5C19FE85
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4766656075352824&output=html&h=600&slotname=6929445609&adk=997224295&adf=2345113435&pi=t.ma~as.6929445609&w=160&lmt=1703542843&format=160x600&url=https%3A%2F%2Fwww.paranaturismo.com.br%2Flunardelli%2F&ea=0&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703542843442&bpp=6&bdt=440&idt=223&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600&prev_slotnames=1117840744%2C7656980933&nras=1&correlator=6547080010031&frm=20&pv=1&ga_vid=369014989.1703542844&ga_sid=1703542844&ga_hid=1826749835&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1143&ady=1053&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C95320239%2C31080103%2C44795921%2C95320868%2C95320884&oid=2&pvsid=3275849631077340&tmod=184500927&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&fsb=1&dtd=225
Frame ID: D999F4B99D356709CD72ADEAB79933E9
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1hw3vrmg7y3h907x06syq4mwyfedv69f6q29wwdep3ssy6wpckwcb2exmbatkx9bxe51k5nf3v7d7xxpvewctzck76xdfv7ad59j0mc58zpdqhv0q48qpkpdawrd8mzq6saghhhc0rdj6kj33qhp8859scdbd6hv2pr4bt3mfk7n8mam213kghjxsrdt10537qn23f1q3hw6j4p3qfxq6smyq146tf8cxgwd6mkn4b8t052q3bmhnt3ngf66837er1yn7e13x4tmzv8vtt2h0dp7qbw7qyv678v7bt8tend0afbpkp2jy27st601kq3f0aq8r5ad80g6hkbdqgtzjzp047sjx4kj5pajyr4gfzhrh5n26vqtfjqkkyqfa3vdekdq3wwtjmjqt9f1adgj12wwrp6tpzmnkx65gyg32j7h41ehvq2bzqhg6dhdxkb0zvpk9q8pjr&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCi7XcOwCKZcX7N6jJmLAPjdea2AeQ4YGEXLaoworwAsCNtwEQASAAYJWipIKwB4IBF2NhLXB1Yi00NzY2NjU2MDc1MzUyODI0yAEJqQIRY4ZOUXiyPqgDAcgDAqoEoAJP0NcqJtg55nB97JQdWA9hOfZx658I9BM70u2wKuatPeCCl73oqHIJb06E8gPpkN78w_jwiJCk6TbTFuxURvadFFk735Y2Wk8ry37wu_gpweFbfdBKj-lJ-tIIO4v0OTu9mPDxbvjTi2Y9xfZNZ91EzZsMWYOuzzUbVnoVIUWOzB7Kj_vTOYmYjm8iIy2SN5ZE8lZJ0ZOLnhW94Avz7-O-S4JAcrsJsnmcofKH-CkGLwNCfgt78QsqaBx7sERWmeAsR7aRqkTj87b5tuUm6WkwqB3B41GcZ0SU9dVxwxmN76BUUw1KjlemuLbvQA8hYhLg0vVocKaWOWpXA2gAdauO-Z4iKFGjfb57ZL6YKal3NH9r_i6di2F3Ur7hak8L7IqABunliPTnivbzeaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOljCzsjQz6uDA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1x-587HaxUC_6pOl6qHjyOystF2w%26client%3Dca-pub-4766656075352824%26adurl%3D
Frame ID: 250A0E3B441168304F77C572B01A6E3E
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js
Frame ID: D1B98D54A208FCEB631C5F3CA2D657A1
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 17B1ED38D3D5FF449694966B92C1D87B
Requests: 9 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1kpdr3t7he17zy2tx283nd7kak1mkqfw4g7brwkzpzhry3vt7derkk418148cc4131fjrzzhtqg6sb9zj8rr8mq70d69mhsf2a8gvpnk1pvkq4cbp6t2ty330w6sw4p69vchqh3zjd36yexjaq3k4tf2nj0sp1n7zvcdv5na2f22jr30eeddkb4cw0ca065cmzce2jv0rh56hr575n4paa0cfpg7dkn17vz5621d3jr06xnf7bw4b1s4sbvxq4662ek7r8371ydf9txjgwxxfggkn4t5e5b4jzb3fr6trd0t572wv7q2xaymp36gpgq8mtnwgpsywe3mfx029kcerg35cmp5gd25ryc1dda7kbt98hvvkhx56pnk7kwwk5et8x5zs5xnda7gctjd3x9pj9va1t16e6m5yvh9vx7sht875g36c183jaytcqgbhsb0601312bf&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCkS20OwCKZYf7N9KI1wazjJq4AZDhgYRctqjCivACwI23ARABIABglaKkgrAHggEXY2EtcHViLTQ3NjY2NTYwNzUzNTI4MjTIAQmpAhFjhk5ReLI-qAMByAMCqgSZAk_Qc9zH2_Sz2GxxBDvhfUg5fnk2Q-IAdKxkGIR8ALGhKIfbcyr29s_2Rj5og1fDlZRepQNAjTSyZsIXKEqEX6SMuSfWqrK8z3KqRKdU4xadGQYzrmVNYv_jfW7jdsIEzHc-F_ZaeYxz9TLQ5DmXtatNOkguFdMVUhWvKF-_ODpnz3JD7ZDyJh7pNmlnLJ1FvFxap384kbk6OxYdfCJCRpB_DX8Hn_6eptLoozWo3oK_pfmeI9LOvTMLiG95FcuqZQlq7KIWVfAiRHI1yQKiiDkRl8BnfHCbEtSLiIoOeGsU8oQWC8GtyNByA2XNRH8LE-26QJC2l8mNH0XMLRtXUTcttcoaEZSxKxn0eFsADUHnNXLZkSWe30J1gAbF76qXrOryphygBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYl8rI0M-rgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1952ya8fZ910P_mJoyi5pP1WtiJQ%26client%3Dca-pub-4766656075352824%26adurl%3D
Frame ID: 18E1CEAFA001034CB132720954AFDB7D
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js
Frame ID: E23AAC5966447972A42F079F2FF6B744
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: D9FD2F46B6257208BB95A8BA1F7C64A1
Requests: 9 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1hn2hhr1pspvrhxqk6054hz2e79c3hdj76rx21kpad2jh85hxc4j5cm2nmx569mjt8b4v7naag1ram21j6xkhd6e8tfcza4hp8fevf5p170a8rjq92meptebvs7zv2635w24vm5js2w2an10cpjr6xy081h66r4ycshnzvteqk23q5fazgdt6235ymz4hz7cvfvn24xd3yqpnd8wwnyf3ydx215jx0tnqnx7jqr7fekpb0sgr61ntkxakt8aze1fch69qpszr9vmf5555tbjzf9xc0d3w3ky33yjaa801gh9chxevw8fbvct8pv6j9hy00gm4n9qf4gs3t9era7cxzn82gw0b6brqeerg73v2e773awss21t6mvr6z14x0et6kr5j9ngace4md2vy4y62chwfhd3y4y9pbrcjxd0hv0f4k1ped82v5hac2sp11szw82q5tfc&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCjabNOwCKZaHiN4vE9u8Pr7eS4AOQ4YGEXLaoworwAsCNtwEQASAAYJWipIKwB4IBF2NhLXB1Yi00NzY2NjU2MDc1MzUyODI0yAEJqQIRY4ZOUXiyPqgDAcgDAqoEmQJP0GDVPx2-HIFJ4_DO5-AZ_Usvc1Ew0hF0ShpGECcspFxlQ6y-VX-86iEBa9ifQJ_bCcqFSwqY10bA9bzv_qgSUmSUZVwo1e1eA8kOzu1IgssZ_t5HtJYmmpZW8ZHNsXW4xWWv1o1bKb96jH-zNs0Z0H98ldBKn2DViwdPEeeZcOh8UFKp-aninbmIQ8EbRhsDrZ2mbnftNvWDgjFtvTDtRZsP9z4X2xtHhsQrdzUVX7F7MEUBck3jRbAy7fq5rthigWu4cvjq4OCg6YbiKcu6N6G7Ib8DgzwjAky94ehuO6FV2z8dKrK2to9PQAh95leMaVZhJAlukTxUh1BJ6Eo5UQUXE-6bP7FbaheVhlmgPxlxi8X0aeibnYAGx5G4oZi-xt9soAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WPvFyNDPq4MD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3Sv86g3e0VJzP1tbgCWTF9HmFMcg%26client%3Dca-pub-4766656075352824%26adurl%3D
Frame ID: 0818E4787B7CD8FE9E32FF5412B265AA
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 046221AE9B93C8515492BA2DEC546163
Requests: 9 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1g3548v11szq27s4e8antfrek2765b002nvdt0v52xgcm7cp32dky51xbts1ay6hmc0hjekr5e8xrzsdb4vsrkqcwrmg0cz9fj7z2d2rf1wrn9wyv6hjhp6q727mrkkwew3tqfyn8ss2geqch6wctstrz2k18d3yrmmgdp4x4zzh1h78762y9w0b8rnma7379nwayw6x5whv2pg5r933zwtejsnrsj4vqbfba8487pthqvfgj79h65rndf2rfxcy13w9pp9c71x4x6zpkxvnhth12esep9b43786z5r59mwqhbte67gx7p5yqedf2t5vdx79yscc2qkjek0qf2j2f2b2795nnx9hbe5sdjngrrw74cm4ft5j5fmrpa83h6hny977crcsf9008nzktjqwn8739pyps3ye9q96sd4j8cbc052dvsntg43skrhm8zw4dr686jgr28&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCGp0UOwCKZb-3OJyTmLAPkJa0wAOQ4YGEXLaoworwAsCNtwEQASAAYJWipIKwB4IBF2NhLXB1Yi00NzY2NjU2MDc1MzUyODI0yAEJqQIRY4ZOUXiyPqgDAcgDAqoEmgJP0JuNx3sOuOU3Tz258PPZQ--bzVpbxonUTlMnbypF_XTZygKfOxLfZYuzG74SZSM3kz_DdSfJFIWoF8AMxb0BQyITDZ0nxnxwIdzMZBlslCKrQNtzmfbaTCcyku8zDG38Xw1mGMSOEjOJtqsXT-bysHncurfEEF8UMR3cqzlruX-Qk3VNtMcpgZC0DmeiUS5a9mpbMj-smGfIBB4zrB7nGqwZJEaioDRnVVCKaLZoNrHOoCHmi0ugClMeKqH3ZlbEjQ_ly5DEKc1PbhtFenRO76RBV3PxF2CbDpRcxpA9AD75fsXqE0-r4gPlawJ1wqPcw6c8_zgTctga1hZYoF9FJV1tX6bzoF6sWP9yXa3nUHpq8XhcuwE0IDeABvnEndus88zewwGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYpYbJ0M-rgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1I93El2lPjZx4jNcyAVHzTNSYykg%26client%3Dca-pub-4766656075352824%26adurl%3D
Frame ID: 5CC66F70454D4183F3CB459D5D7B088D
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js
Frame ID: A17CCE6671B58BCC51E2379B6F57342B
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: F235778281A2247434E5A8F44CFED0B5
Requests: 9 HTTP requests in this frame

Frame: https://ad4m.at/cookie-frame.html
Frame ID: 431D6859B3BEE69879DA13DC092B109A
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/cookie-frame.html
Frame ID: 26A90623E48D382754E384278AF5F22F
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/cookie-frame.html
Frame ID: E4B86FCAFE540EBDDCC320977235B332
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/cookie-frame.html
Frame ID: 94EC13C29C1839F03AD660A45EC575B6
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=197862&b=Rx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ&f=QxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5&c=320&d=50&e=&g=e2eaa6b7231780b2f2b3870f08acc77d%2F5666372123874972876&i=71725&j=21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1703542844431&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gy40w9tx9095cmnndrcgdeqngkpp0nj7pd3mpdkem9h83t4wjw9rrpbntcscr9zwzec4gqbj2j6zp3hhcmq7kt312y5zjy62re14410nbs5ctf1ygz81gd0vnjx340v643y3vdm6tjftgp02j9vyg1jxevpagq6qjk93qj4ep7hjrw84bw29vbb5sh76g87gstzwkcbtbvf7dba3kkex7ktew25va7w76t3xp1nkfskxqb9wyr4xqknjtnt9qq5kz5f8cf3v9tvs1t0qht17wms%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCkS20OwCKZYf7N9KI1wazjJq4AZDhgYRctqjCivACwI23ARABIABglaKkgrAHggEXY2EtcHViLTQ3NjY2NTYwNzUzNTI4MjTIAQmpAhFjhk5ReLI-qAMByAMCqgSZAk_Qc9zH2_Sz2GxxBDvhfUg5fnk2Q-IAdKxkGIR8ALGhKIfbcyr29s_2Rj5og1fDlZRepQNAjTSyZsIXKEqEX6SMuSfWqrK8z3KqRKdU4xadGQYzrmVNYv_jfW7jdsIEzHc-F_ZaeYxz9TLQ5DmXtatNOkguFdMVUhWvKF-_ODpnz3JD7ZDyJh7pNmlnLJ1FvFxap384kbk6OxYdfCJCRpB_DX8Hn_6eptLoozWo3oK_pfmeI9LOvTMLiG95FcuqZQlq7KIWVfAiRHI1yQKiiDkRl8BnfHCbEtSLiIoOeGsU8oQWC8GtyNByA2XNRH8LE-26QJC2l8mNH0XMLRtXUTcttcoaEZSxKxn0eFsADUHnNXLZkSWe30J1gAbF76qXrOryphygBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYl8rI0M-rgwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1952ya8fZ910P_mJoyi5pP1WtiJQ%2526client%253Dca-pub-4766656075352824%2526adurl%253D&y=1&s=&z=0
Frame ID: DD0AC36BFDF34FF31EF863E6D35873E3
Requests: 8 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=197862%2C14019%2C19769&b=Rx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ%2CRx3HgfQfZx7TkHwH3tQtdWgf9SzTYMAhB3zZ%2C8R3cDf8f2qZfgHJHEtxtkZEhGSwTpQZtbw6A&f=QxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5%2CQxWH4fjfbV7txH5HYt9CZekh6S4TGD4HEzJ5%2CZxqHwfBf6A8UmHDHDtDCJQ2a6SXTQRBuY51p&c=120&d=600&e=&g=06b647365d674e1bad81df141eec0978%2F15389399129828522219&i=71725%2C21596%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1703542844432&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j7qapmvpbe50gecgw9cnb5ddk2jqdvf6767g4x2ejzehwf7akq433kepytwd2an91dyrkb6pyk2qbyf2qdw8a3s15d2y7f5z74s3jfyzcmnzm2q9ydg32mn5bhpwj77vmhs824as3gcfd8tpdc5gskn3xhdbdfcxpj1h30ykhgf95j8p8a9tr0j1vf48mmvnw0tx7k3etza9a1gn31gjhtdhetdfjnsq14f5yzs4ec6z3fqryjaxsk40axk7hn9ycbjmarw4j4xxg9m440t7b97%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCi7XcOwCKZcX7N6jJmLAPjdea2AeQ4YGEXLaoworwAsCNtwEQASAAYJWipIKwB4IBF2NhLXB1Yi00NzY2NjU2MDc1MzUyODI0yAEJqQIRY4ZOUXiyPqgDAcgDAqoEoAJP0NcqJtg55nB97JQdWA9hOfZx658I9BM70u2wKuatPeCCl73oqHIJb06E8gPpkN78w_jwiJCk6TbTFuxURvadFFk735Y2Wk8ry37wu_gpweFbfdBKj-lJ-tIIO4v0OTu9mPDxbvjTi2Y9xfZNZ91EzZsMWYOuzzUbVnoVIUWOzB7Kj_vTOYmYjm8iIy2SN5ZE8lZJ0ZOLnhW94Avz7-O-S4JAcrsJsnmcofKH-CkGLwNCfgt78QsqaBx7sERWmeAsR7aRqkTj87b5tuUm6WkwqB3B41GcZ0SU9dVxwxmN76BUUw1KjlemuLbvQA8hYhLg0vVocKaWOWpXA2gAdauO-Z4iKFGjfb57ZL6YKal3NH9r_i6di2F3Ur7hak8L7IqABunliPTnivbzeaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOljCzsjQz6uDA_oLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1x-587HaxUC_6pOl6qHjyOystF2w%2526client%253Dca-pub-4766656075352824%2526adurl%253D&y=1&s=&z=0
Frame ID: ED519CA9D87E3D5F7FDCFB2146AB02B4
Requests: 14 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=196438%2C183975%2C23576&b=GjMSBfpfXwx9UKHeHGtPt31dHZSYTJ78sQVeB%2Ce7mt3fVfrkRMajHZHet1t4jXTwSQTK3gsJxrj%2CdE7HEfkf8x8cEHjHwtEtbbrfeS4T59ATgVmM&f=Vx4HwfmfDjJEfVHbHAtXC8j4cBSzTgbrUDJdX%2CDjBS3fwfGA3rF3HmH9twCZ3kTxSmTYEXhZMAz%2CK1mCRfZfjwju5HMHktzCBB4C7SAT84Jtp2Qx&c=728&d=90&e=&g=ad23e113f62ea3fa4eb767672c96042c%2F4565384704278724705&i=25174%2C20597%2C20774&j=16%2C21%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1703542844486&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g9k4gy9s8say8kxpkefqswk01wasxs1e549r8zd3v4ejnv013h2aaqdfagxspemjsjhcmwp0cm690nha7cv0gpa7cdyh9k69309sc5shw6axrj1fvzxj1twfczfmbdapeb82ms4gt0r3bvdx2e1ygsa6t0wwv1xnhj5qfcg3tcfdm1mbs8abq5nc1s2bnh9hcmms8wp3kax8mz5t3enqbffjgkw3jp44gbkd64qsj2bzgcx7a812ncgb1njj5cvbffv2kx9m1dfczz31v8m1vmr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCjabNOwCKZaHiN4vE9u8Pr7eS4AOQ4YGEXLaoworwAsCNtwEQASAAYJWipIKwB4IBF2NhLXB1Yi00NzY2NjU2MDc1MzUyODI0yAEJqQIRY4ZOUXiyPqgDAcgDAqoEmQJP0GDVPx2-HIFJ4_DO5-AZ_Usvc1Ew0hF0ShpGECcspFxlQ6y-VX-86iEBa9ifQJ_bCcqFSwqY10bA9bzv_qgSUmSUZVwo1e1eA8kOzu1IgssZ_t5HtJYmmpZW8ZHNsXW4xWWv1o1bKb96jH-zNs0Z0H98ldBKn2DViwdPEeeZcOh8UFKp-aninbmIQ8EbRhsDrZ2mbnftNvWDgjFtvTDtRZsP9z4X2xtHhsQrdzUVX7F7MEUBck3jRbAy7fq5rthigWu4cvjq4OCg6YbiKcu6N6G7Ib8DgzwjAky94ehuO6FV2z8dKrK2to9PQAh95leMaVZhJAlukTxUh1BJ6Eo5UQUXE-6bP7FbaheVhlmgPxlxi8X0aeibnYAGx5G4oZi-xt9soAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WPvFyNDPq4MD-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3Sv86g3e0VJzP1tbgCWTF9HmFMcg%2526client%253Dca-pub-4766656075352824%2526adurl%253D&y=1&s=&z=0
Frame ID: 974152C10CC45DA499EDEE3E5EA6F9E6
Requests: 11 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=197100%2C765%2C199445&b=ADYaYfqf2VJXsAHRH4tktMMGsRS4TRrAH3JMm%2C7QWSqfzf38crHXHgtAtBGMc4S1TQ8Eu2k1j%2CRx3HgfQfGzwYCkHwH3tQt4dYF9SzTYMAhB3zZ&f=MxGHzfrfjepBCWHEHGtQC661tBS4Txr1CE2g7%2CEjgSDfEfgVhzHAHjt6Cq6daKSVTYr3hBgQ5%2CQxWH4fjfP65ZHxH5HYt9C6ZmH6S4TGD4HEzJ5&c=160&d=600&e=&g=2740e1c93a0954c841ded5be661aa4a0%2F6236052650347061060&i=20773%2C1676%2C30890&j=14%2C4%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1703542844509&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jky0g48whp12nezg6retbkm88jjfak3vhh4fynt25gg20tn5n8xtfrwegza89yhkcbws6ggxws3tzzym2a8qj28gs9y838gj21tc70znkhfhdg9kg9bbstkgxgwrrfsx3kfh820p4pdtrmhy07p9c4n9ww8mm7vf2e44w754cghhrr08cmdjw9k8wgfwmda2pmfvx6d48cqy91zxtvr44cphyad1py95hvy8vk9132ctcd89qrxyajpasdn64dh1dp5gj9mh2rj60e4xj1d6qhm%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCGp0UOwCKZb-3OJyTmLAPkJa0wAOQ4YGEXLaoworwAsCNtwEQASAAYJWipIKwB4IBF2NhLXB1Yi00NzY2NjU2MDc1MzUyODI0yAEJqQIRY4ZOUXiyPqgDAcgDAqoEmgJP0JuNx3sOuOU3Tz258PPZQ--bzVpbxonUTlMnbypF_XTZygKfOxLfZYuzG74SZSM3kz_DdSfJFIWoF8AMxb0BQyITDZ0nxnxwIdzMZBlslCKrQNtzmfbaTCcyku8zDG38Xw1mGMSOEjOJtqsXT-bysHncurfEEF8UMR3cqzlruX-Qk3VNtMcpgZC0DmeiUS5a9mpbMj-smGfIBB4zrB7nGqwZJEaioDRnVVCKaLZoNrHOoCHmi0ugClMeKqH3ZlbEjQ_ly5DEKc1PbhtFenRO76RBV3PxF2CbDpRcxpA9AD75fsXqE0-r4gPlawJ1wqPcw6c8_zgTctga1hZYoF9FJV1tX6bzoF6sWP9yXa3nUHpq8XhcuwE0IDeABvnEndus88zewwGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYpYbJ0M-rgwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1I93El2lPjZx4jNcyAVHzTNSYykg%2526client%253Dca-pub-4766656075352824%2526adurl%253D&y=1&s=&z=0
Frame ID: BD8A575D74604FDBBDC991F2D6F6B3F3
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 998845EA2864363C3D6DBC006B68A4E5
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 8B150205A15B814E4B992C3E18ED92C1
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1gwcr6yx0q1xerbgnsyp1twbe0kjg5p7519jnx12j06frmmkhcm27ewy854xnqp4x3eaykhzgggcnyja02wxtp0gcdedh1w836cpe6pqx3x5q72wqd15fthksz5ks383na938x6wz03bbm6mvr956vtjgcp24rd461q9rf721d8kkp1a6xr5622b0ws32qw5a2x7kpeaadz91s043ae3c373xj1ypgw90cyfnnp67496z5nk3r8ske5d1c8bhhqd17fjgdty98mdkn09hn0k783ka28414n9rwf8d30w5t07em4c8x3gm1x2sk8vdmj9x6s970pbazrqa5qqm5nx6tsta9sfrzpnt2dh9rq13kh99hk8g3m33sjtx9wxc7pban2gkdkbs5mwxvvm94wscj196dm0e7awwezh9c73g9vk9q9jjvd8sz4hp2fmcj22cdr3k0e9wg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCJfYPOwCKZZahOJz3mLAP59itmA6Q4YGEXLaoworwAsCNtwEQASAAYJWCgICoB4IBF2NhLXB1Yi00NzY2NjU2MDc1MzUyODI0yAEJqQIRY4ZOUXiyPqgDAcgDAqoEmgJP0PeFROxOycK6Lmg_9VNKzI37mkkFnPw5tkewQEqCTQB5-yOt_KniiqJUPQZQKHNkCw_xiMre7MYeDTVgTviyGvfhGj0GqeAWCJ5PhftflEDoaxIo4sK6wmUXsJb-HXxXSQw-ozGRHi-iE4MGgWg4BdZLsdAXvahCSA_EnUAL-LROdBSrU5pmNuev0Bq1NvnAtFTXX9Z1OirN_I_aNmAxYlmATtCXluw_SwLBr0_tfSnjyWxl5iZ5p-UU-7Cmtdw-NgaXHfjFtBk3PPPCQuQ6JSC6yx0DvIWfsbVUDqkmK0aWf7dYmTRZIwXZV3KE3DOABSdgB042HvDdqn6ZYobLvKCLcC6feZEf3FOlAvYnFNisvBc7670RbY2ABvnEndus88zewwGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYwdXI0M-rgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3O8J_IwTbI3GueqlCiVCuHUfW8aQ%26client%3Dca-pub-4766656075352824%26adurl%3D
Frame ID: 9B1965C832C6DCDEF99211D5336F2849
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js
Frame ID: 487F7B63A6F9280A83DF678725A70F9B
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 740B5F1F59B09D40EDF19989DEED3DC1
Requests: 9 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1g4r0eb7vebnwvddsfz11p6mdym2wfnyw5pvwd6wb2x8jj18d66edn134k5ay006gcsx2yvnzwt8y3p6g2c0aw98p3h9aw17hqz30k9q5nt995ds8aj0xqvwbnx4s34bqvgwxgkc1tym2fag57yjczsbys4cqwsen63pfm2dn85bwp623exgm2rt6em2dpz1rj4j0633ntdckbvpsf4zqsje66bthsvbtrfa3gd7m4aqhx3ptwem71e1tv3a1ntgsx1t6jv8b22eh2853rmvd6ycqcstcp89wytmc34jbdm8h6c47bwc464fnxjc4fprfhyhcfnpg7tqnj0krsj4qpg3zd55z57dhnpwsv7gva181z6s9j49ds430546srdc1c4cesezkhv9ff2ahqbw0x5serrqagr5403gjsvt2zsk80s1hxtk2&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCiU42OwCKZZehOJz3mLAP59itmA6Q4YGEXLaoworwAsCNtwEQASAAYJWCgICoB4IBF2NhLXB1Yi00NzY2NjU2MDc1MzUyODI0yAEJqQIRY4ZOUXiyPqgDAcgDAqoEmgJP0FvycjXe_1kHWtTjnYzqJVCrL7kx4yJ1nz6rFPReUkBkYz2zeBkzLjJsWJZ5Alcq3gOhWHpRFnpBnjLbSUI_n6puaG8zbdqUwFdx6u5okiXjrpFKatyooi9ZzEBaPEYmBgxw8dAvoWl2uqmNPfDyXbswgNfDNe_qZOWW9jJbzDoNY7-FHLNAGjz3E2Zp9zB3b0u4GvxGZFQnuonsUdnL5cCs1oWGnKFuljvPUkUFSPD-qZKriQEcsJzTCOzTSutUGMadUJNSmM1qNC8N4TopYV4abgAc-u7QmqGj_R_DzkWQtg_TTLMBEbuTLJ8qAdjGxd5W7WV-kQ-Q9-8fh4tEgum0fr9r0GG5xQWrJvLy5Y80gHa4DklJhlSABujT1d-Jy93T1gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYwdXI0M-rgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_15sxHpokwjHNY7Qy8d3lcCdRcVUA%26client%3Dca-pub-4766656075352824%26adurl%3D
Frame ID: 71C564201EFFEE46E3AA144070ED7BD8
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js
Frame ID: 6C9B0877ED7B24D92753EDAE96025B2A
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: C5DA835D18AF4BFE3B185CDE3C8A008A
Requests: 9 HTTP requests in this frame

Frame: https://ad4m.at/cookie-frame.html
Frame ID: BC0E98C031AF449095C595C194A6E149
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/cookie-frame.html
Frame ID: B69166048D496C7A1A04FEBC475CF66E
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=29002%2C12798%2C685&b=ZxqHwfBfMzDtmHDHDt3t6R4T6SXTQRBuY51p%2C13mUbfKf2Ama9HdH9tAt2zmS2SKTGRWHx7dr%2CYxRHrf3fkXaVH9HetQteg5ukS1Td9rF1Z6q&f=9jbSMfmfGdBtKHBH2tzCVWAc9SmTzPMfrbJW%2CwAjudfjfZk3SEHRH2tEC4m9hzSATmrZTKJQ1%2Cq42umfWfAzSZHgHDtRCwrdHeSgTJD5sq4xM&c=160&d=600&e=&g=ad49ec425c77567d218294f6c6deb45b%2F12333126316468682968&i=25052%2C20363%2C17908&j=16%2C24%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1703542844967&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kpy3qjbwa1c9saak788yr6zxv5htqmja5m60wdjwpb35karbkm59dsj3g5q8vm596xxhr59zbyt937basgbwrvb3fgrvgnmxe0s6p4b6rasn7hxcng76q97pyqezbvdasas5kck4xjjjzt70jg74441d3yzwnpkrjxdvr115wbwry9brcwya94mctjyzspreq27tpp02vw4hpzrb54395v9ce5ekm8zm44yghpjaxg7r5rb5ph5g7fp1mkep4jtwkk5ed3ckncd54nasn2xx8vk%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCJfYPOwCKZZahOJz3mLAP59itmA6Q4YGEXLaoworwAsCNtwEQASAAYJWCgICoB4IBF2NhLXB1Yi00NzY2NjU2MDc1MzUyODI0yAEJqQIRY4ZOUXiyPqgDAcgDAqoEmgJP0PeFROxOycK6Lmg_9VNKzI37mkkFnPw5tkewQEqCTQB5-yOt_KniiqJUPQZQKHNkCw_xiMre7MYeDTVgTviyGvfhGj0GqeAWCJ5PhftflEDoaxIo4sK6wmUXsJb-HXxXSQw-ozGRHi-iE4MGgWg4BdZLsdAXvahCSA_EnUAL-LROdBSrU5pmNuev0Bq1NvnAtFTXX9Z1OirN_I_aNmAxYlmATtCXluw_SwLBr0_tfSnjyWxl5iZ5p-UU-7Cmtdw-NgaXHfjFtBk3PPPCQuQ6JSC6yx0DvIWfsbVUDqkmK0aWf7dYmTRZIwXZV3KE3DOABSdgB042HvDdqn6ZYobLvKCLcC6feZEf3FOlAvYnFNisvBc7670RbY2ABvnEndus88zewwGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYwdXI0M-rgwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3O8J_IwTbI3GueqlCiVCuHUfW8aQ%2526client%253Dca-pub-4766656075352824%2526adurl%253D&y=1&s=&z=0
Frame ID: 0B2FEAF2AC443280249781C2274AE1C9
Requests: 12 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=23576%2C19769%2C117569&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C2xqt6fRQfDrbSVHWHkt8txZPcWT7TEYcg%2CApEhYf9mueRQdhAHRH4tkt3D6c7T4T1Ec9&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2C4BxHEf1Ks2P6fGH9HdtzCmwPFZTpTjRHK%2CMYrCzfjQsGkwrSWHEHGtQCDkPF9T4T2gu3&c=160&d=600&e=&g=fd6a778f4513854fe340d159e26cabb6%2F3458388430406827594&i=20774%2C21630%2C29981&j=14%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1703542844976&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jhd3rxctb8rajr4zmw4ag16y2eymeyqhvgyhcc2jtnhpnc216901vyvh4sr3wrdjmr89s9bj2024nbk7jtfeemt1bz2k5t9y3mbnq25zczf42gv10c6ef6709mraby08hbkst6hyec3eemmnpnt8bkv14cgfkaxm4dw7z450j1pqh72bg1verg3pw87nzt3a808vjs76sfmeq44497vacyrg5ytn3qcx2csbgve847264hbvqb8nc0zyvzkvnz70n59cmrj8xc019k2angg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCiU42OwCKZZehOJz3mLAP59itmA6Q4YGEXLaoworwAsCNtwEQASAAYJWCgICoB4IBF2NhLXB1Yi00NzY2NjU2MDc1MzUyODI0yAEJqQIRY4ZOUXiyPqgDAcgDAqoEmgJP0FvycjXe_1kHWtTjnYzqJVCrL7kx4yJ1nz6rFPReUkBkYz2zeBkzLjJsWJZ5Alcq3gOhWHpRFnpBnjLbSUI_n6puaG8zbdqUwFdx6u5okiXjrpFKatyooi9ZzEBaPEYmBgxw8dAvoWl2uqmNPfDyXbswgNfDNe_qZOWW9jJbzDoNY7-FHLNAGjz3E2Zp9zB3b0u4GvxGZFQnuonsUdnL5cCs1oWGnKFuljvPUkUFSPD-qZKriQEcsJzTCOzTSutUGMadUJNSmM1qNC8N4TopYV4abgAc-u7QmqGj_R_DzkWQtg_TTLMBEbuTLJ8qAdjGxd5W7WV-kQ-Q9-8fh4tEgum0fr9r0GG5xQWrJvLy5Y80gHa4DklJhlSABujT1d-Jy93T1gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYwdXI0M-rgwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_15sxHpokwjHNY7Qy8d3lcCdRcVUA%2526client%253Dca-pub-4766656075352824%2526adurl%253D&y=1&s=&z=0
Frame ID: 463E0740270265384591655E5C0457E7
Requests: 11 HTTP requests in this frame

Frame: https://www.eprimo.de/postview?hp=8000001991&pvid=658a003db3766501af65afaf&gdpr=0&gdpr_consent=&gdpr_pd=0
Frame ID: 3C98771D7143E5761023C75D4536B6F6
Requests: 2 HTTP requests in this frame

Frame: https://www.facebook.com/v2.5/plugins/comments.php?app_id=417184695094507&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1b410b13a58d04%26domain%3Dwww.paranaturismo.com.br%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.paranaturismo.com.br%252Ff166352205174f8%26relation%3Dparent.parent&color_scheme=light&container_width=518&height=100&href=https%3A%2F%2Fwww.paranaturismo.com.br%2Flunardelli%2F&locale=pt_BR&numposts=5&sdk=joey&version=v2.5&width=
Frame ID: 79C41DCF70F8EF8677AAD61DC7C56DED
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D417184695094507%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df42de6531cf4b8%2526domain%253Dwww.paranaturismo.com.br%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.paranaturismo.com.br%25252Ff166352205174f8%2526relation%253Dparent.parent%26container_width%3D320%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fparanaturismo%26locale%3Dpt_BR%26sdk%3Djoey%26show_facepile%3Dtrue%26show_posts%3Dfalse%26small_header%3Dfalse%26width%3D318
Frame ID: 5DE75C34C5074E39C8E0763A567F6024
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 2758C7DAA041C8A3229E5E8E9FB935F5
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 80F1609BD156B16B662BFC2AEBFF2DD4
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

LUNARDELLI - Paraná TurismoParaná Turismo

Page URL History Show full URLs

http://lunardelli.com.br/ HTTP 301
https://www.paranaturismo.com.br/lunardelli HTTP 301
https://www.paranaturismo.com.br/lunardelli/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/pagead/show_ads\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Webgains (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

analytics\.webgains\.io

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

286
Requests

87 %
HTTPS

42 %
IPv6

52
Domains

65
Subdomains

43
IPs

10
Countries

2862 kB
Transfer

7848 kB
Size

71
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: http://www.ipardes.gov.br/index.php?pg_conteudo=1&cod_conteudo=1
Title: DADOS IPARDES

Search URL Search Domain Scan URL

URL: http://www.ibge.gov.br/cidadesat/link.php?uf=pr
Title: DADOS IBGE

Search URL Search Domain Scan URL

URL: https://www.facebook.com/groups/644739836112702
Title: CLICK PARANÁ

Search URL Search Domain Scan URL

URL: https://www.007web.com.br/
Title: WEB HOSTING

Search URL Search Domain Scan URL

URL: http://www.alcad.com.br/

Search URL Search Domain Scan URL

URL: https://www.matinhos.com/?p=168

Search URL Search Domain Scan URL

URL: https://www.morretes.com/?page_id=507

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://lunardelli.com.br/ HTTP 301
https://www.paranaturismo.com.br/lunardelli HTTP 301
https://www.paranaturismo.com.br/lunardelli/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 72

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEDEIhUyle3uIY_DJphHnkHU&google_cver=1&google_push=AXcoOmRX5JJcoMhj4FeMVd3sQK_dyhwXknYFFsWDKKGO7c_tJ1EC1ESmQUk53lfuTylkPv-geLS_XvFKDUc0p_k_txLLhND2c5X4Z0M HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEDEIhUyle3uIY_DJphHnkHU&google_push=AXcoOmRX5JJcoMhj4FeMVd3sQK_dyhwXknYFFsWDKKGO7c_tJ1EC1ESmQUk53lfuTylkPv-geLS_XvFKDUc0p_k_txLLhND2c5X4Z0M

Request Chain 73

https://um.simpli.fi/gp_match?google_gid=CAESEJpq8OuPAs81ATHCS5XIGvU&google_cver=1&google_push=AXcoOmR5PNQoNd0QWnaYCWfLTjdcn_5s5rhr8Qx53nX2fo612nYVSCDZp5WoUzMP6ZEk0mevPLO9l1h2kdxrUV18RGRIdPB3wrD-YAE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=01F855ECA5EA4A1297B4233D9DAB710C&google_push=AXcoOmR5PNQoNd0QWnaYCWfLTjdcn_5s5rhr8Qx53nX2fo612nYVSCDZp5WoUzMP6ZEk0mevPLO9l1h2kdxrUV18RGRIdPB3wrD-YAE

Request Chain 74

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEMbFOJboEi7t9_NnrdrMNpQ&google_cver=1&google_push=AXcoOmQvxiVIkeyMG0l6pkZA5OIfF24SEcK80SloyaphXOh-mA-e40gAeJVRBivX4OLtt5Iu16JyJtH1nP79UT12FNcesXy_88hGelY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMxNjY2MDgwMjMxODg5MTE1MQ%3D%3D&google_push=AXcoOmQvxiVIkeyMG0l6pkZA5OIfF24SEcK80SloyaphXOh-mA-e40gAeJVRBivX4OLtt5Iu16JyJtH1nP79UT12FNcesXy_88hGelY

Request Chain 75

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAXcoOmT7u2iKc20KqQL68rZ3i9xCo1iEUNSB05tRaMj4jOUYnV68GXM9TCR8Z5RTUaaocZrLpEkpagcAWLqboZd6v_ub-JDMacWu2Q&google_gid=CAESEN2jZr8g4QtYwyV402ezlSU&google_cver=1 HTTP 302
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAXcoOmT7u2iKc20KqQL68rZ3i9xCo1iEUNSB05tRaMj4jOUYnV68GXM9TCR8Z5RTUaaocZrLpEkpagcAWLqboZd6v_ub-JDMacWu2Q&google_gid=CAESEN2jZr8g4QtYwyV402ezlSU&google_cver=1&rd=Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMzEyMjUyMjIwNDQwMDAyOTk3NDExMzcyOQ%3D%3D&google_push=AXcoOmT7u2iKc20KqQL68rZ3i9xCo1iEUNSB05tRaMj4jOUYnV68GXM9TCR8Z5RTUaaocZrLpEkpagcAWLqboZd6v_ub-JDMacWu2Q

Request Chain 77

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEDwhiWMKTyeKd67pER3h1DI&google_cver=1&google_push=AXcoOmRRdZ4G9zzvQuC-G1JxS5uEMFZKD81zNdMfRiKWOzmykgfp7uPx_1bD6VcKB1ZAebx8tlJFmQJWR5PV3drWFSOmKzc7iy1TA_8 HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEDwhiWMKTyeKd67pER3h1DI&google_cver=1&google_push=AXcoOmRRdZ4G9zzvQuC-G1JxS5uEMFZKD81zNdMfRiKWOzmykgfp7uPx_1bD6VcKB1ZAebx8tlJFmQJWR5PV3drWFSOmKzc7iy1TA_8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzExODExNzMwMzM0MjgzMDU2NQ&google_push=AXcoOmRRdZ4G9zzvQuC-G1JxS5uEMFZKD81zNdMfRiKWOzmykgfp7uPx_1bD6VcKB1ZAebx8tlJFmQJWR5PV3drWFSOmKzc7iy1TA_8

Request Chain 78

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEOPaFFYwR0SFXl3o0GxWBUI&google_cver=1&google_push=AXcoOmSNXeLJ4rpN8Q5GBDN9OwRXDMPvd2F6FcKYlz9BfBLao2Xlodlg3RFjCVGa8jrly7NkWPepFA8ilMTa3eoS7elI4PmKJ2NifEc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmSNXeLJ4rpN8Q5GBDN9OwRXDMPvd2F6FcKYlz9BfBLao2Xlodlg3RFjCVGa8jrly7NkWPepFA8ilMTa3eoS7elI4PmKJ2NifEc HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 87

https://a.tribalfusion.com/i.match?p=b6&u=CAESECwzUb3F-Y4xo26KiymTnEI&google_cver=1&google_push=AXcoOmRXNzQFIOUQu9Ab2LbxfNYgpbaNUQTCuwkBV9tyBEwFOcat4s54auX7ExsX_1-xDOQrtuxVzSqgUVr6rg91fpoJTffXnxtO&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmRXNzQFIOUQu9Ab2LbxfNYgpbaNUQTCuwkBV9tyBEwFOcat4s54auX7ExsX_1-xDOQrtuxVzSqgUVr6rg91fpoJTffXnxtO%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESECwzUb3F-Y4xo26KiymTnEI&google_cver=1&google_push=AXcoOmRXNzQFIOUQu9Ab2LbxfNYgpbaNUQTCuwkBV9tyBEwFOcat4s54auX7ExsX_1-xDOQrtuxVzSqgUVr6rg91fpoJTffXnxtO&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmRXNzQFIOUQu9Ab2LbxfNYgpbaNUQTCuwkBV9tyBEwFOcat4s54auX7ExsX_1-xDOQrtuxVzSqgUVr6rg91fpoJTffXnxtO%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 88

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEJfRSbmEsqQt79jfPNkVANg&google_cver=1&google_push=AXcoOmQTWLdRaf6e-VXqspx8-qyuzuEfXcF7Igkp3fNT1uw0D8jL3IoFVTwil92-djjxk_WY-IwNqztrLpBgVMOA6jV6nOsCStVkFA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMxNjY2MDgwMjMxOTY3NzU4Mw%3D%3D&google_push=AXcoOmQTWLdRaf6e-VXqspx8-qyuzuEfXcF7Igkp3fNT1uw0D8jL3IoFVTwil92-djjxk_WY-IwNqztrLpBgVMOA6jV6nOsCStVkFA

Request Chain 90

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESENQwzrP3UmDf4dlMztywRoA&google_cver=1&google_push=AXcoOmSjR42XFW4pwnZv72TE3mHJ4JouNIjxEz8fuFwBmbDd4bE90ESyRkcgnlxlUeJJII9yq_Y7kx-1yKFqyZ3sJSeiweuU94Uh-w HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSjR42XFW4pwnZv72TE3mHJ4JouNIjxEz8fuFwBmbDd4bE90ESyRkcgnlxlUeJJII9yq_Y7kx-1yKFqyZ3sJSeiweuU94Uh-w&google_hm=eS1jUWFtVkQxRTJwSFE0UUt4dWxSUU1qTmdtbERpTWJrZX5B

Request Chain 91

https://d5p.de17a.com/cookies/google?google_gid=CAESEEhEOCQj0kxD5-OU3g9fgq0&google_cver=1&google_push=AXcoOmTxE2O-UbS2oLTqw56SYUglzdk5qGBl6aUmxpSi2TAN9kzPZkk4V9kLVw_shUQO1Av_Vh38MF17mX7By_bCB44slwGvlZpGrQ HTTP 302
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEEhEOCQj0kxD5-OU3g9fgq0&google_cver=1&google_push=AXcoOmTxE2O-UbS2oLTqw56SYUglzdk5qGBl6aUmxpSi2TAN9kzPZkk4V9kLVw_shUQO1Av_Vh38MF17mX7By_bCB44slwGvlZpGrQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmTxE2O-UbS2oLTqw56SYUglzdk5qGBl6aUmxpSi2TAN9kzPZkk4V9kLVw_shUQO1Av_Vh38MF17mX7By_bCB44slwGvlZpGrQ

Request Chain 92

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEOu3gkDeS58RQ7c3m12tBLg&google_cver=1&google_push=AXcoOmREG23S0ToF8KFnpufdSAiuvRZRxuDKaNRXRkaNg2KyvjmRU0FmB-VKZSyRsBJjnOLoLY3rAczR6ANIMtoquNWkXeugieUrSw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmREG23S0ToF8KFnpufdSAiuvRZRxuDKaNRXRkaNg2KyvjmRU0FmB-VKZSyRsBJjnOLoLY3rAczR6ANIMtoquNWkXeugieUrSw

Request Chain 117

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEA92xqtt1QsqzaG-2JmrVxk&google_cver=1&google_push=AXcoOmTlb3niHsFEgYTD2N5C_PIpOBvpfIjRv_4CQag131q97zf-VTDnTxZMWRXrAH7A3ifTb5WuTlOlsIRqwQ7BeFD-_qlI6yQUfTbZ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=OTEwOTIwODkyNzExNjc1MzM3Mw==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEBEM92jLhx9LsRT_OVRLGrA&google_cver=1

Request Chain 119

https://um.simpli.fi/gp_match?google_gid=CAESEI-IFE7xwwy0AZuscS-Ai4w&google_cver=1&google_push=AXcoOmRC_9A-wLWe0ukcDQRBKVPx_FWgeCn2ERWv97nbb62mVmxg284JAvBY2h3vkEkB3Y9UzQCBcGcST1s9deVzflahNKAb-Xt_cvHv HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=01F855ECA5EA4A1297B4233D9DAB710C&google_push=AXcoOmRC_9A-wLWe0ukcDQRBKVPx_FWgeCn2ERWv97nbb62mVmxg284JAvBY2h3vkEkB3Y9UzQCBcGcST1s9deVzflahNKAb-Xt_cvHv

Request Chain 120

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEMUk16-b0JK0dFmkgDjGWl4&google_cver=1&google_push=AXcoOmRtE_PJC-dfl7IRvXt0cytsr2S31p1SWN7Fw3mJs4ze0qj4QyL1N2lr5BiwmQHZX3f_9CzuG0r61q41BjcOl9cwndwyhOu4rIeL HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmRtE_PJC-dfl7IRvXt0cytsr2S31p1SWN7Fw3mJs4ze0qj4QyL1N2lr5BiwmQHZX3f_9CzuG0r61q41BjcOl9cwndwyhOu4rIeL&google_hm=lSqW5uHLSfOJZByO-w6buoM

Request Chain 121

https://ads.travelaudience.com/google_pixel?google_gid=CAESEJSfQpcePKbTsPQjZie7i9w&google_cver=1&google_push=AXcoOmTAuOJdMBO8VF0f5PX36KMk5fGCsdgYOX_knf72dbNNddbLd0muV4OACEVdthBeB2yfdwasKrVbuSB839K7iZcHfpsxFmEbjjKa HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=wDmCHZkYTTg9lMsQKcnesQ&google_push=AXcoOmTAuOJdMBO8VF0f5PX36KMk5fGCsdgYOX_knf72dbNNddbLd0muV4OACEVdthBeB2yfdwasKrVbuSB839K7iZcHfpsxFmEbjjKa

Request Chain 123

https://d5p.de17a.com/cookies/google?google_gid=CAESEO5Lubl8grd7YXVlngBBixI&google_cver=1&google_push=AXcoOmSyddhNS0ydzOM2quet0NT04vatLY387BGJFmjkYukqMo8JRa8Ucsp6l_AZW8g11Zw5uiZkLRdrX0OUoObTR0rohfwQUeDU4KPB HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmSyddhNS0ydzOM2quet0NT04vatLY387BGJFmjkYukqMo8JRa8Ucsp6l_AZW8g11Zw5uiZkLRdrX0OUoObTR0rohfwQUeDU4KPB

Request Chain 129

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEHjttGetb-wajNkBVF9k2CU&google_cver=1&google_push=AXcoOmQ2ZmW0rdFb1t4ra5xENGQ_0PF8ygjoxnrYtnh8M0gOi_wBUa3ug47v8hYKLYkhzSgnT4eEe2Xm1EnEdG3SiukiYd7ZY3Ft5x0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEHjttGetb-wajNkBVF9k2CU&google_push=AXcoOmQ2ZmW0rdFb1t4ra5xENGQ_0PF8ygjoxnrYtnh8M0gOi_wBUa3ug47v8hYKLYkhzSgnT4eEe2Xm1EnEdG3SiukiYd7ZY3Ft5x0

Request Chain 131

https://d.agkn.com/pixel/2175/?google_gid=CAESEMM1ynAdlxCPsqcG-6NyaBg&google_cver=1&google_push=AXcoOmQMBPRNABWslF6jBIcVWQxNS8ZU-0saoL4NUB08lOr47Iuf1YXgct7HRSakZK86F13YPpVOgbqCc9QJyHMz31q8qjdj40rVQoU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AXcoOmQMBPRNABWslF6jBIcVWQxNS8ZU-0saoL4NUB08lOr47Iuf1YXgct7HRSakZK86F13YPpVOgbqCc9QJyHMz31q8qjdj40rVQoU&google_hm=Q0FFU0VNTTF5bkFkbHhDUHNxY0ctNk55YUJn

Request Chain 133

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEG9LL4pxU9Odc_dUEzkt9Po&google_cver=1&google_push=AXcoOmTDwdF4pDyMZEJ_eouojZbcvdE91z4Tg82wK-GO4Xyz_ZXpQNcPTGLF9nBFquvf0zSdt01lsxUKIMncZLDUCB38YV4m7JjFPRc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMxNjY2MDgwMjMxOTY3NzU4Mw%3D%3D&google_push=AXcoOmTDwdF4pDyMZEJ_eouojZbcvdE91z4Tg82wK-GO4Xyz_ZXpQNcPTGLF9nBFquvf0zSdt01lsxUKIMncZLDUCB38YV4m7JjFPRc

Request Chain 134

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEPC2Ps6J8nHAgHJ3jh-h6ho&google_cver=1&google_push=AXcoOmRLBrz6Vlbbd6vl2spcnNsxy2r2UouIBfYkw_M4H9szsBCsSJL6CMdCEJ0iTFIcJh8f4cMvgNB66gIS2_d3OVRZI9L9JXIKokcF HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmRLBrz6Vlbbd6vl2spcnNsxy2r2UouIBfYkw_M4H9szsBCsSJL6CMdCEJ0iTFIcJh8f4cMvgNB66gIS2_d3OVRZI9L9JXIKokcF HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 165

https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneidRx3HgfQfZx7TkHwH3tQtdWgf9SzTYMAhB3zZoneid__suite_Netmix_Reach118_EXTRAPUSH&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.conrad.de/ztpv.php?awc=11354_412871_1703542844_d8adcf20-a373-11ee-b1a8-22396ad6a5ca&insert=AW&&gdpr=0&gdpr_consent=

Request Chain 180

https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%2F%2Fwww.awin1.com%2Fcawshow.php%3Fv=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneidGjMSBfpfXwx9UKHeHGtPt31dHZSYTJ78sQVeBoneid__suite_Netmix_Reach118_EXTRAPUSH&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_pre=CMXY9tDPq4MDFVgXVQgdjCYJAw;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%2F%2Fwww.awin1.com%2Fcawshow.php%3Fv=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneidGjMSBfpfXwx9UKHeHGtPt31dHZSYTJ78sQVeBoneid__suite_Netmix_Reach118_EXTRAPUSH&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneidGjMSBfpfXwx9UKHeHGtPt31dHZSYTJ78sQVeBoneid__suite_Netmix_Reach118_EXTRAPUSH&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1703542844_d8c41640-a373-11ee-bd07-2236e1f32b64

Request Chain 185

https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D120211V1226132702M%26subid%3DviewoneiddE7HEfkf8x8cEHjHwtEtbbrfeS4T59ATgVmMoneid__suite_Netmix_Reach118_EXTRAPUSH%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CKXa9tDPq4MDFTAnVQgdBXUCzw;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D120211V1226132702M%26subid%3DviewoneiddE7HEfkf8x8cEHjHwtEtbbrfeS4T59ATgVmMoneid__suite_Netmix_Reach118_EXTRAPUSH%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
https://www.telefonica-partner.de/tpv.php?t=120211V1226132702M&subid=viewoneiddE7HEfkf8x8cEHjHwtEtbbrfeS4T59ATgVmMoneid__suite_Netmix_Reach118_EXTRAPUSH&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.lead-alliance.net/tpv.php?t=120211V1226132702M&subid=viewoneiddE7HEfkf8x8cEHjHwtEtbbrfeS4T59ATgVmMoneid__suite_Netmix_Reach118_EXTRAPUSH&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=120211&s_id=2023122523204491637156139X120211V1226132702MSviewoneiddE7HEfkf8x8cEHjHwtEtbbrfeS4T59ATgVmMoneid__suite_Netmix_Reach118_EXTRAPUSH&gdpr_consent=&gdpr=0&cons=0&spid=2023122523204491637156139X120211V1226132702MSviewoneiddE7HEfkf8x8cEHjHwtEtbbrfeS4T59ATgVmMoneid__suite_Netmix_Reach118_EXTRAPUSH&wfid=120211&partnerid=12218

Request Chain 189

https://ad.doubleclick.net/ddm/trackimp/N773418.3163536BLAU_AFFILIATE/B25532621.345088000;dc_trk_aid=536454876;dc_trk_cid=177082088;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117663V1225131106M%26subid%3DviewoneidADYaYfqf2VJXsAHRH4tktMMGsRS4TRrAH3JMmoneid__suite_Netmix_Reach118_EXTRAPUSH%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N773418.3163536BLAU_AFFILIATE/B25532621.345088000;dc_pre=CPfc9tDPq4MDFS2c_QcdTcsCQA;dc_trk_aid=536454876;dc_trk_cid=177082088;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117663V1225131106M%26subid%3DviewoneidADYaYfqf2VJXsAHRH4tktMMGsRS4TRrAH3JMmoneid__suite_Netmix_Reach118_EXTRAPUSH%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
https://www.telefonica-partner.de/tpv.php?t=117663V1225131106M&subid=viewoneidADYaYfqf2VJXsAHRH4tktMMGsRS4TRrAH3JMmoneid__suite_Netmix_Reach118_EXTRAPUSH&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.lead-alliance.net/tpv.php?t=117663V1225131106M&subid=viewoneidADYaYfqf2VJXsAHRH4tktMMGsRS4TRrAH3JMmoneid__suite_Netmix_Reach118_EXTRAPUSH&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117663&s_id=2023122523204491637156141X117663V1225131106MSviewoneidADYaYfqf2VJXsAHRH4tktMMGsRS4TRrAH3JMmoneid__suite_Netmix_Reach118_EXTRAPUSH&gdpr_consent=&gdpr=0&cons=0

Request Chain 195

https://www.awin1.com/cshow.php?s=2527593&v=14063&q=365261&r=412871&pv=1&pref3=oneidRx3HgfQfGzwYCkHwH3tQt4dYF9SzTYMAhB3zZoneid__suite_Netmix_Reach118_EXTRAPUSH&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.guenther.de/htlp?awc=14063_412871_1703542844_d8b32650-a373-11ee-9488-2234841a3abe

Request Chain 214

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEBEM92jLhx9LsRT_OVRLGrA&google_cver=1&google_push=AXcoOmTbEHgcUBOq25Ui1a8Cb7uuMRFhKrsF1kqAGHCdF0lucm01JarADouVOO7grO-KWKoFXyB90wOAE6ZmKSrPs67z5VuBbFbB20BV HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=OTEwOTIwODkyNzExNjc1MzM3Mw==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEBEM92jLhx9LsRT_OVRLGrA&google_cver=1

Request Chain 215

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEN9PCHSOe1UMP1VyZzvj4qs&google_cver=1&google_push=AXcoOmRKuGvYO00hBhqBAsAxBl3GB8wAUe0_PWVKee_kiKT4Kb2IJqXoojyZYRBBt1iRKH2HAhDqsLaTNlBI8jKQI7z3bNx6ClK9pko HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEN9PCHSOe1UMP1VyZzvj4qs&google_cver=1&google_push=AXcoOmRKuGvYO00hBhqBAsAxBl3GB8wAUe0_PWVKee_kiKT4Kb2IJqXoojyZYRBBt1iRKH2HAhDqsLaTNlBI8jKQI7z3bNx6ClK9pko HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=S21iY25sOGQxUmhUanU1&google_gid=CAESEN9PCHSOe1UMP1VyZzvj4qs&google_cver=1&google_push=AXcoOmRKuGvYO00hBhqBAsAxBl3GB8wAUe0_PWVKee_kiKT4Kb2IJqXoojyZYRBBt1iRKH2HAhDqsLaTNlBI8jKQI7z3bNx6ClK9pko

Request Chain 216

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEFY_K31LKJrGIx_HEoJ2jIQ&google_cver=1&google_push=AXcoOmSQ2TeGjlJC9p1E2_Vn_OHlxhtZFp7QQekNs1x0g4uZ_Xry2WP7kPRQbpSHr4rmD4p52ZmFxo4xiZvfnclzcirKyMgndBSK5-X5 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WllvQVBBQUpxQUp4N0FCZA==&google_gid=CAESEFY_K31LKJrGIx_HEoJ2jIQ&google_cver=1&google_push=AXcoOmSQ2TeGjlJC9p1E2_Vn_OHlxhtZFp7QQekNs1x0g4uZ_Xry2WP7kPRQbpSHr4rmD4p52ZmFxo4xiZvfnclzcirKyMgndBSK5-X5

Request Chain 217

https://um.simpli.fi/gp_match?google_gid=CAESEBUpJaF_xmaV7v_vcLsoS7U&google_cver=1&google_push=AXcoOmQzeA4aS7EFHDMh1Ay1o2e38bAheCbp4U6Dn8L6KxOQcdxwrBB0-_KXyIe38RgL7J9D_7oQSDaRb8K76NfzpEvaPpWSmBPNF4o0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=01F855ECA5EA4A1297B4233D9DAB710C&google_push=AXcoOmQzeA4aS7EFHDMh1Ay1o2e38bAheCbp4U6Dn8L6KxOQcdxwrBB0-_KXyIe38RgL7J9D_7oQSDaRb8K76NfzpEvaPpWSmBPNF4o0

Request Chain 218

https://d.agkn.com/pixel/2175/?google_gid=CAESEEaBp_O4_c5JF6Jscn7iq0c&google_cver=1&google_push=AXcoOmSGRUSY6LRrruhZZ4vrDXDHXaKC1Rugz-yjbKQ55s22lNg2N-4j5-cE8wv1-G8W7AfPWhJcQgEXxYH8P93m2PD09cdY8RQdB0n1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AXcoOmSGRUSY6LRrruhZZ4vrDXDHXaKC1Rugz-yjbKQ55s22lNg2N-4j5-cE8wv1-G8W7AfPWhJcQgEXxYH8P93m2PD09cdY8RQdB0n1&google_hm=Q0FFU0VFYUJwX080X2M1SkY2SnNjbjdpcTBj

Request Chain 219

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEJHkwEHbclELEl1MTDeIhfg&google_cver=1&google_push=AXcoOmTMWpe09cEYkTUVESseNWjeivkPAfFP0wx0kQWDLg9SDmPu6pzKEt8_lc7Y9zc2LZRn5sT8dOcMhVJR_6F4lE_-rVxqG_4FHec HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzExODExNzMwMzM0MjgzMDU2NQ&google_push=AXcoOmTMWpe09cEYkTUVESseNWjeivkPAfFP0wx0kQWDLg9SDmPu6pzKEt8_lc7Y9zc2LZRn5sT8dOcMhVJR_6F4lE_-rVxqG_4FHec

Request Chain 220

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEHiiRiYvbqNQFvLaNSoQHQw&google_cver=1&google_push=AXcoOmTM6u5enFeGBcxaSDKrl86evUcIbA7hBIPoF9I13wmhtkX7XHROaxgcp2oxQ39UzoBr1IE-IxCOMR2W1UNz64vX90Lmg58T8nQc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmTM6u5enFeGBcxaSDKrl86evUcIbA7hBIPoF9I13wmhtkX7XHROaxgcp2oxQ39UzoBr1IE-IxCOMR2W1UNz64vX90Lmg58T8nQc HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 224

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEBEM92jLhx9LsRT_OVRLGrA&google_cver=1&google_push=AXcoOmTLzgstOjRgcJs4AWIU33JW5SFz68g1-gqTDvIIGfSDlCznFITRpT8a9_KwrCx1vTvR0JOT5PyUTUfyShV4ZwYWgiQQru31eQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=OTEwOTIwODkyNzExNjc1MzM3Mw==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEBEM92jLhx9LsRT_OVRLGrA&google_cver=1

Request Chain 225

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEFF-TY7mLcy5lJX-T5eJgaw&google_cver=1&google_push=AXcoOmT4qSRtMwf-f7hMoYLwE6XeOWOqOilRoto-6us6vyC9IV-2_jefjJqbQRdC4mJzPLAZoIsV-HVQ_AMowF6-wmIfRrl3zLMe9w HTTP 302
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AXcoOmT4qSRtMwf-f7hMoYLwE6XeOWOqOilRoto-6us6vyC9IV-2_jefjJqbQRdC4mJzPLAZoIsV-HVQ_AMowF6-wmIfRrl3zLMe9w&google_hm=mWC1TRrUovBb61Ah3Y6-dg

Request Chain 230

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEJHkwEHbclELEl1MTDeIhfg&google_cver=1&google_push=AXcoOmT5euFnfFtwd_-RCBaMQJ25YrHhOiisTpRQmm5_UynL2LjQDuYAHa5uf8UGTVyxQF-El0NSXm00DHuPMTVJS3CT5nixNv1ACw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzExODExNzMwMzM0MjgzMDU2NQ&google_push=AXcoOmT5euFnfFtwd_-RCBaMQJ25YrHhOiisTpRQmm5_UynL2LjQDuYAHa5uf8UGTVyxQF-El0NSXm00DHuPMTVJS3CT5nixNv1ACw

Request Chain 253

https://www.awin1.com/cshow.php?s=2524318&v=11420&q=392147&r=412871&pv=1&pref3=oneidZxqHwfBfMzDtmHDHDt3t6R4T6SXTQRBuY51poneid__suite_Netmix_Reach118_EXTRAPUSH&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://pvx.freenet-mobilfunk.de/?vp_nummer=41006061&subvpid=412871&eventid=11420_412871_1703542845_d8eecfc0-a373-11ee-bd07-2236e1f32b64

Request Chain 263

https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D120211V1226132702M%26subid%3DviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CPr_j9HPq4MDFS-cgwcdFJwHxw;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D120211V1226132702M%26subid%3DviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
https://www.telefonica-partner.de/tpv.php?t=120211V1226132702M&subid=viewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.lead-alliance.net/tpv.php?t=120211V1226132702M&subid=viewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=120211&s_id=2023122523204591637156207X120211V1226132702MSviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&cons=0&spid=2023122523204591637156207X120211V1226132702MSviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&wfid=120211&partnerid=12218

Request Chain 282

https://www.facebook.com/v2.5/plugins/page.php?adapt_container_width=true&app_id=417184695094507&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df42de6531cf4b8%26domain%3Dwww.paranaturismo.com.br%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.paranaturismo.com.br%252Ff166352205174f8%26relation%3Dparent.parent&container_width=320&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fparanaturismo&locale=pt_BR&sdk=joey&show_facepile=true&show_posts=false&small_header=false&width=318 HTTP 302
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D417184695094507%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df42de6531cf4b8%2526domain%253Dwww.paranaturismo.com.br%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.paranaturismo.com.br%25252Ff166352205174f8%2526relation%253Dparent.parent%26container_width%3D320%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fparanaturismo%26locale%3Dpt_BR%26sdk%3Djoey%26show_facepile%3Dtrue%26show_posts%3Dfalse%26small_header%3Dfalse%26width%3D318

286 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.paranaturismo.com.br/lunardelli/
Redirect Chain

http://lunardelli.com.br/
https://www.paranaturismo.com.br/lunardelli
https://www.paranaturismo.com.br/lunardelli/

107 KB
27 KB

551ms
551ms

Document
text/html

216.172.172.182
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.paranaturismo.com.br/lunardelli/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 216.172.172.182 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: srv150-ip03.prodns.com.br
Software: Apache /
Resource Hash: aed3473e577a706218a9c27127f5d4035ccbd089f3d43e9572fd0340b8e45d7f

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Mon, 25 Dec 2023 22:20:42 GMT
link: <https://www.paranaturismo.com.br/wp-json/>; rel="https://api.w.org/", <https://www.paranaturismo.com.br/wp-json/wp/v2/posts/655>; rel="alternate"; type="application/json", <https://www.paranaturismo.com.br/?p=655>; rel=shortlink
server: Apache
vary: Accept-Encoding

Redirect headers

content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 25 Dec 2023 22:20:42 GMT
location: https://www.paranaturismo.com.br/lunardelli/
server: Apache
x-redirect-by: WordPress

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 148 KB
51 KB 137ms
78ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.paranaturismo.com.br
URL: https://www.paranaturismo.com.br/lunardelli/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7daf290075a4fc5aea68556794046460d7fb7199a0cbd6294985e7ba9958aedf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paranaturismo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 22:20:43 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51608
x-xss-protection: 0
server: cafe
etag: 3093484097918736342
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Mon, 25 Dec 2023 22:20:43 GMT

GET
H2 200 style.css
www.paranaturismo.com.br/wp-content/themes/convine/ 39 KB
8 KB 146ms
143ms Stylesheet
text/css 216.172.172.182
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.paranaturismo.com.br/wp-content/themes/convine/style.css
Requested by: Host: www.paranaturismo.com.br
URL: https://www.paranaturismo.com.br/lunardelli/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 216.172.172.182 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: srv150-ip03.prodns.com.br
Software: Apache /
Resource Hash: 08b7d7697a3c3b2b66c759b425664fbd9560b82ab91d2efe0002f42e62c9cbcf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paranaturismo.com.br/lunardelli/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 22:20:43 GMT
content-encoding: gzip
last-modified: Sat, 15 Aug 2020 20:12:18 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 8279

GET
H2 200 dropmenu.css
www.paranaturismo.com.br/wp-content/themes/convine/css/ 3 KB
726 B 147ms
145ms Stylesheet
text/css 216.172.172.182
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.paranaturismo.com.br/wp-content/themes/convine/css/dropmenu.css
Requested by: Host: www.paranaturismo.com.br
URL: https://www.paranaturismo.com.br/lunardelli/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 216.172.172.182 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: srv150-ip03.prodns.com.br
Software: Apache /
Resource Hash: 525c8f2e357138e8023782262fede9e2b209c7617b47ea5f1e40ca04149e6dc3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paranaturismo.com.br/lunardelli/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 22:20:43 GMT
content-encoding: gzip
last-modified: Sat, 15 Aug 2020 20:11:22 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 671

GET
H2 200 comments.css
www.paranaturismo.com.br/wp-content/themes/convine/css/ 9 KB
2 KB 147ms
145ms Stylesheet
text/css 216.172.172.182
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.paranaturismo.com.br/wp-content/themes/convine/css/comments.css
Requested by: Host: www.paranaturismo.com.br
URL: https://www.paranaturismo.com.br/lunardelli/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 216.172.172.182 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: srv150-ip03.prodns.com.br
Software: Apache /
Resource Hash: 97a50c9b9fb154247d4c352962cc858d75f1fa11dedcf66d529a7d2e711fc7e5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paranaturismo.com.br/lunardelli/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 22:20:43 GMT
content-encoding: gzip
last-modified: Sat, 15 Aug 2020 20:11:22 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 2409

GET
H2 200 dropmenu.jquery.js Show response
www.paranaturismo.com.br/wp-content/themes/convine/js/ 53 KB
20 KB 289ms
286ms Script
application/javascript 216.172.172.182
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.paranaturismo.com.br/wp-content/themes/convine/js/dropmenu.jquery.js
Requested by: Host: www.paranaturismo.com.br
URL: https://www.paranaturismo.com.br/lunardelli/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 216.172.172.182 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: srv150-ip03.prodns.com.br
Software: Apache /
Resource Hash: 45c4007ca6faec5ddbf00e52addca2b95a4f3f416bd00ee25e812106a033ac13

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paranaturismo.com.br/lunardelli/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 22:20:43 GMT
content-encoding: gzip
last-modified: Sat, 15 Aug 2020 20:11:47 GMT
server: Apache
accept-ranges: bytes
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 dropmenu.js Show response
www.paranaturismo.com.br/wp-content/themes/convine/js/ 342 B
279 B 274ms
272ms Script
application/javascript 216.172.172.182
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.paranaturismo.com.br/wp-content/themes/convine/js/dropmenu.js
Requested by: Host: www.paranaturismo.com.br
URL: https://www.paranaturismo.com.br/lunardelli/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 216.172.172.182 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: srv150-ip03.prodns.com.br
Software: Apache /
Resource Hash: f95d8fd393736dd3b834bcf9029b54360978a72fc64c3508eb589fd9a9d5fbb3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paranaturismo.com.br/lunardelli/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 22:20:43 GMT
content-encoding: gzip
last-modified: Sat, 15 Aug 2020 20:11:48 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 208

GET
H2 200 style.min.css
www.paranaturismo.com.br/wp-includes/css/dist/block-library/ 107 KB
20 KB 277ms
275ms Stylesheet
text/css 216.172.172.182
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.paranaturismo.com.br/wp-includes/css/dist/block-library/style.min.css?ver=6.4.2
Requested by: Host: www.paranaturismo.com.br
URL: https://www.paranaturismo.com.br/lunardelli/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 216.172.172.182 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: srv150-ip03.prodns.com.br
Software: Apache /
Resource Hash: 698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paranaturismo.com.br/lunardelli/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 22:20:43 GMT
content-encoding: gzip
last-modified: Mon, 13 Nov 2023 03:14:14 GMT
server: Apache
accept-ranges: bytes
vary: Accept-Encoding
content-type: text/css

GET
H2 200 dashicons.min.css
www.paranaturismo.com.br/wp-includes/css/ 58 KB
35 KB 155ms
153ms Stylesheet
text/css 216.172.172.182
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.paranaturismo.com.br/wp-includes/css/dashicons.min.css?ver=6.4.2
Requested by: Host: www.paranaturismo.com.br
URL: https://www.paranaturismo.com.br/lunardelli/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 216.172.172.182 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: srv150-ip03.prodns.com.br
Software: Apache /
Resource Hash: c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paranaturismo.com.br/lunardelli/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 22:20:43 GMT
content-encoding: gzip
last-modified: Thu, 15 Apr 2021 06:00:08 GMT
server: Apache
accept-ranges: bytes
vary: Accept-Encoding
content-type: text/css

GET
H2 200 frontend.min.css
www.paranaturismo.com.br/wp-content/plugins/post-views-counter/css/ 217 B
213 B 148ms
146ms Stylesheet
text/css 216.172.172.182
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.paranaturismo.com.br/wp-content/plugins/post-views-counter/css/frontend.min.css?ver=1.4.3
Requested by: Host: www.paranaturismo.com.br
URL: https://www.paranaturismo.com.br/lunardelli/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 216.172.172.182 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: srv150-ip03.prodns.com.br
Software: Apache /
Resource Hash: cc2a604a1e6f73444e8db5d749a64c62899943e68ad07feeee39050b4fdb32cb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paranaturismo.com.br/lunardelli/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 22:20:43 GMT
content-encoding: gzip
last-modified: Tue, 21 Nov 2023 06:00:06 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 158

GET
H2 200 sbfp.css
www.paranaturismo.com.br/wp-content/plugins/statebuilt-facebook-page-like-popup/assets/ 1 KB
518 B 153ms
151ms Stylesheet
text/css 216.172.172.182
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.paranaturismo.com.br/wp-content/plugins/statebuilt-facebook-page-like-popup/assets/sbfp.css?ver=6.4.2
Requested by: Host: www.paranaturismo.com.br
URL: https://www.paranaturismo.com.br/lunardelli/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 216.172.172.182 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: srv150-ip03.prodns.com.br
Software: Apache /
Resource Hash: f4c282fcfe37bf397e4297f60cf042d9c9be096ae9f2a43912f0a5c1737b1f60

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paranaturismo.com.br/lunardelli/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 22:20:43 GMT
content-encoding: gzip
last-modified: Sat, 15 Aug 2020 19:39:53 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 463

GET
H2 200 jquery.fancybox.min.css
www.paranaturismo.com.br/wp-content/plugins/easy-fancybox/fancybox/1.5.4/ 5 KB
2 KB 275ms
273ms Stylesheet
text/css 216.172.172.182
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.paranaturismo.com.br/wp-content/plugins/easy-fancybox/fancybox/1.5.4/jquery.fancybox.min.css?ver=6.4.2
Requested by: Host: www.paranaturismo.com.br
URL: https://www.paranaturismo.com.br/lunardelli/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 216.172.172.182 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: srv150-ip03.prodns.com.br
Software: Apache /
Resource Hash: 4bce18de486fea257a1a5c9d5477070cec0ca1dff3438e5784161e8a8756da44

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paranaturismo.com.br/lunardelli/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 22:20:43 GMT
content-encoding: gzip
last-modified: Sun, 11 Dec 2022 06:00:06 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 1572

GET
H2 200 jquery.min.js Show response
www.paranaturismo.com.br/wp-includes/js/jquery/ 86 KB
37 KB 402ms
401ms Script
application/javascript 216.172.172.182
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.paranaturismo.com.br/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by: Host: www.paranaturismo.com.br
URL: https://www.paranaturismo.com.br/lunardelli/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 216.172.172.182 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: srv150-ip03.prodns.com.br
Software: Apache /
Resource Hash: cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paranaturismo.com.br/lunardelli/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 22:20:43 GMT
content-encoding: gzip
last-modified: Mon, 13 Nov 2023 03:14:14 GMT
server: Apache
accept-ranges: bytes
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 jquery-migrate.min.js Show response
www.paranaturismo.com.br/wp-includes/js/jquery/ 13 KB
5 KB 330ms
329ms Script
application/javascript 216.172.172.182
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.paranaturismo.com.br/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by: Host: www.paranaturismo.com.br
URL: https://www.paranaturismo.com.br/lunardelli/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 216.172.172.182 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: srv150-ip03.prodns.com.br
Software: Apache /
Resource Hash: 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paranaturismo.com.br/lunardelli/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 22:20:43 GMT
content-encoding: gzip
last-modified: Thu, 24 Aug 2023 16:56:39 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 5422

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 186 KB
68 KB 127ms
70ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-11373939-21

Requested by

Host: www.paranaturismo.com.br
URL: https://www.paranaturismo.com.br/lunardelli/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6975b673f98d3ced26d0eb3e2d78dfaa83261523848c30dbbb9f4c029e7711d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paranaturismo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 22:20:43 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 69024
x-xss-protection: 0
last-modified: Mon, 25 Dec 2023 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 25 Dec 2023 22:20:43 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 148 KB
50 KB 116ms
70ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4766656075352824&host=ca-host-pub-2644536267352236

Requested by

Host: www.paranaturismo.com.br
URL: https://www.paranaturismo.com.br/lunardelli/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4bf4306b975e62e5592688a77a20e6f3aca7093a1d2ee1fb98419364d4551a35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.paranaturismo.com.br/
Origin: https://www.paranaturismo.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 22:20:43 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51603
x-xss-protection: 0
server: cafe
etag: 10550978977245657559
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 25 Dec 2023 22:20:43 GMT

GET
H2 200 logo.jpg
www.paranaturismo.com.br/images/ 12 KB
12 KB 289ms
288ms Image
image/jpeg 216.172.172.182
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.paranaturismo.com.br/images/logo.jpg
Requested by: Host: www.paranaturismo.com.br
URL: https://www.paranaturismo.com.br/lunardelli/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 216.172.172.182 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: srv150-ip03.prodns.com.br
Software: Apache /
Resource Hash: bb796889b2c08693d1a283f7c208442a11644a46885f7da8267a5b5914c601aa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paranaturismo.com.br/lunardelli/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 22:20:43 GMT
last-modified: Sat, 15 Aug 2020 18:33:38 GMT
server: Apache
accept-ranges: bytes
content-length: 12071
content-type: image/jpeg

GET
H2 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ 25 KB
10 KB 118ms
61ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: www.paranaturismo.com.br
URL: https://www.paranaturismo.com.br/lunardelli/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c93dd298a227decbcbc5fcc458c787f081db10425e322950458c08e0656384d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paranaturismo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 22:20:43 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10277
x-xss-protection: 0
server: cafe
etag: 8188157995017847591
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 25 Dec 2023 22:20:43 GMT

GET
H2 200 anuncie.jpg
www.paranaturismo.com.br/images/ 9 KB
9 KB 165ms
165ms Image
image/jpeg 216.172.172.182
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.paranaturismo.com.br/images/anuncie.jpg
Requested by: Host: www.paranaturismo.com.br
URL: https://www.paranaturismo.com.br/lunardelli/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 216.172.172.182 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: srv150-ip03.prodns.com.br
Software: Apache /
Resource Hash: 36142ead6301ab7e0b84555d13b5790a88ddf55deb49c5d9b42456ed73ff3198

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paranaturismo.com.br/lunardelli/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 22:20:43 GMT
last-modified: Sat, 15 Aug 2020 18:33:27 GMT
server: Apache
accept-ranges: bytes
content-length: 9220
content-type: image/jpeg

GET
H2 200 lunardelli1-250x184.jpg
www.paranaturismo.com.br/wp-content/uploads/2012/06/ 16 KB
16 KB 138ms
135ms Image
image/jpeg 216.172.172.182
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.paranaturismo.com.br/wp-content/uploads/2012/06/lunardelli1-250x184.jpg
Requested by: Host: www.paranaturismo.com.br
URL: https://www.paranaturismo.com.br/lunardelli/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 216.172.172.182 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: srv150-ip03.prodns.com.br
Software: Apache /
Resource Hash: 53e990582c9b32e52918c72827d607ce206fc2873564aa365fdf94cd30272f59

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paranaturismo.com.br/lunardelli/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 22:20:43 GMT
last-modified: Sat, 15 Aug 2020 20:30:14 GMT
server: Apache
accept-ranges: bytes
content-length: 16338
content-type: image/jpeg

GET
H2 200 alcad.gif
www.paranaturismo.com.br/images/banners/ 41 KB
41 KB 140ms
138ms Image
image/gif 216.172.172.182
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.paranaturismo.com.br/images/banners/alcad.gif
Requested by: Host: www.paranaturismo.com.br
URL: https://www.paranaturismo.com.br/lunardelli/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 216.172.172.182 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: srv150-ip03.prodns.com.br
Software: Apache /
Resource Hash: 2eff7c710864ad360870c7a95e0636df7ce87018cc51dffadf6474d5ebf05677

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paranaturismo.com.br/lunardelli/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 22:20:43 GMT
last-modified: Sat, 15 Aug 2020 18:33:03 GMT
server: Apache
accept-ranges: bytes
content-length: 42045
content-type: image/gif

GET
H2 200 labarca.gif
www.paranaturismo.com.br/images/banners/ 22 KB
22 KB 138ms
136ms Image
image/gif 216.172.172.182
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.paranaturismo.com.br/images/banners/labarca.gif
Requested by: Host: www.paranaturismo.com.br
URL: https://www.paranaturismo.com.br/lunardelli/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 216.172.172.182 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: srv150-ip03.prodns.com.br
Software: Apache /
Resource Hash: 1031785b9e539d353b96ec9020e9c3d9512b824aa3765340655dc61d6cc5ca1b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paranaturismo.com.br/lunardelli/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 22:20:43 GMT
last-modified: Sat, 15 Aug 2020 18:33:10 GMT
server: Apache
accept-ranges: bytes
content-length: 22577
content-type: image/gif

GET
H2 200 an_boa_viagem.jpg
www.morretes.com/images/ 8 KB
8 KB 1053ms
133ms Image
image/jpeg 216.172.172.182
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.morretes.com/images/an_boa_viagem.jpg
Requested by: Host: www.paranaturismo.com.br
URL: https://www.paranaturismo.com.br/lunardelli/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 216.172.172.182 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: srv150-ip03.prodns.com.br
Software: Apache /
Resource Hash: 04c69cf48f9e2462887a37b89e42a680920e9ce0ab40567f48456011bdeea090

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paranaturismo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 22:20:44 GMT
last-modified: Wed, 21 Sep 2016 17:56:20 GMT
server: Apache
accept-ranges: bytes
content-length: 7937
content-type: image/jpeg

GET
H2 200 logo.gif
www.paranaturismo.com.br/images/ 10 KB
10 KB 141ms
139ms Image
image/gif 216.172.172.182
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.paranaturismo.com.br/images/logo.gif
Requested by: Host: www.paranaturismo.com.br
URL: https://www.paranaturismo.com.br/lunardelli/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 216.172.172.182 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: srv150-ip03.prodns.com.br
Software: Apache /
Resource Hash: a20d59029cf9c302bc7fc23dc3408ce96663b5bac00e8268cd674cf570daac1a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paranaturismo.com.br/lunardelli/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 22:20:43 GMT
last-modified: Sat, 15 Aug 2020 18:33:37 GMT
server: Apache
accept-ranges: bytes
content-length: 9985
content-type: image/gif

GET
H2 200 popup-close-light.png
www.paranaturismo.com.br/wp-content/plugins/statebuilt-facebook-page-like-popup/assets/images/ 3 KB
3 KB 141ms
139ms Image
image/png 216.172.172.182
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.paranaturismo.com.br/wp-content/plugins/statebuilt-facebook-page-like-popup/assets/images/popup-close-light.png
Requested by: Host: www.paranaturismo.com.br
URL: https://www.paranaturismo.com.br/lunardelli/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 216.172.172.182 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: srv150-ip03.prodns.com.br
Software: Apache /
Resource Hash: 6ee9c205bf2ed52c669542e70759c40f4561ac954cc57744c8affb001c926731

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paranaturismo.com.br/lunardelli/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 22:20:43 GMT
last-modified: Sat, 15 Aug 2020 19:39:49 GMT
server: Apache
accept-ranges: bytes
content-length: 3035
content-type: image/png

GET
H2 200 comment-reply.min.js Show response
www.paranaturismo.com.br/wp-includes/js/ 3 KB
1 KB 144ms
142ms Script
application/javascript 216.172.172.182
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.paranaturismo.com.br/wp-includes/js/comment-reply.min.js?ver=6.4.2
Requested by: Host: www.paranaturismo.com.br
URL: https://www.paranaturismo.com.br/lunardelli/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 216.172.172.182 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: srv150-ip03.prodns.com.br
Software: Apache /
Resource Hash: e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paranaturismo.com.br/lunardelli/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 22:20:43 GMT
content-encoding: gzip
last-modified: Mon, 18 Jul 2022 18:07:52 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 1477

GET
H2 200 sbfp-script.js Show response
www.paranaturismo.com.br/wp-content/plugins/statebuilt-facebook-page-like-popup/assets/ 3 KB
1 KB 140ms
139ms Script
application/javascript 216.172.172.182
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.paranaturismo.com.br/wp-content/plugins/statebuilt-facebook-page-like-popup/assets/sbfp-script.js?ver=1.8.1
Requested by: Host: www.paranaturismo.com.br
URL: https://www.paranaturismo.com.br/lunardelli/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 216.172.172.182 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: srv150-ip03.prodns.com.br
Software: Apache /
Resource Hash: 8a8378ab2cb9d5bce538edb753fdc25e811425a8041a3367e0fa4058a1e9f0d1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paranaturismo.com.br/lunardelli/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 22:20:43 GMT
content-encoding: gzip
last-modified: Sat, 15 Aug 2020 19:39:52 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 1175

GET
H2 200 jquery.fancybox.min.js Show response
www.paranaturismo.com.br/wp-content/plugins/easy-fancybox/fancybox/1.5.4/ 17 KB
7 KB 140ms
139ms Script
application/javascript 216.172.172.182
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.paranaturismo.com.br/wp-content/plugins/easy-fancybox/fancybox/1.5.4/jquery.fancybox.min.js?ver=6.4.2
Requested by: Host: www.paranaturismo.com.br
URL: https://www.paranaturismo.com.br/lunardelli/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 216.172.172.182 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: srv150-ip03.prodns.com.br
Software: Apache /
Resource Hash: 22bce8b282803549082d9ea32d67eb65850337da175c8d3311fedc72e743dcd5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paranaturismo.com.br/lunardelli/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 22:20:43 GMT
content-encoding: gzip
last-modified: Sun, 11 Dec 2022 06:00:06 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 7158

GET
H2 200 jquery.easing.min.js Show response
www.paranaturismo.com.br/wp-content/plugins/easy-fancybox/vendor/ 2 KB
800 B 151ms
146ms Script
application/javascript 216.172.172.182
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.paranaturismo.com.br/wp-content/plugins/easy-fancybox/vendor/jquery.easing.min.js?ver=1.4.1
Requested by: Host: www.paranaturismo.com.br
URL: https://www.paranaturismo.com.br/lunardelli/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 216.172.172.182 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: srv150-ip03.prodns.com.br
Software: Apache /
Resource Hash: 0ec98adf593ebcc01bec60b1f494dacd47522abfef9038a714101d83f45e165d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paranaturismo.com.br/lunardelli/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 22:20:43 GMT
content-encoding: gzip
last-modified: Sun, 11 Dec 2022 06:00:06 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 768

GET
H2 200 jquery.mousewheel.min.js Show response
www.paranaturismo.com.br/wp-content/plugins/easy-fancybox/vendor/ 3 KB
1 KB 143ms
139ms Script
application/javascript 216.172.172.182
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.paranaturismo.com.br/wp-content/plugins/easy-fancybox/vendor/jquery.mousewheel.min.js?ver=3.1.13
Requested by: Host: www.paranaturismo.com.br
URL: https://www.paranaturismo.com.br/lunardelli/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 216.172.172.182 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: srv150-ip03.prodns.com.br
Software: Apache /
Resource Hash: dd9bfe5f04d4e393463f42b4f503763c36693306dffef16d481e0c071b61ae64

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paranaturismo.com.br/lunardelli/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 22:20:43 GMT
content-encoding: gzip
last-modified: Sun, 11 Dec 2022 06:00:06 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 1188

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 113 KB
44 KB 92ms
37ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WQ25SXLS

Requested by

Host: www.paranaturismo.com.br
URL: https://www.paranaturismo.com.br/lunardelli/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5b86805f831122ecf6aae626f086d66104be22391e87e6e945604f47eb7043c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paranaturismo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 22:20:43 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44467
x-xss-protection: 0
last-modified: Mon, 25 Dec 2023 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 25 Dec 2023 22:20:43 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/ 399 KB
135 KB 90ms
88ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4766656075352824&plah=www.paranaturismo.com.br

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0f0034f1986c4db855d26a0851eb857ad97416a2c2935055e78408ea8c77942f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paranaturismo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 22:20:43 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137966
x-xss-protection: 0
server: cafe
etag: 9940825020291122001
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 25 Dec 2023 22:20:43 GMT

GET
H2 200 bg.gif
www.paranaturismo.com.br/wp-content/themes/convine/images/ 59 B
119 B 205ms
205ms Image
image/gif 216.172.172.182
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.paranaturismo.com.br/wp-content/themes/convine/images/bg.gif
Requested by: Host: www.paranaturismo.com.br
URL: https://www.paranaturismo.com.br/wp-content/themes/convine/style.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 216.172.172.182 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: srv150-ip03.prodns.com.br
Software: Apache /
Resource Hash: 0a9eac4776689033af8f397069686c5e7b47408e5ad55a7a8192db21b2334464

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paranaturismo.com.br/wp-content/themes/convine/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 22:20:43 GMT
last-modified: Sat, 15 Aug 2020 20:11:27 GMT
server: Apache
accept-ranges: bytes
content-length: 59
content-type: image/gif

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/ Frame 53CD 9 KB
4 KB 85ms
25ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.paranaturismo.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 30665
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4130
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 25 Dec 2023 13:49:38 GMT
etag: 5585625838579639069
expires: Mon, 08 Jan 2024 13:49:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
BLOB 200
OK a91fcc29-2ff9-47ee-bec6-d604f9321b0c
https://www.paranaturismo.com.br/ 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.paranaturismo.com.br/a91fcc29-2ff9-47ee-bec6-d604f9321b0c
Requested by: Host: www.paranaturismo.com.br
URL: https://www.paranaturismo.com.br/lunardelli/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length: 1245
Content-Type: text/javascript

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 75ms
21ms Script
text/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: www.paranaturismo.com.br
URL: https://www.paranaturismo.com.br/lunardelli/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paranaturismo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 25 Dec 2023 21:49:56 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 1847
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17168
expires: Mon, 25 Dec 2023 23:49:56 GMT

GET
DATA 200
OK truncated
/ 31 KB
31 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bc9c387b513b4d43675910f780fa03e92b9a4b58432b402a8f0a801a0d5ae855

Request headers

Referer
Origin: https://www.paranaturismo.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: application/x-font-woff;charset=utf-8

GET
H2 200 likebox.php Show response
www.facebook.com/plugins/ Frame C50F 39 KB
14 KB 241ms
195ms Document
text/html 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com/paranaturismo&width=180&height=220&colorscheme=light&show_faces=true&border_color&stream=false&header=true

Requested by

Host: www.paranaturismo.com.br
URL: https://www.paranaturismo.com.br/lunardelli/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

818622d24a92ba8d417ef1b1ff7af8bdbbea713e8e087a82b3c54bfbc0b9ec5a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.paranaturismo.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Mon, 25 Dec 2023 22:20:43 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
origin-agent-cluster: ?0
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=()
permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), encrypted-media=(), fullscreen=(), keyboard-map=()
pragma: no-cache
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
reporting-endpoints: default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: T2lKPc+ImMut2s5z6L6/9re5S2qjuhgUESj6+STgkJsZ/+5z/3z1OIk+pdUmbiBgAONIAX5b05oyJ0Je165mNA==
x-xss-protection: 0

GET
H2 200 sdk.js Show response
connect.facebook.net/pt_BR/ 3 KB
3 KB 69ms
23ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/pt_BR/sdk.js

Requested by

Host: www.paranaturismo.com.br
URL: https://www.paranaturismo.com.br/lunardelli/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

38a15739f5075b8a11cd1833eed10a792e9e3fa591fce28baf61dcc3b1261b58

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paranaturismo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 25 Dec 2023 22:20:43 GMT
content-md5: 1uqVUlg5aXXVOmj0gULhew==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1687
reporting-endpoints
x-fb-debug: z65iNPNAAXKUVAYYgUzorONU+PgCfIC3XdsuZ3pw6YkJv7t7AIT7ALb5k4Ey4gh4Obbjkw3pr5r+PGshuy/LyQ==
x-fb-content-md5: bf3e2795c2b95fe601ed319d65ae7294
cross-origin-opener-policy: same-origin-allow-popups
etag: "3990ad2cfa66d0bbfd012bc4d10bb8c1"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Mon, 25 Dec 2023 22:25:22 GMT

GET
H2 200 __utm.gif
ssl.google-analytics.com/r/ 35 B
197 B 31ms
30ms Image
image/gif 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=217861893&utmhn=www.paranaturismo.com.br&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=LUNARDELLI%20-%20Paran%C3%A1%20TurismoParan%C3%A1%20Turismo&utmhid=1826749835&utmr=-&utmp=%2Flunardelli%2F&utmht=1703542843513&utmac=UA-11373939-21&utmcc=__utma%3D261471116.369014989.1703542844.1703542844.1703542844.1%3B%2B__utmz%3D261471116.1703542844.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1651354416&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~

Requested by

Host: www.paranaturismo.com.br
URL: https://www.paranaturismo.com.br/lunardelli/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paranaturismo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Dec 2023 22:20:43 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/pt_BR/ 302 KB
86 KB 47ms
23ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/pt_BR/sdk.js?hash=e8e4966a035ed8e9158c41c5a11f61b3

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/pt_BR/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3a0fdff812f488e7a2c2e972b196a4170796865ce4cd68417036556d354e71fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.paranaturismo.com.br/
Origin: https://www.paranaturismo.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 25 Dec 2023 22:20:43 GMT
content-md5: WUvGa91lxtPw67UGMP2cTw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 88364
reporting-endpoints
x-fb-debug: IoDtETIWQBmgh19HzMDeeefW3xjQwo2E+EqtXvv/MNj0k7FL9JV56G6718bTfmbcB6UGlcPRYm7PwD2EJgj3yg==
x-fb-content-md5: 70ae58be69c0f3ed7c498772428a17c1
cross-origin-opener-policy: same-origin-allow-popups
etag: "6bee13be46045f492da29db86792a34f"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Tue, 24 Dec 2024 20:57:38 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 186 KB
68 KB 41ms
38ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-11373939-21&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WQ25SXLS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

901889c458f2dd6323427db8a8e78a01707febfadc4ccd89a4b56babeb32e076

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paranaturismo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 22:20:43 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 69068
x-xss-protection: 0
last-modified: Mon, 25 Dec 2023 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 25 Dec 2023 22:20:43 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 194 KB
71 KB 46ms
43ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-4766656075352824&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WQ25SXLS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2b0c682ed62c86aec4d2d53dbd2dbd83112583ea5a8a6c9f2b1540c79c413301

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paranaturismo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 22:20:43 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 72524
x-xss-protection: 0
last-modified: Mon, 25 Dec 2023 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 25 Dec 2023 22:20:43 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 228 KB
80 KB 64ms
62ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=GT-MK4N3H4&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WQ25SXLS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1e704498fafbc8f5692e0f15cc6272b931af4cdd714b7d4128cd1b1fa3cb08ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paranaturismo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 22:20:43 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 82062
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 25 Dec 2023 22:20:43 GMT

GET
H2 200 wp-emoji-release.min.js Show response
www.paranaturismo.com.br/wp-includes/js/ 18 KB
5 KB 137ms
135ms Script
application/javascript 216.172.172.182
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.paranaturismo.com.br/wp-includes/js/wp-emoji-release.min.js?ver=6.4.2
Requested by: Host: www.paranaturismo.com.br
URL: https://www.paranaturismo.com.br/lunardelli/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 216.172.172.182 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: srv150-ip03.prodns.com.br
Software: Apache /
Resource Hash: 4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paranaturismo.com.br/lunardelli/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 22:20:43 GMT
content-encoding: gzip
last-modified: Sun, 21 May 2023 00:47:01 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 5344

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 228 KB
80 KB 46ms
46ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-02GZQNG8YR&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-11373939-21

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9bd1da0ecd127172512f7f9f400bdc4d2f9d4a0a1a1cc9f75504800dabe8af69

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paranaturismo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 22:20:43 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 82103
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 25 Dec 2023 22:20:43 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 323ms
23ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-11373939-21

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paranaturismo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 25 Dec 2023 21:22:25 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 3498
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Mon, 25 Dec 2023 23:22:25 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame CFF0 150 KB
26 KB 632ms
632ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4766656075352824&output=html&adk=1812271804&adf=3025194257&lmt=1703542843&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=236x1080_l%7C236x1080_r&format=0x0&url=https%3A%2F%2Fwww.paranaturismo.com.br%2Flunardelli%2F&ea=0&host=ca-host-pub-2644536267352236&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703542843201&bpp=222&bdt=198&idt=411&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6547080010031&frm=20&pv=2&ga_vid=369014989.1703542844&ga_sid=1703542844&ga_hid=1826749835&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C95320239%2C31080103%2C44795921%2C95320868%2C95320884&oid=2&pvsid=3275849631077340&tmod=184500927&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=427

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4766656075352824&plah=www.paranaturismo.com.br

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bd84945ae46421dae7c54e1dc8e9a92afcacfdb98d4b52ebf61af33cc7d08117

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.paranaturismo.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 26654
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 25 Dec 2023 22:20:44 GMT
expires: Mon, 25 Dec 2023 22:20:44 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 766B 39 KB
16 KB 324ms
323ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4766656075352824&output=html&h=90&slotname=1117840744&adk=1721480579&adf=767381939&pi=t.ma~as.1117840744&w=728&lmt=1703542843&url=https%3A%2F%2Fwww.paranaturismo.com.br%2Flunardelli%2F&ea=0&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703542843424&bpp=2&bdt=422&idt=207&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&abxe=1&prev_fmts=0x0&nras=1&correlator=6547080010031&frm=20&pv=1&ga_vid=369014989.1703542844&ga_sid=1703542844&ga_hid=1826749835&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=612&ady=42&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C95320239%2C31080103%2C44795921%2C95320868%2C95320884&oid=2&pvsid=3275849631077340&tmod=184500927&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=210

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f0af772600a5770df9757387880838651b0e4c0eea2143b9590755e220afe6ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.paranaturismo.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 16369
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 25 Dec 2023 22:20:44 GMT
expires: Mon, 25 Dec 2023 22:20:44 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 2BAB 48 KB
17 KB 197ms
196ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4766656075352824&output=html&h=60&slotname=7656980933&adk=2977947412&adf=295265960&pi=t.ma~as.7656980933&w=468&lmt=1703542843&url=https%3A%2F%2Fwww.paranaturismo.com.br%2Flunardelli%2F&ea=0&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703542843426&bpp=3&bdt=423&idt=212&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&abxe=1&prev_fmts=0x0&prev_slotnames=1117840744&nras=1&correlator=6547080010031&frm=20&pv=1&ga_vid=369014989.1703542844&ga_sid=1703542844&ga_hid=1826749835&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=297&ady=380&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C95320239%2C31080103%2C44795921%2C95320868%2C95320884&oid=2&pvsid=3275849631077340&tmod=184500927&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=214

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8a886ce41e35ae9e520e5eb4b8ffa5e9d5c9ca293b55b752a0abeb501d358ae1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.paranaturismo.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 17512
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 25 Dec 2023 22:20:44 GMT
expires: Mon, 25 Dec 2023 22:20:44 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 2C58 48 KB
17 KB 345ms
345ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4766656075352824&output=html&h=600&slotname=1019247609&adk=1564824845&adf=2530054453&pi=t.ma~as.1019247609&w=300&lmt=1703542843&format=300x600&url=https%3A%2F%2Fwww.paranaturismo.com.br%2Flunardelli%2F&ea=0&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703542843438&bpp=2&bdt=436&idt=212&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&prev_slotnames=1117840744%2C7656980933&nras=1&correlator=6547080010031&frm=20&pv=1&ga_vid=369014989.1703542844&ga_sid=1703542844&ga_hid=1826749835&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=821&ady=476&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C95320239%2C31080103%2C44795921%2C95320868%2C95320884&oid=2&pvsid=3275849631077340&tmod=184500927&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=214

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0cc8e6e560302f24effeb93af3eecbbd3c742d79f19c2040385019af6181766

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.paranaturismo.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 17488
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 25 Dec 2023 22:20:44 GMT
expires: Mon, 25 Dec 2023 22:20:44 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/4766656075352824/ 3 KB
2 KB 62ms
61ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/4766656075352824/?random=1703542843659&cv=11&fst=1703542843659&bg=ffffff&guid=ON&async=1&gtm=45be3bt0&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.paranaturismo.com.br%2Flunardelli%2F&hn=www.googleadservices.com&frm=0&tiba=LUNARDELLI%20-%20Paran%C3%A1%20TurismoParan%C3%A1%20Turismo&did=dZTNiMT&gdid=dZTNiMT&auid=824607880.1703542844&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-4766656075352824&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c39408b9255f4c4be57cb6d822e7994c2fae31b8e1a1a6e9dabb48f8dd3cc1c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paranaturismo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Dec 2023 22:20:43 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1284
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D999 48 KB
17 KB 154ms
154ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4766656075352824&output=html&h=600&slotname=6929445609&adk=997224295&adf=2345113435&pi=t.ma~as.6929445609&w=160&lmt=1703542843&format=160x600&url=https%3A%2F%2Fwww.paranaturismo.com.br%2Flunardelli%2F&ea=0&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703542843442&bpp=6&bdt=440&idt=223&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600&prev_slotnames=1117840744%2C7656980933&nras=1&correlator=6547080010031&frm=20&pv=1&ga_vid=369014989.1703542844&ga_sid=1703542844&ga_hid=1826749835&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1143&ady=1053&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C95320239%2C31080103%2C44795921%2C95320868%2C95320884&oid=2&pvsid=3275849631077340&tmod=184500927&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&fsb=1&dtd=225

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4271e6705e547783386a69793d5786ef8fc1eb66b30d161e0dfd256e0c3e6d27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.paranaturismo.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 17659
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 25 Dec 2023 22:20:44 GMT
expires: Mon, 25 Dec 2023 22:20:44 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
region1.google-analytics.com/g/ 0
260 B 240ms
30ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-02GZQNG8YR&gtm=45Pe3bt0v9135313325&_p=1703542843016&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=369014989.1703542844&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1703542843&sct=1&seg=0&dl=https%3A%2F%2Fwww.paranaturismo.com.br%2Flunardelli%2F&dt=LUNARDELLI%20-%20Paran%C3%A1%20TurismoParan%C3%A1%20Turismo&en=page_view&_fv=1&_ss=1&tfd=3724
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=GT-MK4N3H4&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paranaturismo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Dec 2023 22:20:43 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.paranaturismo.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 GSwcapvLrEq.css
static.xx.fbcdn.net/rsrc.php/v3/yx/l/0,cross/ Frame C50F 20 KB
6 KB 70ms
22ms Stylesheet
text/css 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yx/l/0,cross/GSwcapvLrEq.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com/paranaturismo&width=180&height=220&colorscheme=light&show_faces=true&border_color&stream=false&header=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

13e64e2153618f475e94e0e85fa68c9ce910cfc9b24ca9d44fa546a7d2020a24

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
date: Mon, 25 Dec 2023 22:20:43 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: xXCq6/qryia0kWXvm23HIA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 5237
reporting-endpoints
x-fb-debug: JUDsVWDePycwoWveuQE9gg8vrQs/nyJMutPycndi0F+sSLr0W1enYOnjwgCFjldOw2y7wywk/l0URC1RQ9uXag==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Wed, 18 Dec 2024 13:45:11 GMT

GET
H2 200 iZpNYL8JfUb.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yt/r/ Frame C50F 355 KB
92 KB 70ms
23ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yt/r/iZpNYL8JfUb.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ca15ac1540010cea7015b4e4ec35c33cd999430f4bd5221b94e66d319456b2b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
date: Mon, 25 Dec 2023 22:20:43 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: xsO4Q3RmuC1PPAMeNJW+pw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 93994
reporting-endpoints
x-fb-debug: uD+St5BSBmQTrYb0G+YOzEiaVI97v7rXPmT0lmDiYyPvSB1K+tNiPRnjNjWEwhniluHiHo38haNAvkdtm6hRqw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Fri, 20 Dec 2024 01:03:45 GMT

GET
H2 200 teTZ2tZqwkq.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yr/r/ Frame C50F 7 KB
2 KB 134ms
87ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yr/r/teTZ2tZqwkq.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5bcb3ba5be62072a5be691a6cb4625b83ab20458f7543e78575c665ce64743c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
date: Mon, 25 Dec 2023 22:20:43 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: qO1vcfOdsbovoV9UmybnhA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 2250
reporting-endpoints
x-fb-debug: gPcPgw1fz9zlOd7EXyNFcZHgCJdSmDb9V+HX4rb7bRAg10unIIuXFtzsrSU5PUwpc2YO/968jGIbWVdF+QLlnA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Mon, 23 Dec 2024 16:37:40 GMT

GET
H2 200 414NUtwuGAO.js Show response
static.xx.fbcdn.net/rsrc.php/v3/ym/r/ Frame C50F 94 KB
27 KB 72ms
25ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/ym/r/414NUtwuGAO.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b7a8490d7353f4d29b7a7c0e0da1a610d1067d0bfdbb8d88df5764651b9d25fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
date: Mon, 25 Dec 2023 22:20:43 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: hmfTcKzH8YSfKfUldK7oUw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27400
reporting-endpoints
x-fb-debug: +6/S2tMHA3+5ok7G8q6t2558aCrxYMKnXbNCXrIBY3W7SrVe2wZf55g66xpH227TrN2D/XJB3nFF7cf8OP+G9w==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Mon, 23 Dec 2024 16:37:40 GMT

GET
H2 200 t_SlUrtqj3p.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yu/r/ Frame C50F 52 KB
17 KB 135ms
88ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yu/r/t_SlUrtqj3p.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

369570af203fe832b39be7ff64f94f07b6c97c928b733a9b9e6c8bcf1a98652c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
date: Mon, 25 Dec 2023 22:20:43 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: bjNrzrx9as9CpDFfF+BSww==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 16795
reporting-endpoints
x-fb-debug: mhETVYqfjc47xGxHDjwoMnZI2GiNPCV3I4FPt++cUNEOKejkSmsYeOK/ukmECJs3VfAIWhkFS4YhVYg1elZVeA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Mon, 23 Dec 2024 16:37:40 GMT

GET
H2 200 y1wKntgIB6R.js Show response
static.xx.fbcdn.net/rsrc.php/v3iAxA4/yi/l/de_DE/ Frame C50F 70 KB
20 KB 134ms
88ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iAxA4/yi/l/de_DE/y1wKntgIB6R.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

1511fef487a5a04cf2a5c0440b5b47b0d3453f99d93b3663f226e5d254a2c0ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
date: Mon, 25 Dec 2023 22:20:43 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: CHSJUBcbrKevEs4bKO5USQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 20119
reporting-endpoints
x-fb-debug: NxYTwEcCVQK+2ffputcSvSpFW4hyIDCOPFPzxbQ9Xb4X3WUdJPwIuR5iPaaBHBNJO1cCDorgTNvLEzDM5mSO/A==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Wed, 18 Dec 2024 22:57:02 GMT

GET
H2 200 p55HfXW__mM.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yF/r/ Frame C50F 507 B
729 B 135ms
88ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yF/r/p55HfXW__mM.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9e57fedb96b3686621bccd5521f43a2037a823c74f062176952890b179b3955b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
date: Mon, 25 Dec 2023 22:20:43 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: L5E9gSgR735vyjAzTFly4g==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 293
reporting-endpoints
x-fb-debug: 54kOmNtPvXlAtO/OGPlsJJnbK8LcHbsZ8r7lH8Rd20xOgfghHHVTX2/Hl7abD8GZbQzJaoH9y/16M2fy+4pJ0g==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Tue, 17 Dec 2024 07:36:55 GMT

GET
H2 200 339441574_953505479164978_6188595083337775755_n.jpg
scontent.xx.fbcdn.net/v/t39.30808-6/ Frame C50F 7 KB
7 KB 72ms
24ms Image
image/jpeg 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent.xx.fbcdn.net/v/t39.30808-6/339441574_953505479164978_6188595083337775755_n.jpg?stp=dst-jpg_p130x130&_nc_cat=106&ccb=1-7&_nc_sid=081abc&_nc_ohc=vrBk4uQ_8PsAX9mIOp1&_nc_ht=scontent.xx&edm=AEDRbFQEAAAA&oh=00_AfBb9Y-_TjFXcSGbBPKaXLPD4urDeZzvosIKkvag-9YXvg&oe=658DF9EE
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com/paranaturismo&width=180&height=220&colorscheme=light&show_faces=true&border_color&stream=false&header=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: fdeda5139b578ff42ce7ab3bff380649bea7d1c92bc949871c74b6bbe1ed5a52

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 22:20:43 GMT
x-storage-error-category: dfs:none;sc_p:200:WSE_NOT_SET
last-modified: Wed, 05 Apr 2023 00:53:23 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=4243513893
thrift_fmhk: GBCrJke/zRPYaJ7ka6YOFDZTFfDr4Z0EAA==
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 585928122
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 6714

GET
H2 200 304838649_742046273877929_6542157487721935499_n.png
scontent.xx.fbcdn.net/v/t39.30808-1/ Frame C50F 3 KB
4 KB 25ms
24ms Image
image/png 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent.xx.fbcdn.net/v/t39.30808-1/304838649_742046273877929_6542157487721935499_n.png?stp=c8.0.50.50a_cp0_dst-png_p50x50&_nc_cat=111&ccb=1-7&_nc_sid=4da83f&_nc_ohc=5NHqzmVnYCoAX9mB5b9&_nc_ht=scontent.xx&edm=AEDRbFQEAAAA&oh=00_AfCAm34AjHGuVxySdD9zZ2Xvi0jtm12dSTYuU6nBFT0R_w&oe=658F9963
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com/paranaturismo&width=180&height=220&colorscheme=light&show_faces=true&border_color&stream=false&header=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: f870c3856088f9f9668dca6d09dab0de15c03f7f63d8370130f13a773668c556

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 22:20:44 GMT
x-storage-error-category: dfs:none;sc_p:200:WSE_NOT_SET
last-modified: Thu, 01 Sep 2022 21:36:46 GMT
content-type: image/png
access-control-allow-origin: *
content-digest: adler32=1961224103
thrift_fmhk: GBCi/gaBkFtOHgWKvBOnv4OYFfDr4Z0EAA==
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 384140436
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 3582

GET
H2 200 /
www.google.com/pagead/1p-user-list/4766656075352824/ 42 B
455 B 91ms
35ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/4766656075352824/?random=1703542843659&cv=11&fst=1703541600000&bg=ffffff&guid=ON&async=1&gtm=45be3bt0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.paranaturismo.com.br%2Flunardelli%2F&frm=0&tiba=LUNARDELLI%20-%20Paran%C3%A1%20TurismoParan%C3%A1%20Turismo&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_r1r3_uEfjeA5Pb53VhgTqQkwznc3zg&random=3428123636&rmt_tld=0&ipr=y

Requested by

Host: www.paranaturismo.com.br
URL: https://www.paranaturismo.com.br/lunardelli/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paranaturismo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Dec 2023 22:20:44 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/4766656075352824/ 42 B
455 B 86ms
34ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/4766656075352824/?random=1703542843659&cv=11&fst=1703541600000&bg=ffffff&guid=ON&async=1&gtm=45be3bt0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.paranaturismo.com.br%2Flunardelli%2F&frm=0&tiba=LUNARDELLI%20-%20Paran%C3%A1%20TurismoParan%C3%A1%20Turismo&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_r1r3_uEfjeA5Pb53VhgTqQkwznc3zg&random=3428123636&rmt_tld=1&ipr=y

Requested by

Host: www.paranaturismo.com.br
URL: https://www.paranaturismo.com.br/lunardelli/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paranaturismo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Dec 2023 22:20:43 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
212 B 29ms
28ms XHR
text/plain 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&aip=1&a=1826749835&t=pageview&_s=1&dl=https%3A%2F%2Fwww.paranaturismo.com.br%2Flunardelli%2F&ul=en-us&de=UTF-8&dt=LUNARDELLI%20-%20Paran%C3%A1%20TurismoParan%C3%A1%20Turismo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_utma=261471116.369014989.1703542844.1703542844.1703542844.1&_utmz=261471116.1703542844.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)&_utmht=1703542843937&_u=YCDCCUABBAAAACAAI~&jid=767462256&gjid=1681864529&cid=369014989.1703542844&tid=UA-11373939-21&_gid=1709108765.1703542844&_r=1&gtm=457e3bt0&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&did=dZTNiMT&gdid=dZTNiMT&jsscut=1&z=767928883

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.paranaturismo.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 25 Dec 2023 22:20:43 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.paranaturismo.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dr Show response
as.ad4m.at/ad/ Frame 250A 2 KB
3 KB 101ms
45ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1hw3vrmg7y3h907x06syq4mwyfedv69f6q29wwdep3ssy6wpckwcb2exmbatkx9bxe51k5nf3v7d7xxpvewctzck76xdfv7ad59j0mc58zpdqhv0q48qpkpdawrd8mzq6saghhhc0rdj6kj33qhp8859scdbd6hv2pr4bt3mfk7n8mam213kghjxsrdt10537qn23f1q3hw6j4p3qfxq6smyq146tf8cxgwd6mkn4b8t052q3bmhnt3ngf66837er1yn7e13x4tmzv8vtt2h0dp7qbw7qyv678v7bt8tend0afbpkp2jy27st601kq3f0aq8r5ad80g6hkbdqgtzjzp047sjx4kj5pajyr4gfzhrh5n26vqtfjqkkyqfa3vdekdq3wwtjmjqt9f1adgj12wwrp6tpzmnkx65gyg32j7h41ehvq2bzqhg6dhdxkb0zvpk9q8pjr&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCi7XcOwCKZcX7N6jJmLAPjdea2AeQ4YGEXLaoworwAsCNtwEQASAAYJWipIKwB4IBF2NhLXB1Yi00NzY2NjU2MDc1MzUyODI0yAEJqQIRY4ZOUXiyPqgDAcgDAqoEoAJP0NcqJtg55nB97JQdWA9hOfZx658I9BM70u2wKuatPeCCl73oqHIJb06E8gPpkN78w_jwiJCk6TbTFuxURvadFFk735Y2Wk8ry37wu_gpweFbfdBKj-lJ-tIIO4v0OTu9mPDxbvjTi2Y9xfZNZ91EzZsMWYOuzzUbVnoVIUWOzB7Kj_vTOYmYjm8iIy2SN5ZE8lZJ0ZOLnhW94Avz7-O-S4JAcrsJsnmcofKH-CkGLwNCfgt78QsqaBx7sERWmeAsR7aRqkTj87b5tuUm6WkwqB3B41GcZ0SU9dVxwxmN76BUUw1KjlemuLbvQA8hYhLg0vVocKaWOWpXA2gAdauO-Z4iKFGjfb57ZL6YKal3NH9r_i6di2F3Ur7hak8L7IqABunliPTnivbzeaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOljCzsjQz6uDA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1x-587HaxUC_6pOl6qHjyOystF2w%26client%3Dca-pub-4766656075352824%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4766656075352824&output=html&h=600&slotname=6929445609&adk=997224295&adf=2345113435&pi=t.ma~as.6929445609&w=160&lmt=1703542843&format=160x600&url=https%3A%2F%2Fwww.paranaturismo.com.br%2Flunardelli%2F&ea=0&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703542843442&bpp=6&bdt=440&idt=223&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600&prev_slotnames=1117840744%2C7656980933&nras=1&correlator=6547080010031&frm=20&pv=1&ga_vid=369014989.1703542844&ga_sid=1703542844&ga_hid=1826749835&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1143&ady=1053&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C95320239%2C31080103%2C44795921%2C95320868%2C95320884&oid=2&pvsid=3275849631077340&tmod=184500927&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&fsb=1&dtd=225

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5da802c2567b1b6fcf1090c4c9a4d2c98a286dd5d920d66d8c9d613f5b2e1273

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src ;connect-src https:;default-src 'self';font-src ;form-action 'none';frame-src ;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src 'unsafe-inline'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 83b47917cf802c53-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Mon, 25 Dec 2023 22:20:44 GMT
expires: 0
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy: accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame D1B9 3 KB
1 KB 83ms
30ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 20:41:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5925
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 08 Jan 2024 20:41:59 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 17B1 1 KB
643 B 22ms
21ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 6050
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 25 Dec 2023 20:39:54 GMT
etag: 48472445140208031
expires: Tue, 26 Dec 2023 20:39:54 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame D1B9 20 KB
9 KB 76ms
24ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 01:54:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73585
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 08 Jan 2024 01:54:19 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame D1B9 0
0 31ms
30ms Image
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQdKth31jSmRcYfPEfjjiTWk0HpWbLYtud3oVmx0xjKve43_zfJthtVpDSREXl3ePFG4UV-sN-P5NCrKxa3VIm5HV_Z9w
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4766656075352824&output=html&h=600&slotname=6929445609&adk=997224295&adf=2345113435&pi=t.ma~as.6929445609&w=160&lmt=1703542843&format=160x600&url=https%3A%2F%2Fwww.paranaturismo.com.br%2Flunardelli%2F&ea=0&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703542843442&bpp=6&bdt=440&idt=223&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600&prev_slotnames=1117840744%2C7656980933&nras=1&correlator=6547080010031&frm=20&pv=1&ga_vid=369014989.1703542844&ga_sid=1703542844&ga_hid=1826749835&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1143&ady=1053&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C95320239%2C31080103%2C44795921%2C95320868%2C95320884&oid=2&pvsid=3275849631077340&tmod=184500927&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&fsb=1&dtd=225
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame D1B9 203 KB
65 KB 87ms
35ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 22:20:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65731
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 25 Dec 2023 22:20:44 GMT

GET
H3 200 UXtr_j2Fwe-.png
static.xx.fbcdn.net/rsrc.php/v3/yw/r/ Frame C50F 573 B
712 B 51ms
25ms Image
image/png 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yw/r/UXtr_j2Fwe-.png

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yx/l/0,cross/GSwcapvLrEq.css?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

96e3e8dfde6b1042514824bac1b44282d4a76bac028f2d767f6534dce2cf3db0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.xx.fbcdn.net/rsrc.php/v3/yx/l/0,cross/GSwcapvLrEq.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date: Mon, 25 Dec 2023 22:20:44 GMT
x-content-type-options: nosniff
content-md5: 07aG/2AEtDHVAZ5LUajMDQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 573
reporting-endpoints
x-fb-debug: x5e4cdNt7n4VqPnUfVRUVCwLgJrGur0Dhv1mghgjq4tcXr7RVrbZyQO4e26w5sLzuyoCQ2Vd/LAEWGbcpGoeZQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
x-fb-optimizer: 0
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=1,i
expires: Wed, 11 Dec 2024 00:49:54 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 17B1
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEDEIhUyle3uIY_DJphHnkHU&google_push=AXcoOmRX5JJcoMhj4FeMVd3sQK_dyhwXknYFFsWDKKGO7c_tJ1EC1ESmQU...

170 B
188 B

34ms
34ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEDEIhUyle3uIY_DJphHnkHU&google_push=AXcoOmRX5JJcoMhj4FeMVd3sQK_dyhwXknYFFsWDKKGO7c_tJ1EC1ESmQUk53lfuTylkPv-geLS_XvFKDUc0p_k_txLLhND2c5X4Z0M

Requested by

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Dec 2023 22:20:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-cph2320056-CPH
pragma: no-cache
date: Mon, 25 Dec 2023 22:20:44 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1703542844.236745,VS0,VE95
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEDEIhUyle3uIY_DJphHnkHU&google_push=AXcoOmRX5JJcoMhj4FeMVd3sQK_dyhwXknYFFsWDKKGO7c_tJ1EC1ESmQUk53lfuTylkPv-geLS_XvFKDUc0p_k_txLLhND2c5X4Z0M
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 17B1
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEJpq8OuPAs81ATHCS5XIGvU&google_cver=1&google_push=AXcoOmR5PNQoNd0QWnaYCWfLTjdcn_5s5rhr8Qx53nX2fo612nYVSCDZp5WoUzMP6ZEk0mevPLO9l1h2kdxrUV18RGRIdPB3wrD-YAE
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=01F855ECA5EA4A1297B4233D9DAB710C&google_push=AXcoOmR5PNQoNd0QWnaYCWfLTjdcn_5s5rhr8Qx53nX2fo612nYVSCDZp5WoUzMP6ZEk0mevPLO9l1h2kdxrUV1...

170 B
232 B

34ms
33ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=01F855ECA5EA4A1297B4233D9DAB710C&google_push=AXcoOmR5PNQoNd0QWnaYCWfLTjdcn_5s5rhr8Qx53nX2fo612nYVSCDZp5WoUzMP6ZEk0mevPLO9l1h2kdxrUV18RGRIdPB3wrD-YAE

Requested by

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Dec 2023 22:20:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 25 Dec 2023 22:20:44 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=01F855ECA5EA4A1297B4233D9DAB710C&google_push=AXcoOmR5PNQoNd0QWnaYCWfLTjdcn_5s5rhr8Qx53nX2fo612nYVSCDZp5WoUzMP6ZEk0mevPLO9l1h2kdxrUV18RGRIdPB3wrD-YAE
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Sun, 24 Dec 2023 22:20:44 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 17B1
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEMbFOJboEi7t9_NnrdrMNpQ&google_cver=1&google_push=AXcoOmQvxiVIkeyMG0l6pkZA5OIfF24SEcK80SloyaphXOh-mA-e40gAeJVRBivX4OLtt5Iu16JyJtH1nP79UT...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMxNjY2MDgwMjMxODg5MTE1MQ%3D%3D&google_push=AXcoOmQvxiVIkeyMG0l6pkZA5OIfF24SEcK80SloyaphXOh-mA-e40gAeJVRBivX4OLtt5Iu16JyJtH1nP79UT12FN...

170 B
329 B

32ms
31ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMxNjY2MDgwMjMxODg5MTE1MQ%3D%3D&google_push=AXcoOmQvxiVIkeyMG0l6pkZA5OIfF24SEcK80SloyaphXOh-mA-e40gAeJVRBivX4OLtt5Iu16JyJtH1nP79UT12FNcesXy_88hGelY

Requested by

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Dec 2023 22:20:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMxNjY2MDgwMjMxODg5MTE1MQ%3D%3D&google_push=AXcoOmQvxiVIkeyMG0l6pkZA5OIfF24SEcK80SloyaphXOh-mA-e40gAeJVRBivX4OLtt5Iu16JyJtH1nP79UT12FNcesXy_88hGelY
Date: Mon, 25 Dec 2023 22:20:44 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 17B1
Redirect Chain

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAXcoOmT7u2iK...
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAXcoOmT7u2iK...
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMzEyMjUyMjIwNDQwMDAyOTk3NDExMzcyOQ%3D%3D&google_push=AXcoOmT7u2iKc20KqQL68rZ3i9xCo1iEUNSB05tRaMj4jOUYnV68GXM9TCR8Z5RTUaaocZ...

170 B
188 B

35ms
35ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMzEyMjUyMjIwNDQwMDAyOTk3NDExMzcyOQ%3D%3D&google_push=AXcoOmT7u2iKc20KqQL68rZ3i9xCo1iEUNSB05tRaMj4jOUYnV68GXM9TCR8Z5RTUaaocZrLpEkpagcAWLqboZd6v_ub-JDMacWu2Q

Requested by

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Dec 2023 22:20:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMzEyMjUyMjIwNDQwMDAyOTk3NDExMzcyOQ%3D%3D&google_push=AXcoOmT7u2iKc20KqQL68rZ3i9xCo1iEUNSB05tRaMj4jOUYnV68GXM9TCR8Z5RTUaaocZrLpEkpagcAWLqboZd6v_ub-JDMacWu2Q
pragma: no-cache
date: Mon, 25 Dec 2023 22:20:44 GMT
cache-control: max-age=0, no-cache, no-store
strict-transport-security: max-age=2628000
content-length: 0
expires: Mon, 25 Dec 2023 22:20:44 GMT

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame 17B1 43 B
363 B 99ms
29ms Image
image/gif 178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmQ3GawqkKtbdp9-L-MLsOvJN-qQvO18l9UfIh82fQCYteVIUfpwGjCW1od6my_DLzfRz1_lOOaya_DXdEoRcyZBUUoq0UtO1g&google_gid=CAESEA6MRr75bbF4pEG7LTJK8xI&google_cver=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Dec 2023 22:20:43 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 263725
expires: Mon, 25 Dec 2023 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 17B1
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEDwhiWMKTyeKd67pER3h1DI&google_cver=1&google_push=AXcoOmRRdZ4G9zzvQuC-G1JxS5uEMFZKD81zNdMfRiKWOzmykgfp7uPx_1bD6VcKB1ZAebx8tlJFmQJW...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEDwhiWMKTyeKd67pER3h1DI&google_cver=1&google_push=AXcoOmRRdZ4G9zzvQuC-G1JxS5uEMFZKD81zNdMfRiKWOzmykgfp7uPx_1bD6VcKB1ZAebx8tlJ...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzExODExNzMwMzM0MjgzMDU2NQ&google_push=AXcoOmRRdZ4G9zzvQuC-G1JxS5uEMFZKD81zNdMfRiKWOzmykgfp7uPx_1bD6VcKB1ZAebx8tlJFmQ...

170 B
232 B

32ms
32ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzExODExNzMwMzM0MjgzMDU2NQ&google_push=AXcoOmRRdZ4G9zzvQuC-G1JxS5uEMFZKD81zNdMfRiKWOzmykgfp7uPx_1bD6VcKB1ZAebx8tlJFmQJWR5PV3drWFSOmKzc7iy1TA_8

Requested by

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Dec 2023 22:20:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 25 Dec 2023 22:20:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzExODExNzMwMzM0MjgzMDU2NQ&google_push=AXcoOmRRdZ4G9zzvQuC-G1JxS5uEMFZKD81zNdMfRiKWOzmykgfp7uPx_1bD6VcKB1ZAebx8tlJFmQJWR5PV3drWFSOmKzc7iy1TA_8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2

200

report
sync.teads.tv/um/ Frame 17B1
Redirect Chain

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEOPaFFYwR0SF...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmSNXeLJ4rpN8Q5GBDN9OwRXDMPvd2F6FcKYlz9BfBLao2Xlodlg3RFjCVGa8jrly7NkWPepFA8ilMTa3eoS7elI4PmKJ2NifEc
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
163 B

53ms
53ms

Image
image/gif

2.19.245.101
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4766656075352824&output=html&h=600&slotname=6929445609&adk=997224295&adf=2345113435&pi=t.ma~as.6929445609&w=160&lmt=1703542843&format=160x600&url=https%3A%2F%2Fwww.paranaturismo.com.br%2Flunardelli%2F&ea=0&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703542843442&bpp=6&bdt=440&idt=223&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600&prev_slotnames=1117840744%2C7656980933&nras=1&correlator=6547080010031&frm=20&pv=1&ga_vid=369014989.1703542844&ga_sid=1703542844&ga_hid=1826749835&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1143&ady=1053&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C95320239%2C31080103%2C44795921%2C95320868%2C95320884&oid=2&pvsid=3275849631077340&tmod=184500927&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&fsb=1&dtd=225
Protocol: H2
Server: 2.19.245.101 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-245-101.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Mon, 25 Dec 2023 22:20:44 GMT
pragma: no-cache
date: Mon, 25 Dec 2023 22:20:44 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Mon, 25 Dec 2023 22:20:44 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 17B1 0
139 B 95ms
30ms Image
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JBStE0R75sX_i9jjb9raa7eEz3t0Bm4n1vrObwqCFXbVfa10uQoGZA-gIEKnn4ch2ZyLSAzQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 22:20:44 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 dr Show response
as.ad4m.at/ad/ Frame 18E1 2 KB
1 KB 58ms
51ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1kpdr3t7he17zy2tx283nd7kak1mkqfw4g7brwkzpzhry3vt7derkk418148cc4131fjrzzhtqg6sb9zj8rr8mq70d69mhsf2a8gvpnk1pvkq4cbp6t2ty330w6sw4p69vchqh3zjd36yexjaq3k4tf2nj0sp1n7zvcdv5na2f22jr30eeddkb4cw0ca065cmzce2jv0rh56hr575n4paa0cfpg7dkn17vz5621d3jr06xnf7bw4b1s4sbvxq4662ek7r8371ydf9txjgwxxfggkn4t5e5b4jzb3fr6trd0t572wv7q2xaymp36gpgq8mtnwgpsywe3mfx029kcerg35cmp5gd25ryc1dda7kbt98hvvkhx56pnk7kwwk5et8x5zs5xnda7gctjd3x9pj9va1t16e6m5yvh9vx7sht875g36c183jaytcqgbhsb0601312bf&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCkS20OwCKZYf7N9KI1wazjJq4AZDhgYRctqjCivACwI23ARABIABglaKkgrAHggEXY2EtcHViLTQ3NjY2NTYwNzUzNTI4MjTIAQmpAhFjhk5ReLI-qAMByAMCqgSZAk_Qc9zH2_Sz2GxxBDvhfUg5fnk2Q-IAdKxkGIR8ALGhKIfbcyr29s_2Rj5og1fDlZRepQNAjTSyZsIXKEqEX6SMuSfWqrK8z3KqRKdU4xadGQYzrmVNYv_jfW7jdsIEzHc-F_ZaeYxz9TLQ5DmXtatNOkguFdMVUhWvKF-_ODpnz3JD7ZDyJh7pNmlnLJ1FvFxap384kbk6OxYdfCJCRpB_DX8Hn_6eptLoozWo3oK_pfmeI9LOvTMLiG95FcuqZQlq7KIWVfAiRHI1yQKiiDkRl8BnfHCbEtSLiIoOeGsU8oQWC8GtyNByA2XNRH8LE-26QJC2l8mNH0XMLRtXUTcttcoaEZSxKxn0eFsADUHnNXLZkSWe30J1gAbF76qXrOryphygBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYl8rI0M-rgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1952ya8fZ910P_mJoyi5pP1WtiJQ%26client%3Dca-pub-4766656075352824%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4766656075352824&output=html&h=60&slotname=7656980933&adk=2977947412&adf=295265960&pi=t.ma~as.7656980933&w=468&lmt=1703542843&url=https%3A%2F%2Fwww.paranaturismo.com.br%2Flunardelli%2F&ea=0&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703542843426&bpp=3&bdt=423&idt=212&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&abxe=1&prev_fmts=0x0&prev_slotnames=1117840744&nras=1&correlator=6547080010031&frm=20&pv=1&ga_vid=369014989.1703542844&ga_sid=1703542844&ga_hid=1826749835&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=297&ady=380&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C95320239%2C31080103%2C44795921%2C95320868%2C95320884&oid=2&pvsid=3275849631077340&tmod=184500927&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=214

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d6caec999115371173469acb87b2ab1e2ac3648a637d0d1be0e3d0ff160d7ada

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src ;connect-src https:;default-src 'self';font-src ;form-action 'none';frame-src ;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src 'unsafe-inline'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 83b47917cf822c53-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Mon, 25 Dec 2023 22:20:44 GMT
expires: 0
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy: accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame E23A 3 KB
1 KB 36ms
31ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 20:41:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5925
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 08 Jan 2024 20:41:59 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame D9FD 1 KB
643 B 23ms
23ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 6050
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 25 Dec 2023 20:39:54 GMT
etag: 48472445140208031
expires: Tue, 26 Dec 2023 20:39:54 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame E23A 20 KB
8 KB 31ms
26ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 01:54:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73585
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 08 Jan 2024 01:54:19 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame E23A 0
0 33ms
32ms Image
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTqqEI_pQy0BgSst6sx4i76Px5UjWmffu1MEuydYQTFdb2Y-E72tzuw_ACiM21e6GDtSAX6Bx6qwp_jgEK5TgRMnw-tEw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4766656075352824&output=html&h=60&slotname=7656980933&adk=2977947412&adf=295265960&pi=t.ma~as.7656980933&w=468&lmt=1703542843&url=https%3A%2F%2Fwww.paranaturismo.com.br%2Flunardelli%2F&ea=0&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703542843426&bpp=3&bdt=423&idt=212&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&abxe=1&prev_fmts=0x0&prev_slotnames=1117840744&nras=1&correlator=6547080010031&frm=20&pv=1&ga_vid=369014989.1703542844&ga_sid=1703542844&ga_hid=1826749835&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=297&ady=380&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C95320239%2C31080103%2C44795921%2C95320868%2C95320884&oid=2&pvsid=3275849631077340&tmod=184500927&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=214
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame E23A 203 KB
64 KB 79ms
74ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 22:20:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65731
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 25 Dec 2023 22:20:44 GMT

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame D9FD 0
104 B 255ms
114ms Image
text/plain 2a02:fa8:8806:16::1400
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEJJSn7SrM_QvpfbpmHyqQmc&google_cver=1&google_push=AXcoOmS4MB0gz9dXXKEKjuM5olcdixLT9IFRoelCKgE8vJGZHjpkiGQDvPLtykZ7n8BLsudfFP1xvyNvM4G5oM3mZJCZVmO_8BqVQQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4766656075352824&output=html&h=60&slotname=7656980933&adk=2977947412&adf=295265960&pi=t.ma~as.7656980933&w=468&lmt=1703542843&url=https%3A%2F%2Fwww.paranaturismo.com.br%2Flunardelli%2F&ea=0&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703542843426&bpp=3&bdt=423&idt=212&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&abxe=1&prev_fmts=0x0&prev_slotnames=1117840744&nras=1&correlator=6547080010031&frm=20&pv=1&ga_vid=369014989.1703542844&ga_sid=1703542844&ga_hid=1826749835&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=297&ady=380&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C95320239%2C31080103%2C44795921%2C95320868%2C95320884&oid=2&pvsid=3275849631077340&tmod=184500927&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=214
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:16::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Dec 2023 22:20:44 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame D9FD
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESECwzUb3F-Y4xo26KiymTnEI&google_cver=1&google_push=AXcoOmRXNzQFIOUQu9Ab2LbxfNYgpbaNUQTCuwkBV9tyBEwFOcat4s54auX7ExsX_1-xDOQrtuxVzSqgUVr6rg91fpoJTffXnxtO&...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESECwzUb3F-Y4xo26KiymTnEI&google_cver=1&google_push=AXcoOmRXNzQFIOUQu9Ab2LbxfNYgpbaNUQTCuwkBV9tyBEwFOcat4s54auX7ExsX_1-xDOQrtuxVzSqgUVr6rg91fpoJTffXnxt...

43 B
422 B

181ms
181ms

Image
image/gif

2606:4700::6812:19ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESECwzUb3F-Y4xo26KiymTnEI&google_cver=1&google_push=AXcoOmRXNzQFIOUQu9Ab2LbxfNYgpbaNUQTCuwkBV9tyBEwFOcat4s54auX7ExsX_1-xDOQrtuxVzSqgUVr6rg91fpoJTffXnxtO&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmRXNzQFIOUQu9Ab2LbxfNYgpbaNUQTCuwkBV9tyBEwFOcat4s54auX7ExsX_1-xDOQrtuxVzSqgUVr6rg91fpoJTffXnxtO%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4766656075352824&output=html&h=60&slotname=7656980933&adk=2977947412&adf=295265960&pi=t.ma~as.7656980933&w=468&lmt=1703542843&url=https%3A%2F%2Fwww.paranaturismo.com.br%2Flunardelli%2F&ea=0&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703542843426&bpp=3&bdt=423&idt=212&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&abxe=1&prev_fmts=0x0&prev_slotnames=1117840744&nras=1&correlator=6547080010031&frm=20&pv=1&ga_vid=369014989.1703542844&ga_sid=1703542844&ga_hid=1826749835&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=297&ady=380&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C95320239%2C31080103%2C44795921%2C95320868%2C95320884&oid=2&pvsid=3275849631077340&tmod=184500927&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=214
Protocol: H2
Server: 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Dec 2023 22:20:44 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 83b479195a2f6ae7-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 25 Dec 2023 22:20:44 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 73
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESECwzUb3F-Y4xo26KiymTnEI&google_cver=1&google_push=AXcoOmRXNzQFIOUQu9Ab2LbxfNYgpbaNUQTCuwkBV9tyBEwFOcat4s54auX7ExsX_1-xDOQrtuxVzSqgUVr6rg91fpoJTffXnxtO&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmRXNzQFIOUQu9Ab2LbxfNYgpbaNUQTCuwkBV9tyBEwFOcat4s54auX7ExsX_1-xDOQrtuxVzSqgUVr6rg91fpoJTffXnxtO%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 83b47918491f6ae7-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame D9FD
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEJfRSbmEsqQt79jfPNkVANg&google_cver=1&google_push=AXcoOmQTWLdRaf6e-VXqspx8-qyuzuEfXcF7Igkp3fNT1uw0D8jL3IoFVTwil92-djjxk_WY-IwNqztrLpBgVM...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMxNjY2MDgwMjMxOTY3NzU4Mw%3D%3D&google_push=AXcoOmQTWLdRaf6e-VXqspx8-qyuzuEfXcF7Igkp3fNT1uw0D8jL3IoFVTwil92-djjxk_WY-IwNqztrLpBgVMOA6j...

170 B
232 B

32ms
32ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMxNjY2MDgwMjMxOTY3NzU4Mw%3D%3D&google_push=AXcoOmQTWLdRaf6e-VXqspx8-qyuzuEfXcF7Igkp3fNT1uw0D8jL3IoFVTwil92-djjxk_WY-IwNqztrLpBgVMOA6jV6nOsCStVkFA

Requested by

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Dec 2023 22:20:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMxNjY2MDgwMjMxOTY3NzU4Mw%3D%3D&google_push=AXcoOmQTWLdRaf6e-VXqspx8-qyuzuEfXcF7Igkp3fNT1uw0D8jL3IoFVTwil92-djjxk_WY-IwNqztrLpBgVMOA6jV6nOsCStVkFA
Date: Mon, 25 Dec 2023 22:20:44 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H2 200 sync
x.bidswitch.net/ Frame D9FD 43 B
146 B 86ms
22ms Image
image/gif 3.122.189.67
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEO6trWI-guldHeDOwGcmPHA&google_cver=1&google_push=AXcoOmQzWKJ2u4M24qvS1TdXoHCDr7kvGjyxgxg1HXIaqeBmnPyC4QntVKYxTf54B3QA6wU3-LeqgrlAFvFfCdAeykAYL0CDa9hfcw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4766656075352824&output=html&h=60&slotname=7656980933&adk=2977947412&adf=295265960&pi=t.ma~as.7656980933&w=468&lmt=1703542843&url=https%3A%2F%2Fwww.paranaturismo.com.br%2Flunardelli%2F&ea=0&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703542843426&bpp=3&bdt=423&idt=212&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&abxe=1&prev_fmts=0x0&prev_slotnames=1117840744&nras=1&correlator=6547080010031&frm=20&pv=1&ga_vid=369014989.1703542844&ga_sid=1703542844&ga_hid=1826749835&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=297&ady=380&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C95320239%2C31080103%2C44795921%2C95320868%2C95320884&oid=2&pvsid=3275849631077340&tmod=184500927&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=214
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.122.189.67 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-122-189-67.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 22:20:44 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D9FD
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESENQwzrP3UmDf4dlMztywRoA&google_cver=1&google_push=AXcoOmSjR42XFW4pwnZv72TE3mHJ4JouNIjxEz8fuFwBmbDd4bE90ESyRkcgnlxlUeJJII9yq_Y7kx-1yKFqyZ3sJSeiweu...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSjR42XFW4pwnZv72TE3mHJ4JouNIjxEz8fuFwBmbDd4bE90ESyRkcgnlxlUeJJII9yq_Y7kx-1yKFqyZ3sJSeiweuU94Uh-w&google_hm=eS1jUWFtVkQxRTJwSFE0...

170 B
188 B

32ms
32ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSjR42XFW4pwnZv72TE3mHJ4JouNIjxEz8fuFwBmbDd4bE90ESyRkcgnlxlUeJJII9yq_Y7kx-1yKFqyZ3sJSeiweuU94Uh-w&google_hm=eS1jUWFtVkQxRTJwSFE0UUt4dWxSUU1qTmdtbERpTWJrZX5B

Requested by

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Dec 2023 22:20:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 25 Dec 2023 22:20:44 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSjR42XFW4pwnZv72TE3mHJ4JouNIjxEz8fuFwBmbDd4bE90ESyRkcgnlxlUeJJII9yq_Y7kx-1yKFqyZ3sJSeiweuU94Uh-w&google_hm=eS1jUWFtVkQxRTJwSFE0UUt4dWxSUU1qTmdtbERpTWJrZX5B
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D9FD
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESEEhEOCQj0kxD5-OU3g9fgq0&google_cver=1&google_push=AXcoOmTxE2O-UbS2oLTqw56SYUglzdk5qGBl6aUmxpSi2TAN9kzPZkk4V9kLVw_shUQO1Av_Vh38MF17mX7By_bCB44slwG...
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEEhEOCQj0kxD5-OU3g9fgq0&google_cver=1&google_push=AXcoOmTxE2O-UbS2oLTqw56SYUglzdk5qGBl6aUmxpSi2TAN9kzPZkk4V9kLVw_shUQO1Av_Vh38MF17mX7By_bCB44sl...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmTxE2O-UbS2oLTqw56SYUglzdk5qGBl6aUmxpSi2TAN9kzPZkk4V9kLVw_shUQO1Av_Vh38MF17mX7By_bCB44slwGvlZpGrQ

170 B
188 B

32ms
31ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmTxE2O-UbS2oLTqw56SYUglzdk5qGBl6aUmxpSi2TAN9kzPZkk4V9kLVw_shUQO1Av_Vh38MF17mX7By_bCB44slwGvlZpGrQ

Requested by

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Dec 2023 22:20:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmTxE2O-UbS2oLTqw56SYUglzdk5qGBl6aUmxpSi2TAN9kzPZkk4V9kLVw_shUQO1Av_Vh38MF17mX7By_bCB44slwGvlZpGrQ
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame D9FD
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEOu3gkDeS58RQ7c3m12tBLg&google_cver=1&google_push=AXcoOmREG23S0ToF8KFnpufdSAiuvRZRxuDKaNRXRkaNg2KyvjmRU0FmB-VKZSyRsBJjnOLoLY3rAczR6ANI...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmREG23S0ToF8KFnpufdSAiuvRZRxuDKaNRXRkaNg2KyvjmRU0FmB-VKZSyRsBJjnOLoLY3rAczR6ANIMtoquNWkXeugieUrSw

170 B
232 B

33ms
32ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmREG23S0ToF8KFnpufdSAiuvRZRxuDKaNRXRkaNg2KyvjmRU0FmB-VKZSyRsBJjnOLoLY3rAczR6ANIMtoquNWkXeugieUrSw

Requested by

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Dec 2023 22:20:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmREG23S0ToF8KFnpufdSAiuvRZRxuDKaNRXRkaNg2KyvjmRU0FmB-VKZSyRsBJjnOLoLY3rAczR6ANIMtoquNWkXeugieUrSw
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame D9FD 0
49 B 49ms
31ms Image
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JOfzgutHXsd61LZ2ec-Km3GbxVjmo74jp2ieXchxcFUyT4OXnPe8EQhqy60T0qzJ7_93zr

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 22:20:44 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
DATA 200
OK truncated
/ Frame D1B9 207 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 335f5199689533613f48f8b9cdbdcf86ae2d804bb2848df70e2a8f4d599e0b5d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 default.css
as.ad4m.at/ad/style/0.1.50/one-ad/ Frame 250A 115 KB
14 KB 36ms
35ms Stylesheet
text/css 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1hw3vrmg7y3h907x06syq4mwyfedv69f6q29wwdep3ssy6wpckwcb2exmbatkx9bxe51k5nf3v7d7xxpvewctzck76xdfv7ad59j0mc58zpdqhv0q48qpkpdawrd8mzq6saghhhc0rdj6kj33qhp8859scdbd6hv2pr4bt3mfk7n8mam213kghjxsrdt10537qn23f1q3hw6j4p3qfxq6smyq146tf8cxgwd6mkn4b8t052q3bmhnt3ngf66837er1yn7e13x4tmzv8vtt2h0dp7qbw7qyv678v7bt8tend0afbpkp2jy27st601kq3f0aq8r5ad80g6hkbdqgtzjzp047sjx4kj5pajyr4gfzhrh5n26vqtfjqkkyqfa3vdekdq3wwtjmjqt9f1adgj12wwrp6tpzmnkx65gyg32j7h41ehvq2bzqhg6dhdxkb0zvpk9q8pjr&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCi7XcOwCKZcX7N6jJmLAPjdea2AeQ4YGEXLaoworwAsCNtwEQASAAYJWipIKwB4IBF2NhLXB1Yi00NzY2NjU2MDc1MzUyODI0yAEJqQIRY4ZOUXiyPqgDAcgDAqoEoAJP0NcqJtg55nB97JQdWA9hOfZx658I9BM70u2wKuatPeCCl73oqHIJb06E8gPpkN78w_jwiJCk6TbTFuxURvadFFk735Y2Wk8ry37wu_gpweFbfdBKj-lJ-tIIO4v0OTu9mPDxbvjTi2Y9xfZNZ91EzZsMWYOuzzUbVnoVIUWOzB7Kj_vTOYmYjm8iIy2SN5ZE8lZJ0ZOLnhW94Avz7-O-S4JAcrsJsnmcofKH-CkGLwNCfgt78QsqaBx7sERWmeAsR7aRqkTj87b5tuUm6WkwqB3B41GcZ0SU9dVxwxmN76BUUw1KjlemuLbvQA8hYhLg0vVocKaWOWpXA2gAdauO-Z4iKFGjfb57ZL6YKal3NH9r_i6di2F3Ur7hak8L7IqABunliPTnivbzeaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOljCzsjQz6uDA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1x-587HaxUC_6pOl6qHjyOystF2w%26client%3Dca-pub-4766656075352824%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1hw3vrmg7y3h907x06syq4mwyfedv69f6q29wwdep3ssy6wpckwcb2exmbatkx9bxe51k5nf3v7d7xxpvewctzck76xdfv7ad59j0mc58zpdqhv0q48qpkpdawrd8mzq6saghhhc0rdj6kj33qhp8859scdbd6hv2pr4bt3mfk7n8mam213kghjxsrdt10537qn23f1q3hw6j4p3qfxq6smyq146tf8cxgwd6mkn4b8t052q3bmhnt3ngf66837er1yn7e13x4tmzv8vtt2h0dp7qbw7qyv678v7bt8tend0afbpkp2jy27st601kq3f0aq8r5ad80g6hkbdqgtzjzp047sjx4kj5pajyr4gfzhrh5n26vqtfjqkkyqfa3vdekdq3wwtjmjqt9f1adgj12wwrp6tpzmnkx65gyg32j7h41ehvq2bzqhg6dhdxkb0zvpk9q8pjr&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCi7XcOwCKZcX7N6jJmLAPjdea2AeQ4YGEXLaoworwAsCNtwEQASAAYJWipIKwB4IBF2NhLXB1Yi00NzY2NjU2MDc1MzUyODI0yAEJqQIRY4ZOUXiyPqgDAcgDAqoEoAJP0NcqJtg55nB97JQdWA9hOfZx658I9BM70u2wKuatPeCCl73oqHIJb06E8gPpkN78w_jwiJCk6TbTFuxURvadFFk735Y2Wk8ry37wu_gpweFbfdBKj-lJ-tIIO4v0OTu9mPDxbvjTi2Y9xfZNZ91EzZsMWYOuzzUbVnoVIUWOzB7Kj_vTOYmYjm8iIy2SN5ZE8lZJ0ZOLnhW94Avz7-O-S4JAcrsJsnmcofKH-CkGLwNCfgt78QsqaBx7sERWmeAsR7aRqkTj87b5tuUm6WkwqB3B41GcZ0SU9dVxwxmN76BUUw1KjlemuLbvQA8hYhLg0vVocKaWOWpXA2gAdauO-Z4iKFGjfb57ZL6YKal3NH9r_i6di2F3Ur7hak8L7IqABunliPTnivbzeaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOljCzsjQz6uDA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1x-587HaxUC_6pOl6qHjyOystF2w%26client%3Dca-pub-4766656075352824%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 22:20:44 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2313042
cf-polished: origSize=118430
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 02 Nov 2023 10:26:17 GMT
server: cloudflare
etag: W/"486507ccce9ac587d11c0ef3f32a109a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PD7TVwSqbaaFqFke3pjv1qu1ga0alzMCBuc2TeIcaevwAIMXSzmoaVG2S%2BCBgDQkwFgTKuhc797CWFeY5P6k2Cr2Rb%2BX1YN%2Fx7ZQ1c%2FwxhgSrd9ftylSA%2FwQpn5UwZIuz6d76uUHXNc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=86400
cf-ray: 83b479182fb62c53-FRA
expires: Tue, 26 Dec 2023 22:20:44 GMT

GET
H2 200 r62eglto.js Show response
ad4m.at/ Frame 250A 24 KB
10 KB 37ms
36ms Script
application/javascript 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1hw3vrmg7y3h907x06syq4mwyfedv69f6q29wwdep3ssy6wpckwcb2exmbatkx9bxe51k5nf3v7d7xxpvewctzck76xdfv7ad59j0mc58zpdqhv0q48qpkpdawrd8mzq6saghhhc0rdj6kj33qhp8859scdbd6hv2pr4bt3mfk7n8mam213kghjxsrdt10537qn23f1q3hw6j4p3qfxq6smyq146tf8cxgwd6mkn4b8t052q3bmhnt3ngf66837er1yn7e13x4tmzv8vtt2h0dp7qbw7qyv678v7bt8tend0afbpkp2jy27st601kq3f0aq8r5ad80g6hkbdqgtzjzp047sjx4kj5pajyr4gfzhrh5n26vqtfjqkkyqfa3vdekdq3wwtjmjqt9f1adgj12wwrp6tpzmnkx65gyg32j7h41ehvq2bzqhg6dhdxkb0zvpk9q8pjr&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCi7XcOwCKZcX7N6jJmLAPjdea2AeQ4YGEXLaoworwAsCNtwEQASAAYJWipIKwB4IBF2NhLXB1Yi00NzY2NjU2MDc1MzUyODI0yAEJqQIRY4ZOUXiyPqgDAcgDAqoEoAJP0NcqJtg55nB97JQdWA9hOfZx658I9BM70u2wKuatPeCCl73oqHIJb06E8gPpkN78w_jwiJCk6TbTFuxURvadFFk735Y2Wk8ry37wu_gpweFbfdBKj-lJ-tIIO4v0OTu9mPDxbvjTi2Y9xfZNZ91EzZsMWYOuzzUbVnoVIUWOzB7Kj_vTOYmYjm8iIy2SN5ZE8lZJ0ZOLnhW94Avz7-O-S4JAcrsJsnmcofKH-CkGLwNCfgt78QsqaBx7sERWmeAsR7aRqkTj87b5tuUm6WkwqB3B41GcZ0SU9dVxwxmN76BUUw1KjlemuLbvQA8hYhLg0vVocKaWOWpXA2gAdauO-Z4iKFGjfb57ZL6YKal3NH9r_i6di2F3Ur7hak8L7IqABunliPTnivbzeaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOljCzsjQz6uDA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1x-587HaxUC_6pOl6qHjyOystF2w%26client%3Dca-pub-4766656075352824%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e688c863b85a28f75e5c1c7f21092f1f419649e10496f9f1fc36826112bbd348

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 22:20:44 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 29 Nov 2023 09:14:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 479154
etag: W/"aa3e81d21ff1f0e18f4862e53a794952"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BKbeU%2FDj39rLVNFvndiZaaDPeOZD1QEM%2BeSnQ5LVgFSODIsBgqKLiVqHmQw9o1M%2BLX0s3nOsRdkab1LtxUZ0zx1trHUU0PZzqog%2FpJUIFmKCpxNMyy5mnh1LBi7bWDvCbmLA0U4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 83b479182fb82c53-FRA
alt-svc: h3=":443"; ma=86400
expires: Wed, 13 Dec 2023 09:16:49 GMT

GET
DATA 200
OK truncated
/ Frame E23A 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d1e1d00090b8cfaf4291f7ec7d5e3e80a121a0f1044f005c005c92b1b082295c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 default.css
as.ad4m.at/ad/style/0.1.50/one-ad/ Frame 18E1 115 KB
13 KB 39ms
39ms Stylesheet
text/css 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1kpdr3t7he17zy2tx283nd7kak1mkqfw4g7brwkzpzhry3vt7derkk418148cc4131fjrzzhtqg6sb9zj8rr8mq70d69mhsf2a8gvpnk1pvkq4cbp6t2ty330w6sw4p69vchqh3zjd36yexjaq3k4tf2nj0sp1n7zvcdv5na2f22jr30eeddkb4cw0ca065cmzce2jv0rh56hr575n4paa0cfpg7dkn17vz5621d3jr06xnf7bw4b1s4sbvxq4662ek7r8371ydf9txjgwxxfggkn4t5e5b4jzb3fr6trd0t572wv7q2xaymp36gpgq8mtnwgpsywe3mfx029kcerg35cmp5gd25ryc1dda7kbt98hvvkhx56pnk7kwwk5et8x5zs5xnda7gctjd3x9pj9va1t16e6m5yvh9vx7sht875g36c183jaytcqgbhsb0601312bf&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCkS20OwCKZYf7N9KI1wazjJq4AZDhgYRctqjCivACwI23ARABIABglaKkgrAHggEXY2EtcHViLTQ3NjY2NTYwNzUzNTI4MjTIAQmpAhFjhk5ReLI-qAMByAMCqgSZAk_Qc9zH2_Sz2GxxBDvhfUg5fnk2Q-IAdKxkGIR8ALGhKIfbcyr29s_2Rj5og1fDlZRepQNAjTSyZsIXKEqEX6SMuSfWqrK8z3KqRKdU4xadGQYzrmVNYv_jfW7jdsIEzHc-F_ZaeYxz9TLQ5DmXtatNOkguFdMVUhWvKF-_ODpnz3JD7ZDyJh7pNmlnLJ1FvFxap384kbk6OxYdfCJCRpB_DX8Hn_6eptLoozWo3oK_pfmeI9LOvTMLiG95FcuqZQlq7KIWVfAiRHI1yQKiiDkRl8BnfHCbEtSLiIoOeGsU8oQWC8GtyNByA2XNRH8LE-26QJC2l8mNH0XMLRtXUTcttcoaEZSxKxn0eFsADUHnNXLZkSWe30J1gAbF76qXrOryphygBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYl8rI0M-rgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1952ya8fZ910P_mJoyi5pP1WtiJQ%26client%3Dca-pub-4766656075352824%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1kpdr3t7he17zy2tx283nd7kak1mkqfw4g7brwkzpzhry3vt7derkk418148cc4131fjrzzhtqg6sb9zj8rr8mq70d69mhsf2a8gvpnk1pvkq4cbp6t2ty330w6sw4p69vchqh3zjd36yexjaq3k4tf2nj0sp1n7zvcdv5na2f22jr30eeddkb4cw0ca065cmzce2jv0rh56hr575n4paa0cfpg7dkn17vz5621d3jr06xnf7bw4b1s4sbvxq4662ek7r8371ydf9txjgwxxfggkn4t5e5b4jzb3fr6trd0t572wv7q2xaymp36gpgq8mtnwgpsywe3mfx029kcerg35cmp5gd25ryc1dda7kbt98hvvkhx56pnk7kwwk5et8x5zs5xnda7gctjd3x9pj9va1t16e6m5yvh9vx7sht875g36c183jaytcqgbhsb0601312bf&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCkS20OwCKZYf7N9KI1wazjJq4AZDhgYRctqjCivACwI23ARABIABglaKkgrAHggEXY2EtcHViLTQ3NjY2NTYwNzUzNTI4MjTIAQmpAhFjhk5ReLI-qAMByAMCqgSZAk_Qc9zH2_Sz2GxxBDvhfUg5fnk2Q-IAdKxkGIR8ALGhKIfbcyr29s_2Rj5og1fDlZRepQNAjTSyZsIXKEqEX6SMuSfWqrK8z3KqRKdU4xadGQYzrmVNYv_jfW7jdsIEzHc-F_ZaeYxz9TLQ5DmXtatNOkguFdMVUhWvKF-_ODpnz3JD7ZDyJh7pNmlnLJ1FvFxap384kbk6OxYdfCJCRpB_DX8Hn_6eptLoozWo3oK_pfmeI9LOvTMLiG95FcuqZQlq7KIWVfAiRHI1yQKiiDkRl8BnfHCbEtSLiIoOeGsU8oQWC8GtyNByA2XNRH8LE-26QJC2l8mNH0XMLRtXUTcttcoaEZSxKxn0eFsADUHnNXLZkSWe30J1gAbF76qXrOryphygBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYl8rI0M-rgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1952ya8fZ910P_mJoyi5pP1WtiJQ%26client%3Dca-pub-4766656075352824%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 22:20:44 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2313042
cf-polished: origSize=118430
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 02 Nov 2023 10:26:17 GMT
server: cloudflare
etag: W/"486507ccce9ac587d11c0ef3f32a109a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GOMTzJ2MdFwPRWYp7QY7qwb5KIEIYj34RmCo6BZqRDb6gE0wpKYp3xIgu3kxOrY88ZsBqf%2F3F%2BNfgCOu8vtTiTzMjg3%2FBsL1zBhNMMOYfyaIGDFtVwnmA%2B9s0kZupCpSHLECzRHwFZ4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=86400
cf-ray: 83b479182fb92c53-FRA
expires: Tue, 26 Dec 2023 22:20:44 GMT

GET
H2 200 r62eglto.js Show response
ad4m.at/ Frame 18E1 24 KB
9 KB 37ms
36ms Script
application/javascript 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1kpdr3t7he17zy2tx283nd7kak1mkqfw4g7brwkzpzhry3vt7derkk418148cc4131fjrzzhtqg6sb9zj8rr8mq70d69mhsf2a8gvpnk1pvkq4cbp6t2ty330w6sw4p69vchqh3zjd36yexjaq3k4tf2nj0sp1n7zvcdv5na2f22jr30eeddkb4cw0ca065cmzce2jv0rh56hr575n4paa0cfpg7dkn17vz5621d3jr06xnf7bw4b1s4sbvxq4662ek7r8371ydf9txjgwxxfggkn4t5e5b4jzb3fr6trd0t572wv7q2xaymp36gpgq8mtnwgpsywe3mfx029kcerg35cmp5gd25ryc1dda7kbt98hvvkhx56pnk7kwwk5et8x5zs5xnda7gctjd3x9pj9va1t16e6m5yvh9vx7sht875g36c183jaytcqgbhsb0601312bf&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCkS20OwCKZYf7N9KI1wazjJq4AZDhgYRctqjCivACwI23ARABIABglaKkgrAHggEXY2EtcHViLTQ3NjY2NTYwNzUzNTI4MjTIAQmpAhFjhk5ReLI-qAMByAMCqgSZAk_Qc9zH2_Sz2GxxBDvhfUg5fnk2Q-IAdKxkGIR8ALGhKIfbcyr29s_2Rj5og1fDlZRepQNAjTSyZsIXKEqEX6SMuSfWqrK8z3KqRKdU4xadGQYzrmVNYv_jfW7jdsIEzHc-F_ZaeYxz9TLQ5DmXtatNOkguFdMVUhWvKF-_ODpnz3JD7ZDyJh7pNmlnLJ1FvFxap384kbk6OxYdfCJCRpB_DX8Hn_6eptLoozWo3oK_pfmeI9LOvTMLiG95FcuqZQlq7KIWVfAiRHI1yQKiiDkRl8BnfHCbEtSLiIoOeGsU8oQWC8GtyNByA2XNRH8LE-26QJC2l8mNH0XMLRtXUTcttcoaEZSxKxn0eFsADUHnNXLZkSWe30J1gAbF76qXrOryphygBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYl8rI0M-rgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1952ya8fZ910P_mJoyi5pP1WtiJQ%26client%3Dca-pub-4766656075352824%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e688c863b85a28f75e5c1c7f21092f1f419649e10496f9f1fc36826112bbd348

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 22:20:44 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 29 Nov 2023 09:14:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 479154
etag: W/"aa3e81d21ff1f0e18f4862e53a794952"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mCjdnXpapYr%2BeygHInwal4%2FSvDYjbKr9FDCKkYjrKDWdMihBp7cqTl6ScErIzwYufZsvXHR4R61vViSZBjTcnYL0WrgBz4Z%2B3RVfQnqnXGosSEicSPBejn1AzjvBXt3sMhLev2g%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 83b479182fba2c53-FRA
alt-svc: h3=":443"; ma=86400
expires: Wed, 13 Dec 2023 09:16:49 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 766B 3 KB
1 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4766656075352824&output=html&h=90&slotname=1117840744&adk=1721480579&adf=767381939&pi=t.ma~as.1117840744&w=728&lmt=1703542843&url=https%3A%2F%2Fwww.paranaturismo.com.br%2Flunardelli%2F&ea=0&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703542843424&bpp=2&bdt=422&idt=207&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&abxe=1&prev_fmts=0x0&nras=1&correlator=6547080010031&frm=20&pv=1&ga_vid=369014989.1703542844&ga_sid=1703542844&ga_hid=1826749835&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=612&ady=42&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C95320239%2C31080103%2C44795921%2C95320868%2C95320884&oid=2&pvsid=3275849631077340&tmod=184500927&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=210

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 20:41:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5925
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 08 Jan 2024 20:41:59 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 766B 20 KB
8 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 01:54:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73585
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 08 Jan 2024 01:54:19 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 766B 0
0 31ms
30ms Image
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSeVyV1Io39XIPQOAlPwdjmXZrx9l6xM0imfWB0n0pd6R6rhTQThym4rx2w1jDrhMXqM_y1o3p9i365siW6g2IAV_JmsA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4766656075352824&output=html&h=90&slotname=1117840744&adk=1721480579&adf=767381939&pi=t.ma~as.1117840744&w=728&lmt=1703542843&url=https%3A%2F%2Fwww.paranaturismo.com.br%2Flunardelli%2F&ea=0&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703542843424&bpp=2&bdt=422&idt=207&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&abxe=1&prev_fmts=0x0&nras=1&correlator=6547080010031&frm=20&pv=1&ga_vid=369014989.1703542844&ga_sid=1703542844&ga_hid=1826749835&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=612&ady=42&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C95320239%2C31080103%2C44795921%2C95320868%2C95320884&oid=2&pvsid=3275849631077340&tmod=184500927&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=210
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 766B 203 KB
64 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 22:20:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65731
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 25 Dec 2023 22:20:44 GMT

GET
H3 200 dr Show response
as.ad4m.at/ad/ Frame 0818 2 KB
3 KB 46ms
45ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1hn2hhr1pspvrhxqk6054hz2e79c3hdj76rx21kpad2jh85hxc4j5cm2nmx569mjt8b4v7naag1ram21j6xkhd6e8tfcza4hp8fevf5p170a8rjq92meptebvs7zv2635w24vm5js2w2an10cpjr6xy081h66r4ycshnzvteqk23q5fazgdt6235ymz4hz7cvfvn24xd3yqpnd8wwnyf3ydx215jx0tnqnx7jqr7fekpb0sgr61ntkxakt8aze1fch69qpszr9vmf5555tbjzf9xc0d3w3ky33yjaa801gh9chxevw8fbvct8pv6j9hy00gm4n9qf4gs3t9era7cxzn82gw0b6brqeerg73v2e773awss21t6mvr6z14x0et6kr5j9ngace4md2vy4y62chwfhd3y4y9pbrcjxd0hv0f4k1ped82v5hac2sp11szw82q5tfc&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCjabNOwCKZaHiN4vE9u8Pr7eS4AOQ4YGEXLaoworwAsCNtwEQASAAYJWipIKwB4IBF2NhLXB1Yi00NzY2NjU2MDc1MzUyODI0yAEJqQIRY4ZOUXiyPqgDAcgDAqoEmQJP0GDVPx2-HIFJ4_DO5-AZ_Usvc1Ew0hF0ShpGECcspFxlQ6y-VX-86iEBa9ifQJ_bCcqFSwqY10bA9bzv_qgSUmSUZVwo1e1eA8kOzu1IgssZ_t5HtJYmmpZW8ZHNsXW4xWWv1o1bKb96jH-zNs0Z0H98ldBKn2DViwdPEeeZcOh8UFKp-aninbmIQ8EbRhsDrZ2mbnftNvWDgjFtvTDtRZsP9z4X2xtHhsQrdzUVX7F7MEUBck3jRbAy7fq5rthigWu4cvjq4OCg6YbiKcu6N6G7Ib8DgzwjAky94ehuO6FV2z8dKrK2to9PQAh95leMaVZhJAlukTxUh1BJ6Eo5UQUXE-6bP7FbaheVhlmgPxlxi8X0aeibnYAGx5G4oZi-xt9soAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WPvFyNDPq4MD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3Sv86g3e0VJzP1tbgCWTF9HmFMcg%26client%3Dca-pub-4766656075352824%26adurl%3D

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e245e083dcdc9766e07d8c0da497ffc3ced808600efd24ebc1bfbe7f00cc14d1

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src ;connect-src https:;default-src 'self';font-src ;form-action 'none';frame-src ;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src 'unsafe-inline'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 83b47918aaac6ab8-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Mon, 25 Dec 2023 22:20:44 GMT
expires: 0
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy: accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 0462 1 KB
643 B 22ms
22ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 6050
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 25 Dec 2023 20:39:54 GMT
etag: 48472445140208031
expires: Tue, 26 Dec 2023 20:39:54 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dr Show response
as.ad4m.at/ad/ Frame 5CC6 2 KB
3 KB 46ms
45ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1g3548v11szq27s4e8antfrek2765b002nvdt0v52xgcm7cp32dky51xbts1ay6hmc0hjekr5e8xrzsdb4vsrkqcwrmg0cz9fj7z2d2rf1wrn9wyv6hjhp6q727mrkkwew3tqfyn8ss2geqch6wctstrz2k18d3yrmmgdp4x4zzh1h78762y9w0b8rnma7379nwayw6x5whv2pg5r933zwtejsnrsj4vqbfba8487pthqvfgj79h65rndf2rfxcy13w9pp9c71x4x6zpkxvnhth12esep9b43786z5r59mwqhbte67gx7p5yqedf2t5vdx79yscc2qkjek0qf2j2f2b2795nnx9hbe5sdjngrrw74cm4ft5j5fmrpa83h6hny977crcsf9008nzktjqwn8739pyps3ye9q96sd4j8cbc052dvsntg43skrhm8zw4dr686jgr28&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCGp0UOwCKZb-3OJyTmLAPkJa0wAOQ4YGEXLaoworwAsCNtwEQASAAYJWipIKwB4IBF2NhLXB1Yi00NzY2NjU2MDc1MzUyODI0yAEJqQIRY4ZOUXiyPqgDAcgDAqoEmgJP0JuNx3sOuOU3Tz258PPZQ--bzVpbxonUTlMnbypF_XTZygKfOxLfZYuzG74SZSM3kz_DdSfJFIWoF8AMxb0BQyITDZ0nxnxwIdzMZBlslCKrQNtzmfbaTCcyku8zDG38Xw1mGMSOEjOJtqsXT-bysHncurfEEF8UMR3cqzlruX-Qk3VNtMcpgZC0DmeiUS5a9mpbMj-smGfIBB4zrB7nGqwZJEaioDRnVVCKaLZoNrHOoCHmi0ugClMeKqH3ZlbEjQ_ly5DEKc1PbhtFenRO76RBV3PxF2CbDpRcxpA9AD75fsXqE0-r4gPlawJ1wqPcw6c8_zgTctga1hZYoF9FJV1tX6bzoF6sWP9yXa3nUHpq8XhcuwE0IDeABvnEndus88zewwGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYpYbJ0M-rgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1I93El2lPjZx4jNcyAVHzTNSYykg%26client%3Dca-pub-4766656075352824%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4766656075352824&output=html&h=600&slotname=1019247609&adk=1564824845&adf=2530054453&pi=t.ma~as.1019247609&w=300&lmt=1703542843&format=300x600&url=https%3A%2F%2Fwww.paranaturismo.com.br%2Flunardelli%2F&ea=0&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703542843438&bpp=2&bdt=436&idt=212&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&prev_slotnames=1117840744%2C7656980933&nras=1&correlator=6547080010031&frm=20&pv=1&ga_vid=369014989.1703542844&ga_sid=1703542844&ga_hid=1826749835&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=821&ady=476&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C95320239%2C31080103%2C44795921%2C95320868%2C95320884&oid=2&pvsid=3275849631077340&tmod=184500927&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=214

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5011a13ddf5492c03cb7fd578a70b42bd1d1c4e97ccd7e368d2eb88830dea6a5

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src ;connect-src https:;default-src 'self';font-src ;form-action 'none';frame-src ;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src 'unsafe-inline'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 83b47918cacc6ab8-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Mon, 25 Dec 2023 22:20:44 GMT
expires: 0
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy: accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame A17C 3 KB
1 KB 23ms
20ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 20:41:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5925
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 08 Jan 2024 20:41:59 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame F235 1 KB
643 B 23ms
22ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 6050
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 25 Dec 2023 20:39:54 GMT
etag: 48472445140208031
expires: Tue, 26 Dec 2023 20:39:54 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame A17C 20 KB
8 KB 24ms
21ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 01:54:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73585
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 08 Jan 2024 01:54:19 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame A17C 0
0 34ms
32ms Image
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQDVGaR85nBNxE56yyD8aUia6_b5sR_S-zTIm__9jJXMxXJLdBndDQVPYlZunXUIeEEVbu_Hmpif1OAO34I1KgTdgSz0Q
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4766656075352824&output=html&h=600&slotname=1019247609&adk=1564824845&adf=2530054453&pi=t.ma~as.1019247609&w=300&lmt=1703542843&format=300x600&url=https%3A%2F%2Fwww.paranaturismo.com.br%2Flunardelli%2F&ea=0&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703542843438&bpp=2&bdt=436&idt=212&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&prev_slotnames=1117840744%2C7656980933&nras=1&correlator=6547080010031&frm=20&pv=1&ga_vid=369014989.1703542844&ga_sid=1703542844&ga_hid=1826749835&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=821&ady=476&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C95320239%2C31080103%2C44795921%2C95320868%2C95320884&oid=2&pvsid=3275849631077340&tmod=184500927&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=214
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame A17C 203 KB
64 KB 65ms
63ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 22:20:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65731
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 25 Dec 2023 22:20:44 GMT

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 18E1 350 B
915 B 104ms
38ms Image
image/png 2606:4700:20::681a:71b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:71b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d41dc07aed30cb54de661289691254b1288a52bcf4d121cec3acb89d4aa872a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 22:20:44 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3060091
alt-svc: h3=":443"; ma=86400
content-length: 350
last-modified: Mon, 20 Nov 2023 11:04:04 GMT
server: cloudflare
etag: "e7fc49b61cae983db8c3a1dccf923b93"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Uj657u7jGitUA%2B6UVSAAri6XzC4jEvYly%2FGBJDFGxOEiVkAZ8Gux%2BOukE0Ym8iuNA%2B%2FTSfrpcj2pHRBNeYX3eRusBVNJqzupMNu%2FS8OWeVn0l%2FzqC4Aaxyh3jjjPCO1fMd3O3l8JBxlrFCvPbLyCsvKZ"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 83b479193881368c-FRA
expires: Tue, 19 Nov 2024 11:23:05 GMT

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 250A 350 B
635 B 120ms
54ms Image
image/png 2606:4700:20::681a:71b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:71b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d41dc07aed30cb54de661289691254b1288a52bcf4d121cec3acb89d4aa872a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 22:20:44 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3060091
alt-svc: h3=":443"; ma=86400
content-length: 350
last-modified: Mon, 20 Nov 2023 11:04:04 GMT
server: cloudflare
etag: "e7fc49b61cae983db8c3a1dccf923b93"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MgzpO7iFL0fYISd6VGL%2FmC2h20z9wYXHzawtOA7Y2tDWT0PFIf1FotAXU5lAyfoxZFlZ0AbKXl5Gya6WKjVZ6Hhy9P5jTKLSbS149Yy%2F4VQH4S2JJiarJeiV1umTdY4PTY3owzccPYPw42b%2F3aSafvib"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 83b479193884368c-FRA
expires: Tue, 19 Nov 2024 11:23:05 GMT

GET
H3 200 cookie-frame.html Show response
ad4m.at/ Frame 431D 2 KB
1 KB 36ms
35ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/cookie-frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0db16c25165bfd35ea9114187f3e97d7084a33135cb56fe276f6cdd2ab675647

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2227931
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=86400, stale-if-error=86400
cf-cache-status: HIT
cf-ray: 83b47918dad66ab8-FRA
content-encoding: br
content-language: en
content-type: text/html
date: Mon, 25 Dec 2023 22:20:44 GMT
expires: Thu, 30 Nov 2023 03:29:52 GMT
last-modified: Tue, 28 Nov 2023 11:49:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BnxqYz6xaCSGeI5PjFbQiPBK3Z%2B0S6j4AchTAd9tv34CgYQ3ZWza7xBHpK%2FodoD9vXJ%2FFKJ%2BEkRhj%2Bo21kIUEkDksaKrEIE3ZsKX3AkdLzsPJFHfh7vqPNoZxPJesmC9akqSlJs%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 200 cookie-frame.html Show response
ad4m.at/ Frame 26A9 2 KB
1 KB 33ms
33ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/cookie-frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0db16c25165bfd35ea9114187f3e97d7084a33135cb56fe276f6cdd2ab675647

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2227931
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=86400, stale-if-error=86400
cf-cache-status: HIT
cf-ray: 83b47918dad86ab8-FRA
content-encoding: br
content-language: en
content-type: text/html
date: Mon, 25 Dec 2023 22:20:44 GMT
expires: Thu, 30 Nov 2023 03:29:52 GMT
last-modified: Tue, 28 Nov 2023 11:49:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yFKhoe96eU7sSkc1ff7Q229l3p9oHMuPO4oUkdWRwp7xHFgL5JK275Jb6Gta65InFB3nw4oh3kl6WLjTdXEyuX6ayqucTulrvMtPlc5kmMdDz9GTCo8y%2FgXBOkQZJQBetx5sSJk%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
DATA 200
OK truncated
/ Frame 766B 207 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7b00b9f7b7b1b0d4cd4b4ac5262e90332f971fe5382eb49718d708cca735f876

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 0462
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEA92xqtt1QsqzaG-2JmrVxk&google_cver=1&google_push=AXcoOmTlb3niHsFEgYTD2N5C_PIpOBvpfIjRv_4CQag131q97zf-VTDnTxZMWRXrAH7A3ifTb5WuTlOlsIRqwQ7BeFD-_qlI6yQUfTbZ
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=OTEwOTIwODkyNzExNjc1MzM3Mw==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEBEM92jLhx9LsRT_OVRLGrA&google_cver=1

43 B
398 B

120ms
80ms

Image
image/gif

2001:678:cb4:bbbb::11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEBEM92jLhx9LsRT_OVRLGrA&google_cver=1
Requested by: Host: www.paranaturismo.com.br
URL: https://www.paranaturismo.com.br/lunardelli/
Protocol: H2
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 25 Dec 2023 22:20:44 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Mon, 25 Dec 2023 22:20:44 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEBEM92jLhx9LsRT_OVRLGrA&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 0462 0
103 B 83ms
82ms Image
text/plain 2a02:fa8:8806:16::1400
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEFsqsFJ_0Nt3dLCyWVa5sug&google_cver=1&google_push=AXcoOmQ20Hfa8rYscW_dR25fCly1-QPyolJc8dPVq1Xx85E5RGjrlsFTff1CqxwIAyyYi5rYodI9kROVhhLQD9nndVzFQyFGsws468Ph
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4766656075352824&output=html&h=90&slotname=1117840744&adk=1721480579&adf=767381939&pi=t.ma~as.1117840744&w=728&lmt=1703542843&url=https%3A%2F%2Fwww.paranaturismo.com.br%2Flunardelli%2F&ea=0&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703542843424&bpp=2&bdt=422&idt=207&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&abxe=1&prev_fmts=0x0&nras=1&correlator=6547080010031&frm=20&pv=1&ga_vid=369014989.1703542844&ga_sid=1703542844&ga_hid=1826749835&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=612&ady=42&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C95320239%2C31080103%2C44795921%2C95320868%2C95320884&oid=2&pvsid=3275849631077340&tmod=184500927&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=210
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:16::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Dec 2023 22:20:44 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0462
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEI-IFE7xwwy0AZuscS-Ai4w&google_cver=1&google_push=AXcoOmRC_9A-wLWe0ukcDQRBKVPx_FWgeCn2ERWv97nbb62mVmxg284JAvBY2h3vkEkB3Y9UzQCBcGcST1s9deVzflahNKAb-Xt_cvHv
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=01F855ECA5EA4A1297B4233D9DAB710C&google_push=AXcoOmRC_9A-wLWe0ukcDQRBKVPx_FWgeCn2ERWv97nbb62mVmxg284JAvBY2h3vkEkB3Y9UzQCBcGcST1s9deV...

170 B
188 B

32ms
32ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=01F855ECA5EA4A1297B4233D9DAB710C&google_push=AXcoOmRC_9A-wLWe0ukcDQRBKVPx_FWgeCn2ERWv97nbb62mVmxg284JAvBY2h3vkEkB3Y9UzQCBcGcST1s9deVzflahNKAb-Xt_cvHv

Requested by

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Dec 2023 22:20:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 25 Dec 2023 22:20:44 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=01F855ECA5EA4A1297B4233D9DAB710C&google_push=AXcoOmRC_9A-wLWe0ukcDQRBKVPx_FWgeCn2ERWv97nbb62mVmxg284JAvBY2h3vkEkB3Y9UzQCBcGcST1s9deVzflahNKAb-Xt_cvHv
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Sun, 24 Dec 2023 22:20:44 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0462
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEMUk16-b0JK0dFmkgDjGWl4&google_cver=1&google_push=AXcoOmRtE_PJC-dfl7IRvXt0cytsr2S31p1SWN7Fw3mJs4ze0qj4QyL1N2lr5BiwmQHZX3f_9CzuG0r61q4...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmRtE_PJC-dfl7IRvXt0cytsr2S31p1SWN7Fw3mJs4ze0qj4QyL1N2lr5BiwmQHZX3f_9CzuG0r61q41BjcOl9cwndwyhOu4rIeL&google_hm=lSqW5uHLSfOJZByO...

170 B
188 B

35ms
35ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmRtE_PJC-dfl7IRvXt0cytsr2S31p1SWN7Fw3mJs4ze0qj4QyL1N2lr5BiwmQHZX3f_9CzuG0r61q41BjcOl9cwndwyhOu4rIeL&google_hm=lSqW5uHLSfOJZByO-w6buoM

Requested by

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Dec 2023 22:20:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 25 Dec 2023 22:20:43 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmRtE_PJC-dfl7IRvXt0cytsr2S31p1SWN7Fw3mJs4ze0qj4QyL1N2lr5BiwmQHZX3f_9CzuG0r61q41BjcOl9cwndwyhOu4rIeL&google_hm=lSqW5uHLSfOJZByO-w6buoM
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0462
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEJSfQpcePKbTsPQjZie7i9w&google_cver=1&google_push=AXcoOmTAuOJdMBO8VF0f5PX36KMk5fGCsdgYOX_knf72dbNNddbLd0muV4OACEVdthBeB2yfdwasKrVbuSB839K7...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=wDmCHZkYTTg9lMsQKcnesQ&google_push=AXcoOmTAuOJdMBO8VF0f5PX36KMk5fGCsdgYOX_knf72dbNNddbLd0muV4OACEVdthBeB2yfdwasKrVbuSB839K7iZcHfpsxFmEbjjKa

170 B
188 B

32ms
32ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=wDmCHZkYTTg9lMsQKcnesQ&google_push=AXcoOmTAuOJdMBO8VF0f5PX36KMk5fGCsdgYOX_knf72dbNNddbLd0muV4OACEVdthBeB2yfdwasKrVbuSB839K7iZcHfpsxFmEbjjKa

Requested by

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Dec 2023 22:20:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 25 Dec 2023 22:20:44 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=wDmCHZkYTTg9lMsQKcnesQ&google_push=AXcoOmTAuOJdMBO8VF0f5PX36KMk5fGCsdgYOX_knf72dbNNddbLd0muV4OACEVdthBeB2yfdwasKrVbuSB839K7iZcHfpsxFmEbjjKa
x-host: tde-deliveryengine-production-59dc4ccdb-lsjsj
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 sync
x.bidswitch.net/ Frame 0462 43 B
145 B 24ms
23ms Image
image/gif 3.122.189.67
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEKJrQPZVPQiSpHmgtVsoPdc&google_cver=1&google_push=AXcoOmT_pn5rU6v6wTCcmbYB_77AIUSDVrXeVj8emjMmWXodnwsXRNJ-uSb3V-0drCkTPClgj08bNYUnkbHNNN2WtBUJVvX83rH_Hn4
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4766656075352824&output=html&h=90&slotname=1117840744&adk=1721480579&adf=767381939&pi=t.ma~as.1117840744&w=728&lmt=1703542843&url=https%3A%2F%2Fwww.paranaturismo.com.br%2Flunardelli%2F&ea=0&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703542843424&bpp=2&bdt=422&idt=207&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&abxe=1&prev_fmts=0x0&nras=1&correlator=6547080010031&frm=20&pv=1&ga_vid=369014989.1703542844&ga_sid=1703542844&ga_hid=1826749835&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=612&ady=42&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C95320239%2C31080103%2C44795921%2C95320868%2C95320884&oid=2&pvsid=3275849631077340&tmod=184500927&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=210
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.122.189.67 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-122-189-67.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 22:20:44 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0462
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESEO5Lubl8grd7YXVlngBBixI&google_cver=1&google_push=AXcoOmSyddhNS0ydzOM2quet0NT04vatLY387BGJFmjkYukqMo8JRa8Ucsp6l_AZW8g11Zw5uiZkLRdrX0OUoObTR0rohfw...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmSyddhNS0ydzOM2quet0NT04vatLY387BGJFmjkYukqMo8JRa8Ucsp6l_AZW8g11Zw5uiZkLRdrX0OUoObTR0rohfwQUeDU4KPB

170 B
188 B

31ms
31ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmSyddhNS0ydzOM2quet0NT04vatLY387BGJFmjkYukqMo8JRa8Ucsp6l_AZW8g11Zw5uiZkLRdrX0OUoObTR0rohfwQUeDU4KPB

Requested by

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Dec 2023 22:20:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmSyddhNS0ydzOM2quet0NT04vatLY387BGJFmjkYukqMo8JRa8Ucsp6l_AZW8g11Zw5uiZkLRdrX0OUoObTR0rohfwQUeDU4KPB
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 0462 0
12 B 31ms
31ms Image
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JT-EKUSEjWgL2Z9y6xiUeVVcr_kBOvCVL12cVgC-MSnoSMwKa5Z0CmB-WThli6WkxIVfu9

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 22:20:44 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.50/one-ad/ Frame 0818 115 KB
14 KB 40ms
39ms Stylesheet
text/css 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1hn2hhr1pspvrhxqk6054hz2e79c3hdj76rx21kpad2jh85hxc4j5cm2nmx569mjt8b4v7naag1ram21j6xkhd6e8tfcza4hp8fevf5p170a8rjq92meptebvs7zv2635w24vm5js2w2an10cpjr6xy081h66r4ycshnzvteqk23q5fazgdt6235ymz4hz7cvfvn24xd3yqpnd8wwnyf3ydx215jx0tnqnx7jqr7fekpb0sgr61ntkxakt8aze1fch69qpszr9vmf5555tbjzf9xc0d3w3ky33yjaa801gh9chxevw8fbvct8pv6j9hy00gm4n9qf4gs3t9era7cxzn82gw0b6brqeerg73v2e773awss21t6mvr6z14x0et6kr5j9ngace4md2vy4y62chwfhd3y4y9pbrcjxd0hv0f4k1ped82v5hac2sp11szw82q5tfc&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCjabNOwCKZaHiN4vE9u8Pr7eS4AOQ4YGEXLaoworwAsCNtwEQASAAYJWipIKwB4IBF2NhLXB1Yi00NzY2NjU2MDc1MzUyODI0yAEJqQIRY4ZOUXiyPqgDAcgDAqoEmQJP0GDVPx2-HIFJ4_DO5-AZ_Usvc1Ew0hF0ShpGECcspFxlQ6y-VX-86iEBa9ifQJ_bCcqFSwqY10bA9bzv_qgSUmSUZVwo1e1eA8kOzu1IgssZ_t5HtJYmmpZW8ZHNsXW4xWWv1o1bKb96jH-zNs0Z0H98ldBKn2DViwdPEeeZcOh8UFKp-aninbmIQ8EbRhsDrZ2mbnftNvWDgjFtvTDtRZsP9z4X2xtHhsQrdzUVX7F7MEUBck3jRbAy7fq5rthigWu4cvjq4OCg6YbiKcu6N6G7Ib8DgzwjAky94ehuO6FV2z8dKrK2to9PQAh95leMaVZhJAlukTxUh1BJ6Eo5UQUXE-6bP7FbaheVhlmgPxlxi8X0aeibnYAGx5G4oZi-xt9soAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WPvFyNDPq4MD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3Sv86g3e0VJzP1tbgCWTF9HmFMcg%26client%3Dca-pub-4766656075352824%26adurl%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1hn2hhr1pspvrhxqk6054hz2e79c3hdj76rx21kpad2jh85hxc4j5cm2nmx569mjt8b4v7naag1ram21j6xkhd6e8tfcza4hp8fevf5p170a8rjq92meptebvs7zv2635w24vm5js2w2an10cpjr6xy081h66r4ycshnzvteqk23q5fazgdt6235ymz4hz7cvfvn24xd3yqpnd8wwnyf3ydx215jx0tnqnx7jqr7fekpb0sgr61ntkxakt8aze1fch69qpszr9vmf5555tbjzf9xc0d3w3ky33yjaa801gh9chxevw8fbvct8pv6j9hy00gm4n9qf4gs3t9era7cxzn82gw0b6brqeerg73v2e773awss21t6mvr6z14x0et6kr5j9ngace4md2vy4y62chwfhd3y4y9pbrcjxd0hv0f4k1ped82v5hac2sp11szw82q5tfc&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCjabNOwCKZaHiN4vE9u8Pr7eS4AOQ4YGEXLaoworwAsCNtwEQASAAYJWipIKwB4IBF2NhLXB1Yi00NzY2NjU2MDc1MzUyODI0yAEJqQIRY4ZOUXiyPqgDAcgDAqoEmQJP0GDVPx2-HIFJ4_DO5-AZ_Usvc1Ew0hF0ShpGECcspFxlQ6y-VX-86iEBa9ifQJ_bCcqFSwqY10bA9bzv_qgSUmSUZVwo1e1eA8kOzu1IgssZ_t5HtJYmmpZW8ZHNsXW4xWWv1o1bKb96jH-zNs0Z0H98ldBKn2DViwdPEeeZcOh8UFKp-aninbmIQ8EbRhsDrZ2mbnftNvWDgjFtvTDtRZsP9z4X2xtHhsQrdzUVX7F7MEUBck3jRbAy7fq5rthigWu4cvjq4OCg6YbiKcu6N6G7Ib8DgzwjAky94ehuO6FV2z8dKrK2to9PQAh95leMaVZhJAlukTxUh1BJ6Eo5UQUXE-6bP7FbaheVhlmgPxlxi8X0aeibnYAGx5G4oZi-xt9soAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WPvFyNDPq4MD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3Sv86g3e0VJzP1tbgCWTF9HmFMcg%26client%3Dca-pub-4766656075352824%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 22:20:44 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2313042
cf-polished: origSize=118430
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 02 Nov 2023 10:26:17 GMT
server: cloudflare
etag: W/"486507ccce9ac587d11c0ef3f32a109a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vA7hFKriRaOJ7U9ho%2BBY495OKnQcEPz1ofo33vGLAeotqQtdpXTiy4p7kDRhC%2Fxr5aRws4BFp33bo%2FC3%2BmzbMIelwKS8n0hkkNx1Z3yeMZROeRZFFAg7inPBLlijoGUVHH1O9u%2ByKzw%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=86400
cf-ray: 83b479190b076ab8-FRA
expires: Tue, 26 Dec 2023 22:20:44 GMT

GET
H3 200 r62eglto.js Show response
ad4m.at/ Frame 0818 24 KB
10 KB 34ms
34ms Script
application/javascript 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1hn2hhr1pspvrhxqk6054hz2e79c3hdj76rx21kpad2jh85hxc4j5cm2nmx569mjt8b4v7naag1ram21j6xkhd6e8tfcza4hp8fevf5p170a8rjq92meptebvs7zv2635w24vm5js2w2an10cpjr6xy081h66r4ycshnzvteqk23q5fazgdt6235ymz4hz7cvfvn24xd3yqpnd8wwnyf3ydx215jx0tnqnx7jqr7fekpb0sgr61ntkxakt8aze1fch69qpszr9vmf5555tbjzf9xc0d3w3ky33yjaa801gh9chxevw8fbvct8pv6j9hy00gm4n9qf4gs3t9era7cxzn82gw0b6brqeerg73v2e773awss21t6mvr6z14x0et6kr5j9ngace4md2vy4y62chwfhd3y4y9pbrcjxd0hv0f4k1ped82v5hac2sp11szw82q5tfc&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCjabNOwCKZaHiN4vE9u8Pr7eS4AOQ4YGEXLaoworwAsCNtwEQASAAYJWipIKwB4IBF2NhLXB1Yi00NzY2NjU2MDc1MzUyODI0yAEJqQIRY4ZOUXiyPqgDAcgDAqoEmQJP0GDVPx2-HIFJ4_DO5-AZ_Usvc1Ew0hF0ShpGECcspFxlQ6y-VX-86iEBa9ifQJ_bCcqFSwqY10bA9bzv_qgSUmSUZVwo1e1eA8kOzu1IgssZ_t5HtJYmmpZW8ZHNsXW4xWWv1o1bKb96jH-zNs0Z0H98ldBKn2DViwdPEeeZcOh8UFKp-aninbmIQ8EbRhsDrZ2mbnftNvWDgjFtvTDtRZsP9z4X2xtHhsQrdzUVX7F7MEUBck3jRbAy7fq5rthigWu4cvjq4OCg6YbiKcu6N6G7Ib8DgzwjAky94ehuO6FV2z8dKrK2to9PQAh95leMaVZhJAlukTxUh1BJ6Eo5UQUXE-6bP7FbaheVhlmgPxlxi8X0aeibnYAGx5G4oZi-xt9soAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WPvFyNDPq4MD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3Sv86g3e0VJzP1tbgCWTF9HmFMcg%26client%3Dca-pub-4766656075352824%26adurl%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e688c863b85a28f75e5c1c7f21092f1f419649e10496f9f1fc36826112bbd348

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 22:20:44 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 29 Nov 2023 09:14:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 479154
etag: W/"aa3e81d21ff1f0e18f4862e53a794952"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vPvyCZmPZzAtkP02quNXJTPokkvWt12m45ayFmz8%2F%2FaCrrivvIz2N0lIZJ4IyoVWid0JD4tPlfgwURyjI6tq%2F9%2FObRlWxUS8HFYeNhftL9PqWQNU6Z1SkAvQ3pCXctgYlw5OqAo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 83b479190b096ab8-FRA
alt-svc: h3=":443"; ma=86400
expires: Wed, 13 Dec 2023 09:16:49 GMT

GET
DATA 200
OK truncated
/ Frame A17C 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7516fcd05d5305d8d6b04e05a3fcd0ba71fdafd81705506f1d32e075368c76e5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 dpixel
cms.quantserve.com/ Frame F235 35 B
463 B 80ms
24ms Image
image/gif 2620:116:800d:21:93ca:31d8:d86e:38f6
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEHwz2dSWkYJOfFvaXTArtfw&google_cver=1&google_push=AXcoOmTf_jQW_nVwppL22fVOB5_ISAwGzeNXuah7ZGmwMFUPy6eQMdkp2P8_gxpM-pPR7-qe3MWXqgIDXCK4N68P0AMyyjv2rALQTQk

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:93ca:31d8:d86e:38f6 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Dec 2023 22:20:44 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F235
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEHjttGetb-wajNkBVF9k2CU&google_push=AXcoOmQ2ZmW0rdFb1t4ra5xENGQ_0PF8ygjoxnrYtnh8M0gOi_wBUa3ug4...

170 B
188 B

31ms
31ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEHjttGetb-wajNkBVF9k2CU&google_push=AXcoOmQ2ZmW0rdFb1t4ra5xENGQ_0PF8ygjoxnrYtnh8M0gOi_wBUa3ug47v8hYKLYkhzSgnT4eEe2Xm1EnEdG3SiukiYd7ZY3Ft5x0

Requested by

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Dec 2023 22:20:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-cph2320056-CPH
pragma: no-cache
date: Mon, 25 Dec 2023 22:20:44 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1703542844.345050,VS0,VE95
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEHjttGetb-wajNkBVF9k2CU&google_push=AXcoOmQ2ZmW0rdFb1t4ra5xENGQ_0PF8ygjoxnrYtnh8M0gOi_wBUa3ug47v8hYKLYkhzSgnT4eEe2Xm1EnEdG3SiukiYd7ZY3Ft5x0
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H2 204 pixelSync
pixel-sync.sitescout.com/dmp/ Frame F235 0
187 B 126ms
32ms Image
text/plain 98.98.134.242
ZEN-ECN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEJK_Qs15rse25rPDStTeXzk&google_cver=1&google_push=AXcoOmRxIn0gQTEZsJQwYqMif-BEprQSQj2_ZJlGFe0NUtt8nl9hq6wDYSm5sV7Y-w_aCXq0lRU8s7KM2sr3vaIt-yIMahbf1b6dN4E
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4766656075352824&output=html&h=600&slotname=1019247609&adk=1564824845&adf=2530054453&pi=t.ma~as.1019247609&w=300&lmt=1703542843&format=300x600&url=https%3A%2F%2Fwww.paranaturismo.com.br%2Flunardelli%2F&ea=0&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703542843438&bpp=2&bdt=436&idt=212&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&prev_slotnames=1117840744%2C7656980933&nras=1&correlator=6547080010031&frm=20&pv=1&ga_vid=369014989.1703542844&ga_sid=1703542844&ga_hid=1826749835&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=821&ady=476&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C95320239%2C31080103%2C44795921%2C95320868%2C95320884&oid=2&pvsid=3275849631077340&tmod=184500927&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=214
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 98.98.134.242 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: A /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma: no-cache
date: Mon, 25 Dec 2023 22:20:43 GMT
cache-control: max-age=0,no-cache,no-store
server: A
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F235
Redirect Chain

https://d.agkn.com/pixel/2175/?google_gid=CAESEMM1ynAdlxCPsqcG-6NyaBg&google_cver=1&google_push=AXcoOmQMBPRNABWslF6jBIcVWQxNS8ZU-0saoL4NUB08lOr47Iuf1YXgct7HRSakZK86F13YPpVOgbqCc9QJyHMz31q8qjdj40rVQoU
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AXcoOmQMBPRNABWslF6jBIcVWQxNS8ZU-0saoL4NUB08lOr47Iuf1YXgct7HRSakZK86F13YPpVOgbqCc9QJyHMz31q8qjdj40rVQoU&google_hm=Q0FFU0VNTTF5bkFkbH...

170 B
188 B

32ms
32ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AXcoOmQMBPRNABWslF6jBIcVWQxNS8ZU-0saoL4NUB08lOr47Iuf1YXgct7HRSakZK86F13YPpVOgbqCc9QJyHMz31q8qjdj40rVQoU&google_hm=Q0FFU0VNTTF5bkFkbHhDUHNxY0ctNk55YUJn

Requested by

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Dec 2023 22:20:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 25 Dec 2023 22:20:43 GMT
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AXcoOmQMBPRNABWslF6jBIcVWQxNS8ZU-0saoL4NUB08lOr47Iuf1YXgct7HRSakZK86F13YPpVOgbqCc9QJyHMz31q8qjdj40rVQoU&google_hm=Q0FFU0VNTTF5bkFkbHhDUHNxY0ctNk55YUJn
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 451 466606.gif
id.rlcdn.com/ Frame F235 0
98 B 103ms
33ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/466606.gif?cparams=google_push%3DAXcoOmTkMpW7hUQFfuwfuQDPVauG6eBAQdozc1aWWRPqkNYpBnmVAfSqDw1Nav1Qpx8_3x1Aei8r17OKohaXov_hOzt6kNIwkeX0jg&google_gid=CAESEAj4WjpU9VE7VyQVsHTwz3Y&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4766656075352824&output=html&h=600&slotname=1019247609&adk=1564824845&adf=2530054453&pi=t.ma~as.1019247609&w=300&lmt=1703542843&format=300x600&url=https%3A%2F%2Fwww.paranaturismo.com.br%2Flunardelli%2F&ea=0&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703542843438&bpp=2&bdt=436&idt=212&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&prev_slotnames=1117840744%2C7656980933&nras=1&correlator=6547080010031&frm=20&pv=1&ga_vid=369014989.1703542844&ga_sid=1703542844&ga_hid=1826749835&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=821&ady=476&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C95320239%2C31080103%2C44795921%2C95320868%2C95320884&oid=2&pvsid=3275849631077340&tmod=184500927&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=214
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 22:20:44 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F235
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEG9LL4pxU9Odc_dUEzkt9Po&google_cver=1&google_push=AXcoOmTDwdF4pDyMZEJ_eouojZbcvdE91z4Tg82wK-GO4Xyz_ZXpQNcPTGLF9nBFquvf0zSdt01lsxUKIMncZL...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMxNjY2MDgwMjMxOTY3NzU4Mw%3D%3D&google_push=AXcoOmTDwdF4pDyMZEJ_eouojZbcvdE91z4Tg82wK-GO4Xyz_ZXpQNcPTGLF9nBFquvf0zSdt01lsxUKIMncZLDUCB...

170 B
188 B

31ms
30ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMxNjY2MDgwMjMxOTY3NzU4Mw%3D%3D&google_push=AXcoOmTDwdF4pDyMZEJ_eouojZbcvdE91z4Tg82wK-GO4Xyz_ZXpQNcPTGLF9nBFquvf0zSdt01lsxUKIMncZLDUCB38YV4m7JjFPRc

Requested by

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Dec 2023 22:20:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMxNjY2MDgwMjMxOTY3NzU4Mw%3D%3D&google_push=AXcoOmTDwdF4pDyMZEJ_eouojZbcvdE91z4Tg82wK-GO4Xyz_ZXpQNcPTGLF9nBFquvf0zSdt01lsxUKIMncZLDUCB38YV4m7JjFPRc
Date: Mon, 25 Dec 2023 22:20:44 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H2

200

report
sync.teads.tv/um/ Frame F235
Redirect Chain

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEPC2Ps6J8nHA...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmRLBrz6Vlbbd6vl2spcnNsxy2r2UouIBfYkw_M4H9szsBCsSJL6CMdCEJ0iTFIcJh8f4cMvgNB66gIS2_d3OVRZI9L9JXIKokcF
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
163 B

52ms
50ms

Image
image/gif

2.19.245.101
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4766656075352824&output=html&h=600&slotname=1019247609&adk=1564824845&adf=2530054453&pi=t.ma~as.1019247609&w=300&lmt=1703542843&format=300x600&url=https%3A%2F%2Fwww.paranaturismo.com.br%2Flunardelli%2F&ea=0&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703542843438&bpp=2&bdt=436&idt=212&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&prev_slotnames=1117840744%2C7656980933&nras=1&correlator=6547080010031&frm=20&pv=1&ga_vid=369014989.1703542844&ga_sid=1703542844&ga_hid=1826749835&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=821&ady=476&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C95320239%2C31080103%2C44795921%2C95320868%2C95320884&oid=2&pvsid=3275849631077340&tmod=184500927&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=214
Protocol: H2
Server: 2.19.245.101 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-245-101.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Mon, 25 Dec 2023 22:20:44 GMT
pragma: no-cache
date: Mon, 25 Dec 2023 22:20:44 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Mon, 25 Dec 2023 22:20:44 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame F235 0
12 B 29ms
29ms Image
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JU-O4m73NLUiaB_7xAA0qb1hQQsXCsfxUN8vb5unbAxSjclNZBvdInHTyigWJ3frdOtlpXxg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 22:20:44 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.50/one-ad/ Frame 5CC6 115 KB
14 KB 42ms
42ms Stylesheet
text/css 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1g3548v11szq27s4e8antfrek2765b002nvdt0v52xgcm7cp32dky51xbts1ay6hmc0hjekr5e8xrzsdb4vsrkqcwrmg0cz9fj7z2d2rf1wrn9wyv6hjhp6q727mrkkwew3tqfyn8ss2geqch6wctstrz2k18d3yrmmgdp4x4zzh1h78762y9w0b8rnma7379nwayw6x5whv2pg5r933zwtejsnrsj4vqbfba8487pthqvfgj79h65rndf2rfxcy13w9pp9c71x4x6zpkxvnhth12esep9b43786z5r59mwqhbte67gx7p5yqedf2t5vdx79yscc2qkjek0qf2j2f2b2795nnx9hbe5sdjngrrw74cm4ft5j5fmrpa83h6hny977crcsf9008nzktjqwn8739pyps3ye9q96sd4j8cbc052dvsntg43skrhm8zw4dr686jgr28&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCGp0UOwCKZb-3OJyTmLAPkJa0wAOQ4YGEXLaoworwAsCNtwEQASAAYJWipIKwB4IBF2NhLXB1Yi00NzY2NjU2MDc1MzUyODI0yAEJqQIRY4ZOUXiyPqgDAcgDAqoEmgJP0JuNx3sOuOU3Tz258PPZQ--bzVpbxonUTlMnbypF_XTZygKfOxLfZYuzG74SZSM3kz_DdSfJFIWoF8AMxb0BQyITDZ0nxnxwIdzMZBlslCKrQNtzmfbaTCcyku8zDG38Xw1mGMSOEjOJtqsXT-bysHncurfEEF8UMR3cqzlruX-Qk3VNtMcpgZC0DmeiUS5a9mpbMj-smGfIBB4zrB7nGqwZJEaioDRnVVCKaLZoNrHOoCHmi0ugClMeKqH3ZlbEjQ_ly5DEKc1PbhtFenRO76RBV3PxF2CbDpRcxpA9AD75fsXqE0-r4gPlawJ1wqPcw6c8_zgTctga1hZYoF9FJV1tX6bzoF6sWP9yXa3nUHpq8XhcuwE0IDeABvnEndus88zewwGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYpYbJ0M-rgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1I93El2lPjZx4jNcyAVHzTNSYykg%26client%3Dca-pub-4766656075352824%26adurl%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1g3548v11szq27s4e8antfrek2765b002nvdt0v52xgcm7cp32dky51xbts1ay6hmc0hjekr5e8xrzsdb4vsrkqcwrmg0cz9fj7z2d2rf1wrn9wyv6hjhp6q727mrkkwew3tqfyn8ss2geqch6wctstrz2k18d3yrmmgdp4x4zzh1h78762y9w0b8rnma7379nwayw6x5whv2pg5r933zwtejsnrsj4vqbfba8487pthqvfgj79h65rndf2rfxcy13w9pp9c71x4x6zpkxvnhth12esep9b43786z5r59mwqhbte67gx7p5yqedf2t5vdx79yscc2qkjek0qf2j2f2b2795nnx9hbe5sdjngrrw74cm4ft5j5fmrpa83h6hny977crcsf9008nzktjqwn8739pyps3ye9q96sd4j8cbc052dvsntg43skrhm8zw4dr686jgr28&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCGp0UOwCKZb-3OJyTmLAPkJa0wAOQ4YGEXLaoworwAsCNtwEQASAAYJWipIKwB4IBF2NhLXB1Yi00NzY2NjU2MDc1MzUyODI0yAEJqQIRY4ZOUXiyPqgDAcgDAqoEmgJP0JuNx3sOuOU3Tz258PPZQ--bzVpbxonUTlMnbypF_XTZygKfOxLfZYuzG74SZSM3kz_DdSfJFIWoF8AMxb0BQyITDZ0nxnxwIdzMZBlslCKrQNtzmfbaTCcyku8zDG38Xw1mGMSOEjOJtqsXT-bysHncurfEEF8UMR3cqzlruX-Qk3VNtMcpgZC0DmeiUS5a9mpbMj-smGfIBB4zrB7nGqwZJEaioDRnVVCKaLZoNrHOoCHmi0ugClMeKqH3ZlbEjQ_ly5DEKc1PbhtFenRO76RBV3PxF2CbDpRcxpA9AD75fsXqE0-r4gPlawJ1wqPcw6c8_zgTctga1hZYoF9FJV1tX6bzoF6sWP9yXa3nUHpq8XhcuwE0IDeABvnEndus88zewwGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYpYbJ0M-rgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1I93El2lPjZx4jNcyAVHzTNSYykg%26client%3Dca-pub-4766656075352824%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 22:20:44 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2313042
cf-polished: origSize=118430
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 02 Nov 2023 10:26:17 GMT
server: cloudflare
etag: W/"486507ccce9ac587d11c0ef3f32a109a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rhsmDZ%2Fo7Y3qBNzajy4GvkCFMpf97b2edB5BRj1w4OmGibOsVS931Fh9ANRtpr%2BBpYc2WDd8L2tlh3ZERynVES%2FSrFRD78TdobHLG8Wg7vyb5W1dulum35j2knnSm4MbZu0zpKP%2B4%2Bo%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=86400
cf-ray: 83b479192b256ab8-FRA
expires: Tue, 26 Dec 2023 22:20:44 GMT

GET
H3 200 r62eglto.js Show response
ad4m.at/ Frame 5CC6 24 KB
10 KB 63ms
63ms Script
application/javascript 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1g3548v11szq27s4e8antfrek2765b002nvdt0v52xgcm7cp32dky51xbts1ay6hmc0hjekr5e8xrzsdb4vsrkqcwrmg0cz9fj7z2d2rf1wrn9wyv6hjhp6q727mrkkwew3tqfyn8ss2geqch6wctstrz2k18d3yrmmgdp4x4zzh1h78762y9w0b8rnma7379nwayw6x5whv2pg5r933zwtejsnrsj4vqbfba8487pthqvfgj79h65rndf2rfxcy13w9pp9c71x4x6zpkxvnhth12esep9b43786z5r59mwqhbte67gx7p5yqedf2t5vdx79yscc2qkjek0qf2j2f2b2795nnx9hbe5sdjngrrw74cm4ft5j5fmrpa83h6hny977crcsf9008nzktjqwn8739pyps3ye9q96sd4j8cbc052dvsntg43skrhm8zw4dr686jgr28&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCGp0UOwCKZb-3OJyTmLAPkJa0wAOQ4YGEXLaoworwAsCNtwEQASAAYJWipIKwB4IBF2NhLXB1Yi00NzY2NjU2MDc1MzUyODI0yAEJqQIRY4ZOUXiyPqgDAcgDAqoEmgJP0JuNx3sOuOU3Tz258PPZQ--bzVpbxonUTlMnbypF_XTZygKfOxLfZYuzG74SZSM3kz_DdSfJFIWoF8AMxb0BQyITDZ0nxnxwIdzMZBlslCKrQNtzmfbaTCcyku8zDG38Xw1mGMSOEjOJtqsXT-bysHncurfEEF8UMR3cqzlruX-Qk3VNtMcpgZC0DmeiUS5a9mpbMj-smGfIBB4zrB7nGqwZJEaioDRnVVCKaLZoNrHOoCHmi0ugClMeKqH3ZlbEjQ_ly5DEKc1PbhtFenRO76RBV3PxF2CbDpRcxpA9AD75fsXqE0-r4gPlawJ1wqPcw6c8_zgTctga1hZYoF9FJV1tX6bzoF6sWP9yXa3nUHpq8XhcuwE0IDeABvnEndus88zewwGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYpYbJ0M-rgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1I93El2lPjZx4jNcyAVHzTNSYykg%26client%3Dca-pub-4766656075352824%26adurl%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e688c863b85a28f75e5c1c7f21092f1f419649e10496f9f1fc36826112bbd348

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 22:20:44 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 29 Nov 2023 09:14:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 479154
etag: W/"aa3e81d21ff1f0e18f4862e53a794952"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GSIPGcZX6n88Lkacg0b45C84QSNJqmQaf8OjgWQx9UNGAZdl28i%2Fa1okm%2FEra3i9CgVO1910IH1iUW5va1F1c3FxrDA3aCFivP9MR0Ug6W6j2kKHTMTAUERy4ZuKqKFlBskB034%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 83b479192b266ab8-FRA
alt-svc: h3=":443"; ma=86400
expires: Wed, 13 Dec 2023 09:16:49 GMT

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 73ms
46ms Preflight
text/plain 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 83b479195c691b93-FRA
content-length: 24
content-type: text/plain
date: Mon, 25 Dec 2023 22:20:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iWu2o6lB1gWSMJEc9ZidydhV3Uwka7C4VeFopjoAn38u2b5U3YA5ZN2iYufLgC5Xe%2FoiJ7VgX%2FzE0KEVubQFWtouGicyEQSM9VTt1kQRXB1UK8x8KuamNrJI70xLIkX6%2BPEviYc%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-8f05

POST
H3 200 rs Show response
ad4m.at/ Frame 18E1 1 KB
2 KB 49ms
47ms XHR
text/plain 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e5d3874bc803b5302f3737e59f0021953e4a5adc15ca6ef907d72ea86ee856bc

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 25 Dec 2023 22:20:44 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ixiTPU1oyBQC4AMiuXtmoPIWocMtxuLion0i6HZHmN7kYhtcbhZ3qUSO9g4HWvlabh06zjMqMTIFtz%2BkOrgyuCaf0iHnkftuDVQGiqGDXWw6hMeQeyKaPoIMih8mnUsjreDfnhc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
cf-ray: 83b47919acb11b93-FRA
x-backend-server: aa-reachservice-group-europe-west1-8f05
alt-svc: h3=":443"; ma=86400

POST
H3 200 rs Show response
ad4m.at/ Frame 250A 2 KB
2 KB 48ms
48ms XHR
text/plain 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 892120081d57b57e65135252098e9a191e079faec4911c84c35105752c452018

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 25 Dec 2023 22:20:44 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=40V3q9SuddprELeqRVYkuEQm3BGg%2BeBjbg%2FsX9UalTj%2FMikpQYNmu1OX3Qvj6OK8%2FHFwiG8xnwFpM8XHEyKMEConmdQzDfl%2BUNxI8nzf%2FmDKEGygYL14qs%2BgAd9%2FnKrm%2BJifVPc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
cf-ray: 83b47919acb41b93-FRA
x-backend-server: aa-reachservice-group-europe-west1-8f05
alt-svc: h3=":443"; ma=86400

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 74ms
47ms Preflight
text/plain 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 83b479195c681b93-FRA
content-length: 24
content-type: text/plain
date: Mon, 25 Dec 2023 22:20:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1909CCP0R872%2BGHl5Xzez8EKXBR%2FXnLdYeyuBjEtGU%2Bi%2BcKgTcfrihKYqp3MbA8rwcoJRU7aFPX0bFcGZ1V4tgXhhIqkGKRrV0lsdDqtRoQd1hHbpuWJMj0nTSulyNQnYMwv9Xo%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-8f05

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 0818 350 B
638 B 34ms
33ms Image
image/png 2606:4700:20::681a:71b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:71b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d41dc07aed30cb54de661289691254b1288a52bcf4d121cec3acb89d4aa872a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 22:20:44 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3060091
alt-svc: h3=":443"; ma=86400
content-length: 350
last-modified: Mon, 20 Nov 2023 11:04:04 GMT
server: cloudflare
etag: "e7fc49b61cae983db8c3a1dccf923b93"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kgAft1Vdr77CC1KQkR7VTEtv4MjfhZ%2FpAyXgtnv3rpXS9FDkJ9IX%2BMvxUaGyFPlGG6vGqa2rqqPdwsdoSzLVpGv61zlfJmEW4tqlfmhX1FeyH4y%2BwH9PqsB%2Bxk4EOlIaSFwTktRdWhKKJBChs8lOiJot"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 83b4791978c6368c-FRA
expires: Tue, 19 Nov 2024 11:23:05 GMT

GET
H3 200 cookie-frame.html Show response
ad4m.at/ Frame E4B8 2 KB
1 KB 33ms
33ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/cookie-frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0db16c25165bfd35ea9114187f3e97d7084a33135cb56fe276f6cdd2ab675647

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2227931
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=86400, stale-if-error=86400
cf-cache-status: HIT
cf-ray: 83b479197b6c6ab8-FRA
content-encoding: br
content-language: en
content-type: text/html
date: Mon, 25 Dec 2023 22:20:44 GMT
expires: Thu, 30 Nov 2023 03:29:52 GMT
last-modified: Tue, 28 Nov 2023 11:49:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nSb1yk0gZm8%2FGFIzuo3TrHgnWvrTrrVbkMTZYn9m5WuJKCmbumTezlvg1nrMwA9G8gL8uUI9oPiN8G7D7e4OiyO2D4v1kGZKNhLTxbodcgKrHnAqRFw6yMi%2BmQ7TTV%2BLdZuZBZg%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame E23A 0
19 B 67ms
66ms Image
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C-_JzOwCKZYf7N9KI1wazjJq4AZDhgYRctqjCivACwI23ARABIABglaKkgrAHggEXY2EtcHViLTQ3NjY2NTYwNzUzNTI4MjTIAQmpAhFjhk5ReLI-qAMByAMCqgSWAk_Qc9zH2_Sz2GxxBDvhfUg5fnk2Q-IAdKxkGIR8ALGhKIfbcyr29s_2Rj5og1fDlZRepQNAjTSyZsIXKEqEX6SMuSfWqrK8z3KqRKdU4xadGQYzrmVNYv_jfW7jdsIEzHc-F_ZaeYxz9TLQ5DmXtatNOkguFdMVUhWvKF-_ODpnz3JD7ZDyJh7pNmlnLJ1FvFxap384kbk6OxYdfCJCRpB_DX8Hn_6eptLoozWo3oK_pfmeI9LOvTMLiG95FcuqZQlq7KIWVfAiRHI1yQKiiDkRl8BnfHCbEtSLiIoOeGsU8oQWC8GtyNByA2XNRH8LE6-4YQJhbk7N18KEu8Eew8UUocC3G7qp9pk2Mcn4mV_LLacFDmVWgAbF76qXrOryphygBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYl8rI0M-rgwOACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItNDc2NjY1NjA3NTM1MjgyNBgA&sigh=kRp9T0dRQOg&uach_m=%5BUACH%5D&cid=CAQSOwAvHhf_M6VQBU8Ea7WsdiOXYvtpsO8-OqYXrziPv0Dt8GMKhzp-4z1HUz6bIxKFRuAJlvqCM5GrzMakGAE&cbvp=2&vis=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4766656075352824&output=html&h=60&slotname=7656980933&adk=2977947412&adf=295265960&pi=t.ma~as.7656980933&w=468&lmt=1703542843&url=https%3A%2F%2Fwww.paranaturismo.com.br%2Flunardelli%2F&ea=0&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703542843426&bpp=3&bdt=423&idt=212&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&abxe=1&prev_fmts=0x0&prev_slotnames=1117840744&nras=1&correlator=6547080010031&frm=20&pv=1&ga_vid=369014989.1703542844&ga_sid=1703542844&ga_hid=1826749835&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=297&ady=380&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C95320239%2C31080103%2C44795921%2C95320868%2C95320884&oid=2&pvsid=3275849631077340&tmod=184500927&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=214
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 25 Dec 2023 22:20:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame E23A 0
39 B 98ms
34ms Image
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1k1h18p2tq3y7hbwxezgevbqqvhpr8qggge226pc7g3vtwe0apb7fhw4x558ee5em4gfs5hw999m0bdm5jdk3crmpd75e903cphjnqcat12r49wgzce719esa25fj9j2a78yzzv4rt7z5mrmq945d21230j74kn1qx9a7fbwvy7zzxcxxw4ex91ymn3s8vn55cc0gefmxxgjm1g5jjcdxbw5jp6x54zj8afszn4m0r8xaayztavw19p7smay1c64y0z7vees5s96vwghb16erqkgakszvyhrh0dqz1dwmy6vjqyzf99nf7s008cdymn2t8fxvpaeta9xtg4010cb2k12kjpf1hege6390dzxv41fdypr08expj8zrbnwfsqa7w1nck032bcmmw8&b=ZYoAOwAN_YcK1cRSAAaGM1-u4u11oyBKmVxP2w&cbvp=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4766656075352824&output=html&h=60&slotname=7656980933&adk=2977947412&adf=295265960&pi=t.ma~as.7656980933&w=468&lmt=1703542843&url=https%3A%2F%2Fwww.paranaturismo.com.br%2Flunardelli%2F&ea=0&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703542843426&bpp=3&bdt=423&idt=212&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&abxe=1&prev_fmts=0x0&prev_slotnames=1117840744&nras=1&correlator=6547080010031&frm=20&pv=1&ga_vid=369014989.1703542844&ga_sid=1703542844&ga_hid=1826749835&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=297&ady=380&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C95320239%2C31080103%2C44795921%2C95320868%2C95320884&oid=2&pvsid=3275849631077340&tmod=184500927&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=214
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 25 Dec 2023 22:20:44 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 5CC6 350 B
639 B 37ms
33ms Image
image/png 2606:4700:20::681a:71b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:71b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d41dc07aed30cb54de661289691254b1288a52bcf4d121cec3acb89d4aa872a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 22:20:44 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3060091
alt-svc: h3=":443"; ma=86400
content-length: 350
last-modified: Mon, 20 Nov 2023 11:04:04 GMT
server: cloudflare
etag: "e7fc49b61cae983db8c3a1dccf923b93"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=np%2F3d2SPC9Iwx4GkGb9pmwV81skoFznutn9bJKAWNTDtn7ZHEWym8Vqp%2BBSX6akglOvi%2BKr4Zk72V7Czzz39S03M0D%2F%2BaCrcGgjc1x6JyRX4s2IgNMBjvdK619N9UvKj94H5DQl2DWtKKK5lDTnu7z0k"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 83b4791998e9368c-FRA
expires: Tue, 19 Nov 2024 11:23:05 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame D1B9 0
19 B 67ms
64ms Image
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=ClgToOwCKZcX7N6jJmLAPjdea2AeQ4YGEXLaoworwAsCNtwEQASAAYJWipIKwB4IBF2NhLXB1Yi00NzY2NjU2MDc1MzUyODI0yAEJqQIRY4ZOUXiyPqgDAcgDAqoEnQJP0NcqJtg55nB97JQdWA9hOfZx658I9BM70u2wKuatPeCCl73oqHIJb06E8gPpkN78w_jwiJCk6TbTFuxURvadFFk735Y2Wk8ry37wu_gpweFbfdBKj-lJ-tIIO4v0OTu9mPDxbvjTi2Y9xfZNZ91EzZsMWYOuzzUbVnoVIUWOzB7Kj_vTOYmYjm8iIy2SN5ZE8lZJ0ZOLnhW94Avz7-O-S4JAcrsJsnmcofKH-CkGLwNCfgt78QsqaBx7sERWmeAsR7aRqkTj87b5tuUm6WkwqB3B41GcZ0SU9dVxwxmN76BUUw1KjlemuLbvQA8hYhLg0vVocKaWe2h2kb_58utGfta08hgxj4dvbhOSB7GqtL0ibNYJlU1vh2J-KoeABunliPTnivbzeaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOljCzsjQz6uDA4AKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi00NzY2NjU2MDc1MzUyODI0GAA&sigh=BsihbMSKiG0&uach_m=%5BUACH%5D&cid=CAQSOwAvHhf_GGxmiLxDcRBm3ru8Ncwk3LfKeI1mnzqKpHeCDAKU-KtEBhPtcyZm6DzslPY_Iixbo5JuR23gGAE&cbvp=2&vis=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4766656075352824&output=html&h=600&slotname=6929445609&adk=997224295&adf=2345113435&pi=t.ma~as.6929445609&w=160&lmt=1703542843&format=160x600&url=https%3A%2F%2Fwww.paranaturismo.com.br%2Flunardelli%2F&ea=0&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703542843442&bpp=6&bdt=440&idt=223&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600&prev_slotnames=1117840744%2C7656980933&nras=1&correlator=6547080010031&frm=20&pv=1&ga_vid=369014989.1703542844&ga_sid=1703542844&ga_hid=1826749835&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1143&ady=1053&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C95320239%2C31080103%2C44795921%2C95320868%2C95320884&oid=2&pvsid=3275849631077340&tmod=184500927&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&fsb=1&dtd=225
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 25 Dec 2023 22:20:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame D1B9 0
39 B 82ms
33ms Image
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1gq6e82z5jxwqpa9f83zdfay0ywq610f24931xgndmbwpt7z8tr6v8kcgmr2gy0y0vvaf0e0g2rpq162nerrpnef05vk2qjej8g4qgs9vrrz5bv5r0ek2zxnj3ar0p68qe4s28qx3zp4pe5dgrzcy2yvp57rk9vsj13h2av30csr2y356j4vk4dpbs9m7c87rj7c7y8ew5332zgqwerkdjtqnd96gw13x4b1mf8xvh7dh6kd06vgzkqrkjqtk284cmw02x86xq7vrcq7cy7rdsn7ma0q58r6nzh8fyaxy6x6vdys9fyckvgqfn5ymtywfj64j98mxbjzsqxntwr7cwjmas85aexyrsdk9e2tx8jnq221nn685y5dz04wn5zgfq3dtqv5tx980kr&b=ZYoAOwAN_cUABiSoAAarjfkrXkCOFDlGd0Fkpg&cbvp=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4766656075352824&output=html&h=600&slotname=6929445609&adk=997224295&adf=2345113435&pi=t.ma~as.6929445609&w=160&lmt=1703542843&format=160x600&url=https%3A%2F%2Fwww.paranaturismo.com.br%2Flunardelli%2F&ea=0&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703542843442&bpp=6&bdt=440&idt=223&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600&prev_slotnames=1117840744%2C7656980933&nras=1&correlator=6547080010031&frm=20&pv=1&ga_vid=369014989.1703542844&ga_sid=1703542844&ga_hid=1826749835&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1143&ady=1053&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C95320239%2C31080103%2C44795921%2C95320868%2C95320884&oid=2&pvsid=3275849631077340&tmod=184500927&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&fsb=1&dtd=225
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 25 Dec 2023 22:20:44 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H3 200 cookie-frame.html Show response
ad4m.at/ Frame 94EC 2 KB
1 KB 33ms
32ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/cookie-frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0db16c25165bfd35ea9114187f3e97d7084a33135cb56fe276f6cdd2ab675647

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2227931
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=86400, stale-if-error=86400
cf-cache-status: HIT
cf-ray: 83b479199b9f6ab8-FRA
content-encoding: br
content-language: en
content-type: text/html
date: Mon, 25 Dec 2023 22:20:44 GMT
expires: Thu, 30 Nov 2023 03:29:52 GMT
last-modified: Tue, 28 Nov 2023 11:49:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4wY5IXcabSvEfxv%2Bgq2QSVBxL9K3%2Bpqmf%2FAnqTkcPf3hiO9VJ3gDtVp3bYr1raO1Yjsa6lWQS7KgHuLMzO6DlmW08Rq%2BYzkqJZoXUr1F6N4QglbapMVukw0iF1cqwdEVieAreR0%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 766B 0
19 B 66ms
66ms Image
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CvEXYOwCKZaHiN4vE9u8Pr7eS4AOQ4YGEXLaoworwAsCNtwEQASAAYJWipIKwB4IBF2NhLXB1Yi00NzY2NjU2MDc1MzUyODI0yAEJqQIRY4ZOUXiyPqgDAcgDAqoElgJP0GDVPx2-HIFJ4_DO5-AZ_Usvc1Ew0hF0ShpGECcspFxlQ6y-VX-86iEBa9ifQJ_bCcqFSwqY10bA9bzv_qgSUmSUZVwo1e1eA8kOzu1IgssZ_t5HtJYmmpZW8ZHNsXW4xWWv1o1bKb96jH-zNs0Z0H98ldBKn2DViwdPEeeZcOh8UFKp-aninbmIQ8EbRhsDrZ2mbnftNvWDgjFtvTDtRZsP9z4X2xtHhsQrdzUVX7F7MEUBck3jRbAy7fq5rthigWu4cvjq4OCg6YbiKcu6N6G7Ib8DgzwjAky94ehuO6FV2z8dKrK2to9PQAh95lfOa3fz8_Dp0fTTz8aTodjLaBEdvuS1J2zbqF4Hfs2-EwGkV1q0oYAGx5G4oZi-xt9soAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WPvFyNDPq4MDgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTQ3NjY2NTYwNzUzNTI4MjQYAA&sigh=6bjPUzPjdwA&uach_m=%5BUACH%5D&cid=CAQSOwAvHhf_EfHyZHb2li7zrA0jP7RdnsMiQbEmC3SSmZx1z1B9Hq4vHxonE8NZiTTOoVotxWvmMDlm8WA1GAE&cbvp=2&vis=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4766656075352824&output=html&h=90&slotname=1117840744&adk=1721480579&adf=767381939&pi=t.ma~as.1117840744&w=728&lmt=1703542843&url=https%3A%2F%2Fwww.paranaturismo.com.br%2Flunardelli%2F&ea=0&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703542843424&bpp=2&bdt=422&idt=207&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&abxe=1&prev_fmts=0x0&nras=1&correlator=6547080010031&frm=20&pv=1&ga_vid=369014989.1703542844&ga_sid=1703542844&ga_hid=1826749835&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=612&ady=42&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C95320239%2C31080103%2C44795921%2C95320868%2C95320884&oid=2&pvsid=3275849631077340&tmod=184500927&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=210
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 25 Dec 2023 22:20:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame 766B 0
39 B 58ms
33ms Image
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1hvc57v6wdnzam0fq8a55whfqs43hf73qmtx88ww6ebyzbc5y2n2d0c8fzxd433c1qhh2d14yy0dr4p5xn8smx47qp42b526hp211drrw0zg6mzyhzd5se8fptc2awqat171v96xw9mf3xqq8rfchv2yfzqc87zmhhpcxadk9wdwfsqn22h0sgjbzpjkwjbg5rxgn18hsa37jrm5sceet5efhvsw2ghw0h9x533kg6hd77drt6skajkx95xb4mpjnzrfee57vdm2bahxw0c92xrn7apbmam10gjrcdmhrsae9zvhr8qgx0p3treyabjdszdyqnhwzrhyn7taw9cwd7790t63gb0ftrexr373xxjb9em7sz169e4kpya3dt3h8mbgx1qpw8x7ye8&b=ZYoAOwAN8SEH_aILAASbr4sfOJK6DZ0zOfv-xQ&cbvp=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4766656075352824&output=html&h=90&slotname=1117840744&adk=1721480579&adf=767381939&pi=t.ma~as.1117840744&w=728&lmt=1703542843&url=https%3A%2F%2Fwww.paranaturismo.com.br%2Flunardelli%2F&ea=0&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703542843424&bpp=2&bdt=422&idt=207&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&abxe=1&prev_fmts=0x0&nras=1&correlator=6547080010031&frm=20&pv=1&ga_vid=369014989.1703542844&ga_sid=1703542844&ga_hid=1826749835&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=612&ady=42&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C95320239%2C31080103%2C44795921%2C95320868%2C95320884&oid=2&pvsid=3275849631077340&tmod=184500927&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=210
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 25 Dec 2023 22:20:44 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

POST
H3 200 rs Show response
ad4m.at/ Frame 0818 2 KB
2 KB 54ms
53ms XHR
text/plain 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d1bc48e39fbd54b0a86d5e4cf9a621112af952765139dba9830476bfcb6e8bc0

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 25 Dec 2023 22:20:44 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=plHK9KCYyDi7xaeeUFWm2eGZUJcZNySU3v30c5vvYPOoJXQOT7TO8I2gChsc9o9OmZwNimWsFXzRiFItDH2nrgxr9b7%2FkujZWa5B8A7MhIA4smTKV48rfIgvVw9PKj3K0nPnzdo%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
cf-ray: 83b4791a0cfc1b93-FRA
x-backend-server: aa-reachservice-group-europe-west1-8f05
alt-svc: h3=":443"; ma=86400

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 44ms
44ms Preflight
text/plain 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 83b47919bcc11b93-FRA
content-length: 24
content-type: text/plain
date: Mon, 25 Dec 2023 22:20:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vH3ap4GSJQnJucPzxOE8WKUqY9sOP84q81kAOhFMEA71chXQ5Boq8SnaGa%2FBhoO00WK1FQXy75eo%2FGWY3PU9nqdF7TRAGOTirE2BJ8pPJsC4lQiGuj3kqVF6skV4tLpLu%2F2SXVU%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-8f05

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame A17C 0
19 B 66ms
66ms Image
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CCcYmOwCKZb-3OJyTmLAPkJa0wAOQ4YGEXLaoworwAsCNtwEQASAAYJWipIKwB4IBF2NhLXB1Yi00NzY2NjU2MDc1MzUyODI0yAEJqQIRY4ZOUXiyPqgDAcgDAqoElwJP0JuNx3sOuOU3Tz258PPZQ--bzVpbxonUTlMnbypF_XTZygKfOxLfZYuzG74SZSM3kz_DdSfJFIWoF8AMxb0BQyITDZ0nxnxwIdzMZBlslCKrQNtzmfbaTCcyku8zDG38Xw1mGMSOEjOJtqsXT-bysHncurfEEF8UMR3cqzlruX-Qk3VNtMcpgZC0DmeiUS5a9mpbMj-smGfIBB4zrB7nGqwZJEaioDRnVVCKaLZoNrHOoCHmi0ugClMeKqH3ZlbEjQ_ly5DEKc1PbhtFenRO76RBV3PxF2CbDpRcxpA9AD75fsXqE0-r4gPlawJ1wqPcgaUdbe_q9ZjSUV7OehbX12R5VQv5jkZx2D07z1VzTlZyJKTD-8mABvnEndus88zewwGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYpYbJ0M-rgwOACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItNDc2NjY1NjA3NTM1MjgyNBgA&sigh=P6fhhM_5tQ8&uach_m=%5BUACH%5D&cid=CAQSOwAvHhf_ZZFX6uyJbJpm9zbUo4RPhz81tmaCfT35yurF7aPxCpPY580f8-wZv8MzzXAfCmiQo04JUSaNGAE&cbvp=2&vis=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4766656075352824&output=html&h=600&slotname=1019247609&adk=1564824845&adf=2530054453&pi=t.ma~as.1019247609&w=300&lmt=1703542843&format=300x600&url=https%3A%2F%2Fwww.paranaturismo.com.br%2Flunardelli%2F&ea=0&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703542843438&bpp=2&bdt=436&idt=212&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&prev_slotnames=1117840744%2C7656980933&nras=1&correlator=6547080010031&frm=20&pv=1&ga_vid=369014989.1703542844&ga_sid=1703542844&ga_hid=1826749835&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=821&ady=476&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C95320239%2C31080103%2C44795921%2C95320868%2C95320884&oid=2&pvsid=3275849631077340&tmod=184500927&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=214
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 25 Dec 2023 22:20:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame A17C 0
103 B 38ms
32ms Image
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1j9snw5a9gbde6kx92vk7gwpsd4jq81415mxdpp8t0c0tcdzvt3v5x1xt9ynk3cyk10neegnq2mtkk0tk7ab98hnbfjx6msa5v1w06ptyqd5t6ybvvw9sy2ykc24fahnb0qj1qqgnx2jdkkt1e1x75cypg159f9tppc6xm9zxg9cs611vfwt4k9309516dr78bma449kmgfedgp9dkddkfdmsyxh1mhen1mft2bsasx9nh5796rrfr1hx9wqvn2xb8jrh0qk8w6tyz1x5mk4cbxyzt2qcmq1bmhsax4frhe8jjw0zc8dzabwwhn3n2hjd2k065kz0n34gnf6t7p5s3ze7f0mafe2gpxgqhcs3qm9f429vp4z1pm7ceespnb9znf0caakgjw94vg&b=ZYoAOwAOG78ABgmcAA0LEGDOPJDVPCJtnhSCfA&cbvp=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4766656075352824&output=html&h=600&slotname=1019247609&adk=1564824845&adf=2530054453&pi=t.ma~as.1019247609&w=300&lmt=1703542843&format=300x600&url=https%3A%2F%2Fwww.paranaturismo.com.br%2Flunardelli%2F&ea=0&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703542843438&bpp=2&bdt=436&idt=212&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&prev_slotnames=1117840744%2C7656980933&nras=1&correlator=6547080010031&frm=20&pv=1&ga_vid=369014989.1703542844&ga_sid=1703542844&ga_hid=1826749835&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=821&ady=476&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C95320239%2C31080103%2C44795921%2C95320868%2C95320884&oid=2&pvsid=3275849631077340&tmod=184500927&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=214
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 25 Dec 2023 22:20:44 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 44ms
44ms Preflight
text/plain 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 83b47919dcd91b93-FRA
content-length: 24
content-type: text/plain
date: Mon, 25 Dec 2023 22:20:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GlGpa3c9fR3dWW3kR74i7c1vTy8T8vdu85rC4KWi2tBoAz3z8bIiYKloxI9bNnPVgDo0JjodopBrLcbsOshHB%2BpfKMRuEFVAOW2CzjNpAj4MEeBOer9cp2bWpEr5wZKthe1Yd2A%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-8f05

POST
H3 200 rs Show response
ad4m.at/ Frame 5CC6 2 KB
2 KB 52ms
52ms XHR
text/plain 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6e84b3f862047e1abcc9290804c5ddc1233152d1845cc3614089488ed43c46f8

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 25 Dec 2023 22:20:44 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rLErMYPYqlg9wb%2F2ew1Ewh3DV4idlZBW4TQIfgvgm0l2aI5YtdR40mQnKmAS5IjtI1eSx%2BDm45KxcA0qNkkcE%2FYgqLpZYmjQSOSKImwMfvA3uZV3wXHqICaIYDUVTQ3cE5xbtHk%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
cf-ray: 83b4791a1d3a1b93-FRA
x-backend-server: aa-reachservice-group-europe-west1-8f05
alt-svc: h3=":443"; ma=86400

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame DD0A 5 KB
3 KB 51ms
51ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=197862&b=Rx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ&f=QxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5&c=320&d=50&e=&g=e2eaa6b7231780b2f2b3870f08acc77d%2F5666372123874972876&i=71725&j=21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1703542844431&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gy40w9tx9095cmnndrcgdeqngkpp0nj7pd3mpdkem9h83t4wjw9rrpbntcscr9zwzec4gqbj2j6zp3hhcmq7kt312y5zjy62re14410nbs5ctf1ygz81gd0vnjx340v643y3vdm6tjftgp02j9vyg1jxevpagq6qjk93qj4ep7hjrw84bw29vbb5sh76g87gstzwkcbtbvf7dba3kkex7ktew25va7w76t3xp1nkfskxqb9wyr4xqknjtnt9qq5kz5f8cf3v9tvs1t0qht17wms%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCkS20OwCKZYf7N9KI1wazjJq4AZDhgYRctqjCivACwI23ARABIABglaKkgrAHggEXY2EtcHViLTQ3NjY2NTYwNzUzNTI4MjTIAQmpAhFjhk5ReLI-qAMByAMCqgSZAk_Qc9zH2_Sz2GxxBDvhfUg5fnk2Q-IAdKxkGIR8ALGhKIfbcyr29s_2Rj5og1fDlZRepQNAjTSyZsIXKEqEX6SMuSfWqrK8z3KqRKdU4xadGQYzrmVNYv_jfW7jdsIEzHc-F_ZaeYxz9TLQ5DmXtatNOkguFdMVUhWvKF-_ODpnz3JD7ZDyJh7pNmlnLJ1FvFxap384kbk6OxYdfCJCRpB_DX8Hn_6eptLoozWo3oK_pfmeI9LOvTMLiG95FcuqZQlq7KIWVfAiRHI1yQKiiDkRl8BnfHCbEtSLiIoOeGsU8oQWC8GtyNByA2XNRH8LE-26QJC2l8mNH0XMLRtXUTcttcoaEZSxKxn0eFsADUHnNXLZkSWe30J1gAbF76qXrOryphygBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYl8rI0M-rgwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1952ya8fZ910P_mJoyi5pP1WtiJQ%2526client%253Dca-pub-4766656075352824%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

69d7a9133915438ca54c3468164317ebc64053cc56967fe31450a1ec0d49e22a

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src ;connect-src https:;default-src 'self';font-src ;form-action 'none';frame-src ;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src 'unsafe-inline'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1kpdr3t7he17zy2tx283nd7kak1mkqfw4g7brwkzpzhry3vt7derkk418148cc4131fjrzzhtqg6sb9zj8rr8mq70d69mhsf2a8gvpnk1pvkq4cbp6t2ty330w6sw4p69vchqh3zjd36yexjaq3k4tf2nj0sp1n7zvcdv5na2f22jr30eeddkb4cw0ca065cmzce2jv0rh56hr575n4paa0cfpg7dkn17vz5621d3jr06xnf7bw4b1s4sbvxq4662ek7r8371ydf9txjgwxxfggkn4t5e5b4jzb3fr6trd0t572wv7q2xaymp36gpgq8mtnwgpsywe3mfx029kcerg35cmp5gd25ryc1dda7kbt98hvvkhx56pnk7kwwk5et8x5zs5xnda7gctjd3x9pj9va1t16e6m5yvh9vx7sht875g36c183jaytcqgbhsb0601312bf&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCkS20OwCKZYf7N9KI1wazjJq4AZDhgYRctqjCivACwI23ARABIABglaKkgrAHggEXY2EtcHViLTQ3NjY2NTYwNzUzNTI4MjTIAQmpAhFjhk5ReLI-qAMByAMCqgSZAk_Qc9zH2_Sz2GxxBDvhfUg5fnk2Q-IAdKxkGIR8ALGhKIfbcyr29s_2Rj5og1fDlZRepQNAjTSyZsIXKEqEX6SMuSfWqrK8z3KqRKdU4xadGQYzrmVNYv_jfW7jdsIEzHc-F_ZaeYxz9TLQ5DmXtatNOkguFdMVUhWvKF-_ODpnz3JD7ZDyJh7pNmlnLJ1FvFxap384kbk6OxYdfCJCRpB_DX8Hn_6eptLoozWo3oK_pfmeI9LOvTMLiG95FcuqZQlq7KIWVfAiRHI1yQKiiDkRl8BnfHCbEtSLiIoOeGsU8oQWC8GtyNByA2XNRH8LE-26QJC2l8mNH0XMLRtXUTcttcoaEZSxKxn0eFsADUHnNXLZkSWe30J1gAbF76qXrOryphygBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYl8rI0M-rgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1952ya8fZ910P_mJoyi5pP1WtiJQ%26client%3Dca-pub-4766656075352824%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 83b47919fc1c6ab8-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Mon, 25 Dec 2023 22:20:44 GMT
expires: 0
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy: accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame ED51 11 KB
5 KB 48ms
48ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=197862%2C14019%2C19769&b=Rx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ%2CRx3HgfQfZx7TkHwH3tQtdWgf9SzTYMAhB3zZ%2C8R3cDf8f2qZfgHJHEtxtkZEhGSwTpQZtbw6A&f=QxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5%2CQxWH4fjfbV7txH5HYt9CZekh6S4TGD4HEzJ5%2CZxqHwfBf6A8UmHDHDtDCJQ2a6SXTQRBuY51p&c=120&d=600&e=&g=06b647365d674e1bad81df141eec0978%2F15389399129828522219&i=71725%2C21596%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1703542844432&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j7qapmvpbe50gecgw9cnb5ddk2jqdvf6767g4x2ejzehwf7akq433kepytwd2an91dyrkb6pyk2qbyf2qdw8a3s15d2y7f5z74s3jfyzcmnzm2q9ydg32mn5bhpwj77vmhs824as3gcfd8tpdc5gskn3xhdbdfcxpj1h30ykhgf95j8p8a9tr0j1vf48mmvnw0tx7k3etza9a1gn31gjhtdhetdfjnsq14f5yzs4ec6z3fqryjaxsk40axk7hn9ycbjmarw4j4xxg9m440t7b97%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCi7XcOwCKZcX7N6jJmLAPjdea2AeQ4YGEXLaoworwAsCNtwEQASAAYJWipIKwB4IBF2NhLXB1Yi00NzY2NjU2MDc1MzUyODI0yAEJqQIRY4ZOUXiyPqgDAcgDAqoEoAJP0NcqJtg55nB97JQdWA9hOfZx658I9BM70u2wKuatPeCCl73oqHIJb06E8gPpkN78w_jwiJCk6TbTFuxURvadFFk735Y2Wk8ry37wu_gpweFbfdBKj-lJ-tIIO4v0OTu9mPDxbvjTi2Y9xfZNZ91EzZsMWYOuzzUbVnoVIUWOzB7Kj_vTOYmYjm8iIy2SN5ZE8lZJ0ZOLnhW94Avz7-O-S4JAcrsJsnmcofKH-CkGLwNCfgt78QsqaBx7sERWmeAsR7aRqkTj87b5tuUm6WkwqB3B41GcZ0SU9dVxwxmN76BUUw1KjlemuLbvQA8hYhLg0vVocKaWOWpXA2gAdauO-Z4iKFGjfb57ZL6YKal3NH9r_i6di2F3Ur7hak8L7IqABunliPTnivbzeaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOljCzsjQz6uDA_oLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1x-587HaxUC_6pOl6qHjyOystF2w%2526client%253Dca-pub-4766656075352824%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

51dbbb8450743f032cb84e6ada90083b1dc4d522c2bc9066404589d2ed060963

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src ;connect-src https:;default-src 'self';font-src ;form-action 'none';frame-src ;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src 'unsafe-inline'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1hw3vrmg7y3h907x06syq4mwyfedv69f6q29wwdep3ssy6wpckwcb2exmbatkx9bxe51k5nf3v7d7xxpvewctzck76xdfv7ad59j0mc58zpdqhv0q48qpkpdawrd8mzq6saghhhc0rdj6kj33qhp8859scdbd6hv2pr4bt3mfk7n8mam213kghjxsrdt10537qn23f1q3hw6j4p3qfxq6smyq146tf8cxgwd6mkn4b8t052q3bmhnt3ngf66837er1yn7e13x4tmzv8vtt2h0dp7qbw7qyv678v7bt8tend0afbpkp2jy27st601kq3f0aq8r5ad80g6hkbdqgtzjzp047sjx4kj5pajyr4gfzhrh5n26vqtfjqkkyqfa3vdekdq3wwtjmjqt9f1adgj12wwrp6tpzmnkx65gyg32j7h41ehvq2bzqhg6dhdxkb0zvpk9q8pjr&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCi7XcOwCKZcX7N6jJmLAPjdea2AeQ4YGEXLaoworwAsCNtwEQASAAYJWipIKwB4IBF2NhLXB1Yi00NzY2NjU2MDc1MzUyODI0yAEJqQIRY4ZOUXiyPqgDAcgDAqoEoAJP0NcqJtg55nB97JQdWA9hOfZx658I9BM70u2wKuatPeCCl73oqHIJb06E8gPpkN78w_jwiJCk6TbTFuxURvadFFk735Y2Wk8ry37wu_gpweFbfdBKj-lJ-tIIO4v0OTu9mPDxbvjTi2Y9xfZNZ91EzZsMWYOuzzUbVnoVIUWOzB7Kj_vTOYmYjm8iIy2SN5ZE8lZJ0ZOLnhW94Avz7-O-S4JAcrsJsnmcofKH-CkGLwNCfgt78QsqaBx7sERWmeAsR7aRqkTj87b5tuUm6WkwqB3B41GcZ0SU9dVxwxmN76BUUw1KjlemuLbvQA8hYhLg0vVocKaWOWpXA2gAdauO-Z4iKFGjfb57ZL6YKal3NH9r_i6di2F3Ur7hak8L7IqABunliPTnivbzeaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOljCzsjQz6uDA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1x-587HaxUC_6pOl6qHjyOystF2w%26client%3Dca-pub-4766656075352824%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 83b47919fc206ab8-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Mon, 25 Dec 2023 22:20:44 GMT
expires: 0
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy: accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.50/one-ad/ Frame ED51 115 KB
14 KB 35ms
35ms Stylesheet
text/css 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C14019%2C19769&b=Rx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ%2CRx3HgfQfZx7TkHwH3tQtdWgf9SzTYMAhB3zZ%2C8R3cDf8f2qZfgHJHEtxtkZEhGSwTpQZtbw6A&f=QxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5%2CQxWH4fjfbV7txH5HYt9CZekh6S4TGD4HEzJ5%2CZxqHwfBf6A8UmHDHDtDCJQ2a6SXTQRBuY51p&c=120&d=600&e=&g=06b647365d674e1bad81df141eec0978%2F15389399129828522219&i=71725%2C21596%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1703542844432&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j7qapmvpbe50gecgw9cnb5ddk2jqdvf6767g4x2ejzehwf7akq433kepytwd2an91dyrkb6pyk2qbyf2qdw8a3s15d2y7f5z74s3jfyzcmnzm2q9ydg32mn5bhpwj77vmhs824as3gcfd8tpdc5gskn3xhdbdfcxpj1h30ykhgf95j8p8a9tr0j1vf48mmvnw0tx7k3etza9a1gn31gjhtdhetdfjnsq14f5yzs4ec6z3fqryjaxsk40axk7hn9ycbjmarw4j4xxg9m440t7b97%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCi7XcOwCKZcX7N6jJmLAPjdea2AeQ4YGEXLaoworwAsCNtwEQASAAYJWipIKwB4IBF2NhLXB1Yi00NzY2NjU2MDc1MzUyODI0yAEJqQIRY4ZOUXiyPqgDAcgDAqoEoAJP0NcqJtg55nB97JQdWA9hOfZx658I9BM70u2wKuatPeCCl73oqHIJb06E8gPpkN78w_jwiJCk6TbTFuxURvadFFk735Y2Wk8ry37wu_gpweFbfdBKj-lJ-tIIO4v0OTu9mPDxbvjTi2Y9xfZNZ91EzZsMWYOuzzUbVnoVIUWOzB7Kj_vTOYmYjm8iIy2SN5ZE8lZJ0ZOLnhW94Avz7-O-S4JAcrsJsnmcofKH-CkGLwNCfgt78QsqaBx7sERWmeAsR7aRqkTj87b5tuUm6WkwqB3B41GcZ0SU9dVxwxmN76BUUw1KjlemuLbvQA8hYhLg0vVocKaWOWpXA2gAdauO-Z4iKFGjfb57ZL6YKal3NH9r_i6di2F3Ur7hak8L7IqABunliPTnivbzeaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOljCzsjQz6uDA_oLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1x-587HaxUC_6pOl6qHjyOystF2w%2526client%253Dca-pub-4766656075352824%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=197862%2C14019%2C19769&b=Rx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ%2CRx3HgfQfZx7TkHwH3tQtdWgf9SzTYMAhB3zZ%2C8R3cDf8f2qZfgHJHEtxtkZEhGSwTpQZtbw6A&f=QxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5%2CQxWH4fjfbV7txH5HYt9CZekh6S4TGD4HEzJ5%2CZxqHwfBf6A8UmHDHDtDCJQ2a6SXTQRBuY51p&c=120&d=600&e=&g=06b647365d674e1bad81df141eec0978%2F15389399129828522219&i=71725%2C21596%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1703542844432&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j7qapmvpbe50gecgw9cnb5ddk2jqdvf6767g4x2ejzehwf7akq433kepytwd2an91dyrkb6pyk2qbyf2qdw8a3s15d2y7f5z74s3jfyzcmnzm2q9ydg32mn5bhpwj77vmhs824as3gcfd8tpdc5gskn3xhdbdfcxpj1h30ykhgf95j8p8a9tr0j1vf48mmvnw0tx7k3etza9a1gn31gjhtdhetdfjnsq14f5yzs4ec6z3fqryjaxsk40axk7hn9ycbjmarw4j4xxg9m440t7b97%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCi7XcOwCKZcX7N6jJmLAPjdea2AeQ4YGEXLaoworwAsCNtwEQASAAYJWipIKwB4IBF2NhLXB1Yi00NzY2NjU2MDc1MzUyODI0yAEJqQIRY4ZOUXiyPqgDAcgDAqoEoAJP0NcqJtg55nB97JQdWA9hOfZx658I9BM70u2wKuatPeCCl73oqHIJb06E8gPpkN78w_jwiJCk6TbTFuxURvadFFk735Y2Wk8ry37wu_gpweFbfdBKj-lJ-tIIO4v0OTu9mPDxbvjTi2Y9xfZNZ91EzZsMWYOuzzUbVnoVIUWOzB7Kj_vTOYmYjm8iIy2SN5ZE8lZJ0ZOLnhW94Avz7-O-S4JAcrsJsnmcofKH-CkGLwNCfgt78QsqaBx7sERWmeAsR7aRqkTj87b5tuUm6WkwqB3B41GcZ0SU9dVxwxmN76BUUw1KjlemuLbvQA8hYhLg0vVocKaWOWpXA2gAdauO-Z4iKFGjfb57ZL6YKal3NH9r_i6di2F3Ur7hak8L7IqABunliPTnivbzeaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOljCzsjQz6uDA_oLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1x-587HaxUC_6pOl6qHjyOystF2w%2526client%253Dca-pub-4766656075352824%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 22:20:44 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2313042
cf-polished: origSize=118430
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 02 Nov 2023 10:26:17 GMT
server: cloudflare
etag: W/"486507ccce9ac587d11c0ef3f32a109a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=anAFPl%2F04YPbV%2Fspqi8vC7rwr19aUTLoNOCegCiX%2FEjOJXGvWLqp1WSrgcJlsnKXQLG363CB21Kw%2FdLnIbTStKLdDy3n1Nbpt%2BAZyBZ%2BUYxEtQeVwBS%2Fg6bVZfItOIcmZte3w6sxuPg%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=86400
cf-ray: 83b4791a4c716ab8-FRA
expires: Tue, 26 Dec 2023 22:20:44 GMT

GET
H2 200 AC50ED06D6B01579BBF8202CAC1E2BC99A8C4EFC03AE0DB29DFC1BDB2F82E09188D30122E09EB7D91DC8B3182DA9DB4A5BED06E4BC2B9D6F0CA2AC61EC267111
assets.ad4m.at/logo/ Frame ED51 8 KB
8 KB 47ms
32ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/AC50ED06D6B01579BBF8202CAC1E2BC99A8C4EFC03AE0DB29DFC1BDB2F82E09188D30122E09EB7D91DC8B3182DA9DB4A5BED06E4BC2B9D6F0CA2AC61EC267111
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C14019%2C19769&b=Rx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ%2CRx3HgfQfZx7TkHwH3tQtdWgf9SzTYMAhB3zZ%2C8R3cDf8f2qZfgHJHEtxtkZEhGSwTpQZtbw6A&f=QxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5%2CQxWH4fjfbV7txH5HYt9CZekh6S4TGD4HEzJ5%2CZxqHwfBf6A8UmHDHDtDCJQ2a6SXTQRBuY51p&c=120&d=600&e=&g=06b647365d674e1bad81df141eec0978%2F15389399129828522219&i=71725%2C21596%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1703542844432&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j7qapmvpbe50gecgw9cnb5ddk2jqdvf6767g4x2ejzehwf7akq433kepytwd2an91dyrkb6pyk2qbyf2qdw8a3s15d2y7f5z74s3jfyzcmnzm2q9ydg32mn5bhpwj77vmhs824as3gcfd8tpdc5gskn3xhdbdfcxpj1h30ykhgf95j8p8a9tr0j1vf48mmvnw0tx7k3etza9a1gn31gjhtdhetdfjnsq14f5yzs4ec6z3fqryjaxsk40axk7hn9ycbjmarw4j4xxg9m440t7b97%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCi7XcOwCKZcX7N6jJmLAPjdea2AeQ4YGEXLaoworwAsCNtwEQASAAYJWipIKwB4IBF2NhLXB1Yi00NzY2NjU2MDc1MzUyODI0yAEJqQIRY4ZOUXiyPqgDAcgDAqoEoAJP0NcqJtg55nB97JQdWA9hOfZx658I9BM70u2wKuatPeCCl73oqHIJb06E8gPpkN78w_jwiJCk6TbTFuxURvadFFk735Y2Wk8ry37wu_gpweFbfdBKj-lJ-tIIO4v0OTu9mPDxbvjTi2Y9xfZNZ91EzZsMWYOuzzUbVnoVIUWOzB7Kj_vTOYmYjm8iIy2SN5ZE8lZJ0ZOLnhW94Avz7-O-S4JAcrsJsnmcofKH-CkGLwNCfgt78QsqaBx7sERWmeAsR7aRqkTj87b5tuUm6WkwqB3B41GcZ0SU9dVxwxmN76BUUw1KjlemuLbvQA8hYhLg0vVocKaWOWpXA2gAdauO-Z4iKFGjfb57ZL6YKal3NH9r_i6di2F3Ur7hak8L7IqABunliPTnivbzeaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOljCzsjQz6uDA_oLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1x-587HaxUC_6pOl6qHjyOystF2w%2526client%253Dca-pub-4766656075352824%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1126261762db36bce53560ac36f5ede1954662d33a6d6eeb62d84b715070e7bc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 22:20:44 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 429748
cf-polished: qual=85, origFmt=jpeg, origSize=10446
alt-svc: h3=":443"; ma=86400
content-length: 7728
cf-bgj: imgq:85,h2pri
last-modified: Sat, 04 Nov 2023 16:41:23 GMT
server: cloudflare
etag: "bddcb815cd8abad672404f9cdec6f97c"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D0jOsECi9noS8lK9iU6eIi90EPFE45beUznhxw2lkV9k1IANlpkucSjkT0e7nD%2Frb6IvtMUEP%2BOnE8wejxyIovqTn5MVDUIMuaX0vqkCB7kXN%2F3GFFr1xMUdlF8rDWGYMJaorDEb5R8fijVx"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 83b4791a69ce2c53-FRA

GET
H2 200 A36DAD0D440985CF6ABFA23492945CE5BC6D94350A66B19418CB771AFE823AD9B48ADE8E2F007546F0A50A710172EEFC2CAC1468E38852CE2028C22592AAFB75
assets.ad4m.at/product_image/ Frame ED51 11 KB
11 KB 53ms
38ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/A36DAD0D440985CF6ABFA23492945CE5BC6D94350A66B19418CB771AFE823AD9B48ADE8E2F007546F0A50A710172EEFC2CAC1468E38852CE2028C22592AAFB75
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C14019%2C19769&b=Rx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ%2CRx3HgfQfZx7TkHwH3tQtdWgf9SzTYMAhB3zZ%2C8R3cDf8f2qZfgHJHEtxtkZEhGSwTpQZtbw6A&f=QxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5%2CQxWH4fjfbV7txH5HYt9CZekh6S4TGD4HEzJ5%2CZxqHwfBf6A8UmHDHDtDCJQ2a6SXTQRBuY51p&c=120&d=600&e=&g=06b647365d674e1bad81df141eec0978%2F15389399129828522219&i=71725%2C21596%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1703542844432&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j7qapmvpbe50gecgw9cnb5ddk2jqdvf6767g4x2ejzehwf7akq433kepytwd2an91dyrkb6pyk2qbyf2qdw8a3s15d2y7f5z74s3jfyzcmnzm2q9ydg32mn5bhpwj77vmhs824as3gcfd8tpdc5gskn3xhdbdfcxpj1h30ykhgf95j8p8a9tr0j1vf48mmvnw0tx7k3etza9a1gn31gjhtdhetdfjnsq14f5yzs4ec6z3fqryjaxsk40axk7hn9ycbjmarw4j4xxg9m440t7b97%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCi7XcOwCKZcX7N6jJmLAPjdea2AeQ4YGEXLaoworwAsCNtwEQASAAYJWipIKwB4IBF2NhLXB1Yi00NzY2NjU2MDc1MzUyODI0yAEJqQIRY4ZOUXiyPqgDAcgDAqoEoAJP0NcqJtg55nB97JQdWA9hOfZx658I9BM70u2wKuatPeCCl73oqHIJb06E8gPpkN78w_jwiJCk6TbTFuxURvadFFk735Y2Wk8ry37wu_gpweFbfdBKj-lJ-tIIO4v0OTu9mPDxbvjTi2Y9xfZNZ91EzZsMWYOuzzUbVnoVIUWOzB7Kj_vTOYmYjm8iIy2SN5ZE8lZJ0ZOLnhW94Avz7-O-S4JAcrsJsnmcofKH-CkGLwNCfgt78QsqaBx7sERWmeAsR7aRqkTj87b5tuUm6WkwqB3B41GcZ0SU9dVxwxmN76BUUw1KjlemuLbvQA8hYhLg0vVocKaWOWpXA2gAdauO-Z4iKFGjfb57ZL6YKal3NH9r_i6di2F3Ur7hak8L7IqABunliPTnivbzeaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOljCzsjQz6uDA_oLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1x-587HaxUC_6pOl6qHjyOystF2w%2526client%253Dca-pub-4766656075352824%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c7f7f5265aeb0202ce88e8a6dfcc0ca25a7b990bb9ffac2f9e430ae6af2b6154

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 22:20:44 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 432909
cf-polished: qual=85, origFmt=jpeg, origSize=13532
alt-svc: h3=":443"; ma=86400
content-length: 11268
cf-bgj: imgq:85,h2pri
last-modified: Fri, 03 Nov 2023 22:13:51 GMT
server: cloudflare
etag: "d9fd29c7a268fd485230a60f0d2e0192"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QoSA2e1bJxquzA9iyQ8d4iN03FORNfXO3%2Bh7SbVGjE24YmiAv%2F1S9U7dGZweoo9NasTCzCjXznsvMSFmYKL%2FxtrP49kZoAk6w3XQAEFJsjMYhu0ZrfwiEAr4RdnQRdCh58I677hEzrYhM4fv"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 83b4791a69d22c53-FRA

GET
H2 200 762E992A001272DDC355514B76DC4960DDF6238B0F54854C0B29BE64A7E78BA5693E54C1A602322E523834805FE15471ECC3FEB06D9A02796A930A4085F71F84
assets.ad4m.at/logo/ Frame ED51 7 KB
7 KB 51ms
37ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/762E992A001272DDC355514B76DC4960DDF6238B0F54854C0B29BE64A7E78BA5693E54C1A602322E523834805FE15471ECC3FEB06D9A02796A930A4085F71F84
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C14019%2C19769&b=Rx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ%2CRx3HgfQfZx7TkHwH3tQtdWgf9SzTYMAhB3zZ%2C8R3cDf8f2qZfgHJHEtxtkZEhGSwTpQZtbw6A&f=QxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5%2CQxWH4fjfbV7txH5HYt9CZekh6S4TGD4HEzJ5%2CZxqHwfBf6A8UmHDHDtDCJQ2a6SXTQRBuY51p&c=120&d=600&e=&g=06b647365d674e1bad81df141eec0978%2F15389399129828522219&i=71725%2C21596%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1703542844432&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j7qapmvpbe50gecgw9cnb5ddk2jqdvf6767g4x2ejzehwf7akq433kepytwd2an91dyrkb6pyk2qbyf2qdw8a3s15d2y7f5z74s3jfyzcmnzm2q9ydg32mn5bhpwj77vmhs824as3gcfd8tpdc5gskn3xhdbdfcxpj1h30ykhgf95j8p8a9tr0j1vf48mmvnw0tx7k3etza9a1gn31gjhtdhetdfjnsq14f5yzs4ec6z3fqryjaxsk40axk7hn9ycbjmarw4j4xxg9m440t7b97%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCi7XcOwCKZcX7N6jJmLAPjdea2AeQ4YGEXLaoworwAsCNtwEQASAAYJWipIKwB4IBF2NhLXB1Yi00NzY2NjU2MDc1MzUyODI0yAEJqQIRY4ZOUXiyPqgDAcgDAqoEoAJP0NcqJtg55nB97JQdWA9hOfZx658I9BM70u2wKuatPeCCl73oqHIJb06E8gPpkN78w_jwiJCk6TbTFuxURvadFFk735Y2Wk8ry37wu_gpweFbfdBKj-lJ-tIIO4v0OTu9mPDxbvjTi2Y9xfZNZ91EzZsMWYOuzzUbVnoVIUWOzB7Kj_vTOYmYjm8iIy2SN5ZE8lZJ0ZOLnhW94Avz7-O-S4JAcrsJsnmcofKH-CkGLwNCfgt78QsqaBx7sERWmeAsR7aRqkTj87b5tuUm6WkwqB3B41GcZ0SU9dVxwxmN76BUUw1KjlemuLbvQA8hYhLg0vVocKaWOWpXA2gAdauO-Z4iKFGjfb57ZL6YKal3NH9r_i6di2F3Ur7hak8L7IqABunliPTnivbzeaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOljCzsjQz6uDA_oLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1x-587HaxUC_6pOl6qHjyOystF2w%2526client%253Dca-pub-4766656075352824%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e81e6b638202bbdf9e2ebe46b4137db06f58c43baa9f35b3e79d98108001a212

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 22:20:44 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 452978
cf-polished: qual=85, origFmt=jpeg, origSize=8714
alt-svc: h3=":443"; ma=86400
content-length: 6672
cf-bgj: imgq:85,h2pri
last-modified: Wed, 01 Nov 2023 08:50:26 GMT
server: cloudflare
etag: "52953af169f970e1ac17ba40d8c26548"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EuBYNyq5PotalVyuiYVqNM352KX06hoArhfyX70vUkQg%2BEhpUKZXIyY3wkgZJJBC9CGpr7TAfZg917OQyAE0wVOVwGIVfZ1mwgoRx%2BTFr8870MdDmIowKVNU6vHgP1NaURaEIyftYXaXjNPW"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 83b4791a69d82c53-FRA

GET
H2 200 E1613AB51B8289501DC4E750FD05DAF49FBB0AEAEF6155FD81001404C0F388525557C80572BA5C3D895730DA3957A6D15AF6D079DFB5F55ED0C22B8402FC82AE
assets.ad4m.at/ Frame ED51 25 KB
25 KB 47ms
33ms Image
image/jpeg 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/E1613AB51B8289501DC4E750FD05DAF49FBB0AEAEF6155FD81001404C0F388525557C80572BA5C3D895730DA3957A6D15AF6D079DFB5F55ED0C22B8402FC82AE
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C14019%2C19769&b=Rx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ%2CRx3HgfQfZx7TkHwH3tQtdWgf9SzTYMAhB3zZ%2C8R3cDf8f2qZfgHJHEtxtkZEhGSwTpQZtbw6A&f=QxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5%2CQxWH4fjfbV7txH5HYt9CZekh6S4TGD4HEzJ5%2CZxqHwfBf6A8UmHDHDtDCJQ2a6SXTQRBuY51p&c=120&d=600&e=&g=06b647365d674e1bad81df141eec0978%2F15389399129828522219&i=71725%2C21596%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1703542844432&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j7qapmvpbe50gecgw9cnb5ddk2jqdvf6767g4x2ejzehwf7akq433kepytwd2an91dyrkb6pyk2qbyf2qdw8a3s15d2y7f5z74s3jfyzcmnzm2q9ydg32mn5bhpwj77vmhs824as3gcfd8tpdc5gskn3xhdbdfcxpj1h30ykhgf95j8p8a9tr0j1vf48mmvnw0tx7k3etza9a1gn31gjhtdhetdfjnsq14f5yzs4ec6z3fqryjaxsk40axk7hn9ycbjmarw4j4xxg9m440t7b97%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCi7XcOwCKZcX7N6jJmLAPjdea2AeQ4YGEXLaoworwAsCNtwEQASAAYJWipIKwB4IBF2NhLXB1Yi00NzY2NjU2MDc1MzUyODI0yAEJqQIRY4ZOUXiyPqgDAcgDAqoEoAJP0NcqJtg55nB97JQdWA9hOfZx658I9BM70u2wKuatPeCCl73oqHIJb06E8gPpkN78w_jwiJCk6TbTFuxURvadFFk735Y2Wk8ry37wu_gpweFbfdBKj-lJ-tIIO4v0OTu9mPDxbvjTi2Y9xfZNZ91EzZsMWYOuzzUbVnoVIUWOzB7Kj_vTOYmYjm8iIy2SN5ZE8lZJ0ZOLnhW94Avz7-O-S4JAcrsJsnmcofKH-CkGLwNCfgt78QsqaBx7sERWmeAsR7aRqkTj87b5tuUm6WkwqB3B41GcZ0SU9dVxwxmN76BUUw1KjlemuLbvQA8hYhLg0vVocKaWOWpXA2gAdauO-Z4iKFGjfb57ZL6YKal3NH9r_i6di2F3Ur7hak8L7IqABunliPTnivbzeaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOljCzsjQz6uDA_oLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1x-587HaxUC_6pOl6qHjyOystF2w%2526client%253Dca-pub-4766656075352824%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d276da068fea1049fbb29d0aaeda5b9fa8a38e50b3f55741ffe2899cd52e6d5d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 22:20:44 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1691786
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400
content-length: 25413
cf-bgj: imgq:85,h2pri
last-modified: Wed, 06 Dec 2023 08:24:17 GMT
server: cloudflare
etag: "7e811696e8763f5dce86bbb648013620"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ky0H0k65K%2BqvaV2o5xuAEafEUzHz9l5xGnu%2BXf1b97lUTdGM%2B1USj0Vf%2FCe7Q9XrLWZVCkmEwMpYHnFsT5T2va5lmkg1qiLJKJJXIWxEpCAa1SA%2BGp25JyzjINGPV10qcLperYQn%2B0%2BRnmzQ"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 83b4791a69d32c53-FRA

GET
H2

200

ztpv.php
www.conrad.de/ Frame ED51
Redirect Chain

https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneidRx3HgfQfZx7TkHwH3tQtdWgf9SzTYMAhB3zZoneid__suite_Netmix_Reach118_EXTRAPUSH&gdpr_consent=&gdpr=0&gdpr_pd=0
https://www.conrad.de/ztpv.php?awc=11354_412871_1703542844_d8adcf20-a373-11ee-b1a8-22396ad6a5ca&insert=AW&&gdpr=0&gdpr_consent=

0
494 B

102ms
45ms

Image
text/html

2606:4700::6813:afbe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.conrad.de/ztpv.php?awc=11354_412871_1703542844_d8adcf20-a373-11ee-b1a8-22396ad6a5ca&insert=AW&&gdpr=0&gdpr_consent=

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C14019%2C19769&b=Rx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ%2CRx3HgfQfZx7TkHwH3tQtdWgf9SzTYMAhB3zZ%2C8R3cDf8f2qZfgHJHEtxtkZEhGSwTpQZtbw6A&f=QxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5%2CQxWH4fjfbV7txH5HYt9CZekh6S4TGD4HEzJ5%2CZxqHwfBf6A8UmHDHDtDCJQ2a6SXTQRBuY51p&c=120&d=600&e=&g=06b647365d674e1bad81df141eec0978%2F15389399129828522219&i=71725%2C21596%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1703542844432&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j7qapmvpbe50gecgw9cnb5ddk2jqdvf6767g4x2ejzehwf7akq433kepytwd2an91dyrkb6pyk2qbyf2qdw8a3s15d2y7f5z74s3jfyzcmnzm2q9ydg32mn5bhpwj77vmhs824as3gcfd8tpdc5gskn3xhdbdfcxpj1h30ykhgf95j8p8a9tr0j1vf48mmvnw0tx7k3etza9a1gn31gjhtdhetdfjnsq14f5yzs4ec6z3fqryjaxsk40axk7hn9ycbjmarw4j4xxg9m440t7b97%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCi7XcOwCKZcX7N6jJmLAPjdea2AeQ4YGEXLaoworwAsCNtwEQASAAYJWipIKwB4IBF2NhLXB1Yi00NzY2NjU2MDc1MzUyODI0yAEJqQIRY4ZOUXiyPqgDAcgDAqoEoAJP0NcqJtg55nB97JQdWA9hOfZx658I9BM70u2wKuatPeCCl73oqHIJb06E8gPpkN78w_jwiJCk6TbTFuxURvadFFk735Y2Wk8ry37wu_gpweFbfdBKj-lJ-tIIO4v0OTu9mPDxbvjTi2Y9xfZNZ91EzZsMWYOuzzUbVnoVIUWOzB7Kj_vTOYmYjm8iIy2SN5ZE8lZJ0ZOLnhW94Avz7-O-S4JAcrsJsnmcofKH-CkGLwNCfgt78QsqaBx7sERWmeAsR7aRqkTj87b5tuUm6WkwqB3B41GcZ0SU9dVxwxmN76BUUw1KjlemuLbvQA8hYhLg0vVocKaWOWpXA2gAdauO-Z4iKFGjfb57ZL6YKal3NH9r_i6di2F3Ur7hak8L7IqABunliPTnivbzeaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOljCzsjQz6uDA_oLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1x-587HaxUC_6pOl6qHjyOystF2w%2526client%253Dca-pub-4766656075352824%2526adurl%253D&y=1&s=&z=0

Protocol

Server

2606:4700::6813:afbe , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 22:20:44 GMT
strict-transport-security: max-age=15552000
cf-ccp-worker: HTLPHandler-v1
server: cloudflare
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: no-cache
cf-ray: 83b4791c0cfe2c35-FRA
content-length: 0
expires: -1

Redirect headers

Date: Mon, 25 Dec 2023 22:20:44 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location: https://www.conrad.de/ztpv.php?awc=11354_412871_1703542844_d8adcf20-a373-11ee-b1a8-22396ad6a5ca&insert=AW&&gdpr=0&gdpr_consent=
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 0

GET
H2 200 90E11D2E4CFB32857DB7C2E1317DD53401EA4F6F6F9CD68E6E871CA9D0C876402E8B3C561F20D09E5FFCF6D6F6634B28F60F47276020F60158747BE09B58F826
assets.ad4m.at/logo/ Frame ED51 4 KB
5 KB 67ms
53ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/90E11D2E4CFB32857DB7C2E1317DD53401EA4F6F6F9CD68E6E871CA9D0C876402E8B3C561F20D09E5FFCF6D6F6634B28F60F47276020F60158747BE09B58F826
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C14019%2C19769&b=Rx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ%2CRx3HgfQfZx7TkHwH3tQtdWgf9SzTYMAhB3zZ%2C8R3cDf8f2qZfgHJHEtxtkZEhGSwTpQZtbw6A&f=QxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5%2CQxWH4fjfbV7txH5HYt9CZekh6S4TGD4HEzJ5%2CZxqHwfBf6A8UmHDHDtDCJQ2a6SXTQRBuY51p&c=120&d=600&e=&g=06b647365d674e1bad81df141eec0978%2F15389399129828522219&i=71725%2C21596%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1703542844432&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j7qapmvpbe50gecgw9cnb5ddk2jqdvf6767g4x2ejzehwf7akq433kepytwd2an91dyrkb6pyk2qbyf2qdw8a3s15d2y7f5z74s3jfyzcmnzm2q9ydg32mn5bhpwj77vmhs824as3gcfd8tpdc5gskn3xhdbdfcxpj1h30ykhgf95j8p8a9tr0j1vf48mmvnw0tx7k3etza9a1gn31gjhtdhetdfjnsq14f5yzs4ec6z3fqryjaxsk40axk7hn9ycbjmarw4j4xxg9m440t7b97%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCi7XcOwCKZcX7N6jJmLAPjdea2AeQ4YGEXLaoworwAsCNtwEQASAAYJWipIKwB4IBF2NhLXB1Yi00NzY2NjU2MDc1MzUyODI0yAEJqQIRY4ZOUXiyPqgDAcgDAqoEoAJP0NcqJtg55nB97JQdWA9hOfZx658I9BM70u2wKuatPeCCl73oqHIJb06E8gPpkN78w_jwiJCk6TbTFuxURvadFFk735Y2Wk8ry37wu_gpweFbfdBKj-lJ-tIIO4v0OTu9mPDxbvjTi2Y9xfZNZ91EzZsMWYOuzzUbVnoVIUWOzB7Kj_vTOYmYjm8iIy2SN5ZE8lZJ0ZOLnhW94Avz7-O-S4JAcrsJsnmcofKH-CkGLwNCfgt78QsqaBx7sERWmeAsR7aRqkTj87b5tuUm6WkwqB3B41GcZ0SU9dVxwxmN76BUUw1KjlemuLbvQA8hYhLg0vVocKaWOWpXA2gAdauO-Z4iKFGjfb57ZL6YKal3NH9r_i6di2F3Ur7hak8L7IqABunliPTnivbzeaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOljCzsjQz6uDA_oLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1x-587HaxUC_6pOl6qHjyOystF2w%2526client%253Dca-pub-4766656075352824%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7df956c080a1bb3ed36decdc5b978505ddf07aa8d4b1b69e6ded3a9773464a2b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 22:20:44 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 438074
cf-polished: qual=85, origFmt=jpeg, origSize=7258
alt-svc: h3=":443"; ma=86400
content-length: 4294
cf-bgj: imgq:85,h2pri
last-modified: Wed, 01 Nov 2023 09:56:16 GMT
server: cloudflare
etag: "679602b08629bcaaabfcfad4e68fe53a"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=csLy9BmjQ5NyBap9eXG%2F%2FIa0sxDxgiSUB6ajrzAIAvIGIBwtDPk0TleMK%2BU0B6Rh7DXXfP%2BrMJ43uXneXFvSyZcRdlyvQkD1PCrcnXdr%2F7pRAn33rzOd68RGet4ruFWxv1LlmYsZczJjN9EI"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 83b4791a69d42c53-FRA

GET
H2 200 287435BEDBEF5210566F91ED2E6D57494D1CBA241E887A111712FB8ADF6747B3B44CBC7EE390AD74BB6985CDD69339A9B2EDEE7334ACD70F503D0812F8C7EBF1
assets.ad4m.at/ Frame ED51 15 KB
16 KB 68ms
54ms Image
image/jpeg 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/287435BEDBEF5210566F91ED2E6D57494D1CBA241E887A111712FB8ADF6747B3B44CBC7EE390AD74BB6985CDD69339A9B2EDEE7334ACD70F503D0812F8C7EBF1
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C14019%2C19769&b=Rx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ%2CRx3HgfQfZx7TkHwH3tQtdWgf9SzTYMAhB3zZ%2C8R3cDf8f2qZfgHJHEtxtkZEhGSwTpQZtbw6A&f=QxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5%2CQxWH4fjfbV7txH5HYt9CZekh6S4TGD4HEzJ5%2CZxqHwfBf6A8UmHDHDtDCJQ2a6SXTQRBuY51p&c=120&d=600&e=&g=06b647365d674e1bad81df141eec0978%2F15389399129828522219&i=71725%2C21596%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1703542844432&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j7qapmvpbe50gecgw9cnb5ddk2jqdvf6767g4x2ejzehwf7akq433kepytwd2an91dyrkb6pyk2qbyf2qdw8a3s15d2y7f5z74s3jfyzcmnzm2q9ydg32mn5bhpwj77vmhs824as3gcfd8tpdc5gskn3xhdbdfcxpj1h30ykhgf95j8p8a9tr0j1vf48mmvnw0tx7k3etza9a1gn31gjhtdhetdfjnsq14f5yzs4ec6z3fqryjaxsk40axk7hn9ycbjmarw4j4xxg9m440t7b97%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCi7XcOwCKZcX7N6jJmLAPjdea2AeQ4YGEXLaoworwAsCNtwEQASAAYJWipIKwB4IBF2NhLXB1Yi00NzY2NjU2MDc1MzUyODI0yAEJqQIRY4ZOUXiyPqgDAcgDAqoEoAJP0NcqJtg55nB97JQdWA9hOfZx658I9BM70u2wKuatPeCCl73oqHIJb06E8gPpkN78w_jwiJCk6TbTFuxURvadFFk735Y2Wk8ry37wu_gpweFbfdBKj-lJ-tIIO4v0OTu9mPDxbvjTi2Y9xfZNZ91EzZsMWYOuzzUbVnoVIUWOzB7Kj_vTOYmYjm8iIy2SN5ZE8lZJ0ZOLnhW94Avz7-O-S4JAcrsJsnmcofKH-CkGLwNCfgt78QsqaBx7sERWmeAsR7aRqkTj87b5tuUm6WkwqB3B41GcZ0SU9dVxwxmN76BUUw1KjlemuLbvQA8hYhLg0vVocKaWOWpXA2gAdauO-Z4iKFGjfb57ZL6YKal3NH9r_i6di2F3Ur7hak8L7IqABunliPTnivbzeaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOljCzsjQz6uDA_oLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1x-587HaxUC_6pOl6qHjyOystF2w%2526client%253Dca-pub-4766656075352824%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5c8aaf3a0a4a9840eef8109904bf9d8ca3cf0933567fc63c82f239b7bd344ce3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 22:20:44 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2386502
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400
content-length: 15521
cf-bgj: imgq:85,h2pri
last-modified: Thu, 09 Nov 2023 08:09:52 GMT
server: cloudflare
etag: "269bd58060bc660c3aec98b388bae571"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fgb3lAreWIGURf%2FnxZgRi%2BX62y4KRKH375BZT44m%2FZ1Npn5kBt2HFjJUmffarmL7eV7G6jApW0A0qKO2hAKp42awbH49Eva2bX5nmAzlNvtIAyGom9Cy2BGMbSnf2vR4js%2F%2FDCXh6YkHkS50"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 83b4791a69d92c53-FRA

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame ED51 43 B
705 B 177ms
73ms Image
image/gif 104.96.147.178
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2531885&v=14702&q=365825&r=412871&pv=1&pref3=oneid8R3cDf8f2qZfgHJHEtxtkZEhGSwTpQZtbw6Aoneid__suite_Netmix_Reach118_EXTRAPUSH&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.96.147.178 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-96-147-178.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 25 Dec 2023 22:20:44 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.50/one-ad/ Frame DD0A 115 KB
14 KB 35ms
35ms Stylesheet
text/css 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862&b=Rx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ&f=QxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5&c=320&d=50&e=&g=e2eaa6b7231780b2f2b3870f08acc77d%2F5666372123874972876&i=71725&j=21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1703542844431&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gy40w9tx9095cmnndrcgdeqngkpp0nj7pd3mpdkem9h83t4wjw9rrpbntcscr9zwzec4gqbj2j6zp3hhcmq7kt312y5zjy62re14410nbs5ctf1ygz81gd0vnjx340v643y3vdm6tjftgp02j9vyg1jxevpagq6qjk93qj4ep7hjrw84bw29vbb5sh76g87gstzwkcbtbvf7dba3kkex7ktew25va7w76t3xp1nkfskxqb9wyr4xqknjtnt9qq5kz5f8cf3v9tvs1t0qht17wms%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCkS20OwCKZYf7N9KI1wazjJq4AZDhgYRctqjCivACwI23ARABIABglaKkgrAHggEXY2EtcHViLTQ3NjY2NTYwNzUzNTI4MjTIAQmpAhFjhk5ReLI-qAMByAMCqgSZAk_Qc9zH2_Sz2GxxBDvhfUg5fnk2Q-IAdKxkGIR8ALGhKIfbcyr29s_2Rj5og1fDlZRepQNAjTSyZsIXKEqEX6SMuSfWqrK8z3KqRKdU4xadGQYzrmVNYv_jfW7jdsIEzHc-F_ZaeYxz9TLQ5DmXtatNOkguFdMVUhWvKF-_ODpnz3JD7ZDyJh7pNmlnLJ1FvFxap384kbk6OxYdfCJCRpB_DX8Hn_6eptLoozWo3oK_pfmeI9LOvTMLiG95FcuqZQlq7KIWVfAiRHI1yQKiiDkRl8BnfHCbEtSLiIoOeGsU8oQWC8GtyNByA2XNRH8LE-26QJC2l8mNH0XMLRtXUTcttcoaEZSxKxn0eFsADUHnNXLZkSWe30J1gAbF76qXrOryphygBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYl8rI0M-rgwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1952ya8fZ910P_mJoyi5pP1WtiJQ%2526client%253Dca-pub-4766656075352824%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=197862&b=Rx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ&f=QxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5&c=320&d=50&e=&g=e2eaa6b7231780b2f2b3870f08acc77d%2F5666372123874972876&i=71725&j=21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1703542844431&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gy40w9tx9095cmnndrcgdeqngkpp0nj7pd3mpdkem9h83t4wjw9rrpbntcscr9zwzec4gqbj2j6zp3hhcmq7kt312y5zjy62re14410nbs5ctf1ygz81gd0vnjx340v643y3vdm6tjftgp02j9vyg1jxevpagq6qjk93qj4ep7hjrw84bw29vbb5sh76g87gstzwkcbtbvf7dba3kkex7ktew25va7w76t3xp1nkfskxqb9wyr4xqknjtnt9qq5kz5f8cf3v9tvs1t0qht17wms%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCkS20OwCKZYf7N9KI1wazjJq4AZDhgYRctqjCivACwI23ARABIABglaKkgrAHggEXY2EtcHViLTQ3NjY2NTYwNzUzNTI4MjTIAQmpAhFjhk5ReLI-qAMByAMCqgSZAk_Qc9zH2_Sz2GxxBDvhfUg5fnk2Q-IAdKxkGIR8ALGhKIfbcyr29s_2Rj5og1fDlZRepQNAjTSyZsIXKEqEX6SMuSfWqrK8z3KqRKdU4xadGQYzrmVNYv_jfW7jdsIEzHc-F_ZaeYxz9TLQ5DmXtatNOkguFdMVUhWvKF-_ODpnz3JD7ZDyJh7pNmlnLJ1FvFxap384kbk6OxYdfCJCRpB_DX8Hn_6eptLoozWo3oK_pfmeI9LOvTMLiG95FcuqZQlq7KIWVfAiRHI1yQKiiDkRl8BnfHCbEtSLiIoOeGsU8oQWC8GtyNByA2XNRH8LE-26QJC2l8mNH0XMLRtXUTcttcoaEZSxKxn0eFsADUHnNXLZkSWe30J1gAbF76qXrOryphygBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYl8rI0M-rgwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1952ya8fZ910P_mJoyi5pP1WtiJQ%2526client%253Dca-pub-4766656075352824%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 22:20:44 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2313042
cf-polished: origSize=118430
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 02 Nov 2023 10:26:17 GMT
server: cloudflare
etag: W/"486507ccce9ac587d11c0ef3f32a109a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9JDiuExxGmZZ9wKP%2BygvI9yoigDZ7A%2FOnjq3cfjLI5AKD0ugtBnu7yULuQnRIRPeRPRcblrJMJ9ZHiq5R%2FWG%2FLtC2pySI9%2BHBIEv6rJ%2FmfR5R1kGxrtLXxEeqoKysVkWtslos6oMW54%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=86400
cf-ray: 83b4791a4c726ab8-FRA
expires: Tue, 26 Dec 2023 22:20:44 GMT

GET
H2 200 AC50ED06D6B01579BBF8202CAC1E2BC99A8C4EFC03AE0DB29DFC1BDB2F82E09188D30122E09EB7D91DC8B3182DA9DB4A5BED06E4BC2B9D6F0CA2AC61EC267111
assets.ad4m.at/logo/ Frame DD0A 8 KB
8 KB 50ms
36ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/AC50ED06D6B01579BBF8202CAC1E2BC99A8C4EFC03AE0DB29DFC1BDB2F82E09188D30122E09EB7D91DC8B3182DA9DB4A5BED06E4BC2B9D6F0CA2AC61EC267111
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862&b=Rx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ&f=QxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5&c=320&d=50&e=&g=e2eaa6b7231780b2f2b3870f08acc77d%2F5666372123874972876&i=71725&j=21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1703542844431&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gy40w9tx9095cmnndrcgdeqngkpp0nj7pd3mpdkem9h83t4wjw9rrpbntcscr9zwzec4gqbj2j6zp3hhcmq7kt312y5zjy62re14410nbs5ctf1ygz81gd0vnjx340v643y3vdm6tjftgp02j9vyg1jxevpagq6qjk93qj4ep7hjrw84bw29vbb5sh76g87gstzwkcbtbvf7dba3kkex7ktew25va7w76t3xp1nkfskxqb9wyr4xqknjtnt9qq5kz5f8cf3v9tvs1t0qht17wms%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCkS20OwCKZYf7N9KI1wazjJq4AZDhgYRctqjCivACwI23ARABIABglaKkgrAHggEXY2EtcHViLTQ3NjY2NTYwNzUzNTI4MjTIAQmpAhFjhk5ReLI-qAMByAMCqgSZAk_Qc9zH2_Sz2GxxBDvhfUg5fnk2Q-IAdKxkGIR8ALGhKIfbcyr29s_2Rj5og1fDlZRepQNAjTSyZsIXKEqEX6SMuSfWqrK8z3KqRKdU4xadGQYzrmVNYv_jfW7jdsIEzHc-F_ZaeYxz9TLQ5DmXtatNOkguFdMVUhWvKF-_ODpnz3JD7ZDyJh7pNmlnLJ1FvFxap384kbk6OxYdfCJCRpB_DX8Hn_6eptLoozWo3oK_pfmeI9LOvTMLiG95FcuqZQlq7KIWVfAiRHI1yQKiiDkRl8BnfHCbEtSLiIoOeGsU8oQWC8GtyNByA2XNRH8LE-26QJC2l8mNH0XMLRtXUTcttcoaEZSxKxn0eFsADUHnNXLZkSWe30J1gAbF76qXrOryphygBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYl8rI0M-rgwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1952ya8fZ910P_mJoyi5pP1WtiJQ%2526client%253Dca-pub-4766656075352824%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1126261762db36bce53560ac36f5ede1954662d33a6d6eeb62d84b715070e7bc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 22:20:44 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 429748
cf-polished: qual=85, origFmt=jpeg, origSize=10446
alt-svc: h3=":443"; ma=86400
content-length: 7728
cf-bgj: imgq:85,h2pri
last-modified: Sat, 04 Nov 2023 16:41:23 GMT
server: cloudflare
etag: "bddcb815cd8abad672404f9cdec6f97c"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mmIDkYMwEklk1%2Bs9SCksx68YBbkSllkZy9qejJ8ves%2FczjRLvI%2FZNK7g5H7MkSvCyVVh5oBGm2JaVJzTfNdqGTyRiDiT%2BrCRdzSbrUxcDYVhaIxtGR2gXbQ6t37zWNq2rH3vcwF5U2NlLK0j"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 83b4791a69d12c53-FRA

GET
H2 200 A36DAD0D440985CF6ABFA23492945CE5BC6D94350A66B19418CB771AFE823AD9B48ADE8E2F007546F0A50A710172EEFC2CAC1468E38852CE2028C22592AAFB75
assets.ad4m.at/product_image/ Frame DD0A 11 KB
11 KB 53ms
39ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/A36DAD0D440985CF6ABFA23492945CE5BC6D94350A66B19418CB771AFE823AD9B48ADE8E2F007546F0A50A710172EEFC2CAC1468E38852CE2028C22592AAFB75
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862&b=Rx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ&f=QxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5&c=320&d=50&e=&g=e2eaa6b7231780b2f2b3870f08acc77d%2F5666372123874972876&i=71725&j=21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1703542844431&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gy40w9tx9095cmnndrcgdeqngkpp0nj7pd3mpdkem9h83t4wjw9rrpbntcscr9zwzec4gqbj2j6zp3hhcmq7kt312y5zjy62re14410nbs5ctf1ygz81gd0vnjx340v643y3vdm6tjftgp02j9vyg1jxevpagq6qjk93qj4ep7hjrw84bw29vbb5sh76g87gstzwkcbtbvf7dba3kkex7ktew25va7w76t3xp1nkfskxqb9wyr4xqknjtnt9qq5kz5f8cf3v9tvs1t0qht17wms%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCkS20OwCKZYf7N9KI1wazjJq4AZDhgYRctqjCivACwI23ARABIABglaKkgrAHggEXY2EtcHViLTQ3NjY2NTYwNzUzNTI4MjTIAQmpAhFjhk5ReLI-qAMByAMCqgSZAk_Qc9zH2_Sz2GxxBDvhfUg5fnk2Q-IAdKxkGIR8ALGhKIfbcyr29s_2Rj5og1fDlZRepQNAjTSyZsIXKEqEX6SMuSfWqrK8z3KqRKdU4xadGQYzrmVNYv_jfW7jdsIEzHc-F_ZaeYxz9TLQ5DmXtatNOkguFdMVUhWvKF-_ODpnz3JD7ZDyJh7pNmlnLJ1FvFxap384kbk6OxYdfCJCRpB_DX8Hn_6eptLoozWo3oK_pfmeI9LOvTMLiG95FcuqZQlq7KIWVfAiRHI1yQKiiDkRl8BnfHCbEtSLiIoOeGsU8oQWC8GtyNByA2XNRH8LE-26QJC2l8mNH0XMLRtXUTcttcoaEZSxKxn0eFsADUHnNXLZkSWe30J1gAbF76qXrOryphygBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYl8rI0M-rgwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1952ya8fZ910P_mJoyi5pP1WtiJQ%2526client%253Dca-pub-4766656075352824%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c7f7f5265aeb0202ce88e8a6dfcc0ca25a7b990bb9ffac2f9e430ae6af2b6154

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 22:20:44 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 432909
cf-polished: qual=85, origFmt=jpeg, origSize=13532
alt-svc: h3=":443"; ma=86400
content-length: 11268
cf-bgj: imgq:85,h2pri
last-modified: Fri, 03 Nov 2023 22:13:51 GMT
server: cloudflare
etag: "d9fd29c7a268fd485230a60f0d2e0192"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fh2zZuePKW%2B414X0XtHPoYqa6ya09a2NNKrYG0%2FcstqkyBN0T%2F9CmU3PB1boqzWIfWwJWmibH9WFphVaCVGk1Z4pABio3Py4%2FeqtPoMuDWnWyw4vfBnEnFGh%2FGm19DREeVtJH%2BPVT57ih%2FUt"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 83b4791a69d52c53-FRA

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame 9741 13 KB
5 KB 48ms
48ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=196438%2C183975%2C23576&b=GjMSBfpfXwx9UKHeHGtPt31dHZSYTJ78sQVeB%2Ce7mt3fVfrkRMajHZHet1t4jXTwSQTK3gsJxrj%2CdE7HEfkf8x8cEHjHwtEtbbrfeS4T59ATgVmM&f=Vx4HwfmfDjJEfVHbHAtXC8j4cBSzTgbrUDJdX%2CDjBS3fwfGA3rF3HmH9twCZ3kTxSmTYEXhZMAz%2CK1mCRfZfjwju5HMHktzCBB4C7SAT84Jtp2Qx&c=728&d=90&e=&g=ad23e113f62ea3fa4eb767672c96042c%2F4565384704278724705&i=25174%2C20597%2C20774&j=16%2C21%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1703542844486&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g9k4gy9s8say8kxpkefqswk01wasxs1e549r8zd3v4ejnv013h2aaqdfagxspemjsjhcmwp0cm690nha7cv0gpa7cdyh9k69309sc5shw6axrj1fvzxj1twfczfmbdapeb82ms4gt0r3bvdx2e1ygsa6t0wwv1xnhj5qfcg3tcfdm1mbs8abq5nc1s2bnh9hcmms8wp3kax8mz5t3enqbffjgkw3jp44gbkd64qsj2bzgcx7a812ncgb1njj5cvbffv2kx9m1dfczz31v8m1vmr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCjabNOwCKZaHiN4vE9u8Pr7eS4AOQ4YGEXLaoworwAsCNtwEQASAAYJWipIKwB4IBF2NhLXB1Yi00NzY2NjU2MDc1MzUyODI0yAEJqQIRY4ZOUXiyPqgDAcgDAqoEmQJP0GDVPx2-HIFJ4_DO5-AZ_Usvc1Ew0hF0ShpGECcspFxlQ6y-VX-86iEBa9ifQJ_bCcqFSwqY10bA9bzv_qgSUmSUZVwo1e1eA8kOzu1IgssZ_t5HtJYmmpZW8ZHNsXW4xWWv1o1bKb96jH-zNs0Z0H98ldBKn2DViwdPEeeZcOh8UFKp-aninbmIQ8EbRhsDrZ2mbnftNvWDgjFtvTDtRZsP9z4X2xtHhsQrdzUVX7F7MEUBck3jRbAy7fq5rthigWu4cvjq4OCg6YbiKcu6N6G7Ib8DgzwjAky94ehuO6FV2z8dKrK2to9PQAh95leMaVZhJAlukTxUh1BJ6Eo5UQUXE-6bP7FbaheVhlmgPxlxi8X0aeibnYAGx5G4oZi-xt9soAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WPvFyNDPq4MD-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3Sv86g3e0VJzP1tbgCWTF9HmFMcg%2526client%253Dca-pub-4766656075352824%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d1c433f144b329fe4a7753ef91a8fe4d5eb7f712d50a02cf13f6ac581834d458

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src ;connect-src https:;default-src 'self';font-src ;form-action 'none';frame-src ;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src 'unsafe-inline'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1hn2hhr1pspvrhxqk6054hz2e79c3hdj76rx21kpad2jh85hxc4j5cm2nmx569mjt8b4v7naag1ram21j6xkhd6e8tfcza4hp8fevf5p170a8rjq92meptebvs7zv2635w24vm5js2w2an10cpjr6xy081h66r4ycshnzvteqk23q5fazgdt6235ymz4hz7cvfvn24xd3yqpnd8wwnyf3ydx215jx0tnqnx7jqr7fekpb0sgr61ntkxakt8aze1fch69qpszr9vmf5555tbjzf9xc0d3w3ky33yjaa801gh9chxevw8fbvct8pv6j9hy00gm4n9qf4gs3t9era7cxzn82gw0b6brqeerg73v2e773awss21t6mvr6z14x0et6kr5j9ngace4md2vy4y62chwfhd3y4y9pbrcjxd0hv0f4k1ped82v5hac2sp11szw82q5tfc&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCjabNOwCKZaHiN4vE9u8Pr7eS4AOQ4YGEXLaoworwAsCNtwEQASAAYJWipIKwB4IBF2NhLXB1Yi00NzY2NjU2MDc1MzUyODI0yAEJqQIRY4ZOUXiyPqgDAcgDAqoEmQJP0GDVPx2-HIFJ4_DO5-AZ_Usvc1Ew0hF0ShpGECcspFxlQ6y-VX-86iEBa9ifQJ_bCcqFSwqY10bA9bzv_qgSUmSUZVwo1e1eA8kOzu1IgssZ_t5HtJYmmpZW8ZHNsXW4xWWv1o1bKb96jH-zNs0Z0H98ldBKn2DViwdPEeeZcOh8UFKp-aninbmIQ8EbRhsDrZ2mbnftNvWDgjFtvTDtRZsP9z4X2xtHhsQrdzUVX7F7MEUBck3jRbAy7fq5rthigWu4cvjq4OCg6YbiKcu6N6G7Ib8DgzwjAky94ehuO6FV2z8dKrK2to9PQAh95leMaVZhJAlukTxUh1BJ6Eo5UQUXE-6bP7FbaheVhlmgPxlxi8X0aeibnYAGx5G4oZi-xt9soAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WPvFyNDPq4MD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3Sv86g3e0VJzP1tbgCWTF9HmFMcg%26client%3Dca-pub-4766656075352824%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 83b4791a6c826ab8-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Mon, 25 Dec 2023 22:20:44 GMT
expires: 0
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy: accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/ 160 KB
55 KB 74ms
73ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a02263cf75c29f80fdb1b381769cd5ba8d13287b4c370eacb3bbd6df56a92912

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paranaturismo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 22:20:44 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56007
x-xss-protection: 0
server: cafe
etag: 5399100907576838485
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 25 Dec 2023 22:20:44 GMT

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame BD8A 9 KB
5 KB 47ms
46ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=197100%2C765%2C199445&b=ADYaYfqf2VJXsAHRH4tktMMGsRS4TRrAH3JMm%2C7QWSqfzf38crHXHgtAtBGMc4S1TQ8Eu2k1j%2CRx3HgfQfGzwYCkHwH3tQt4dYF9SzTYMAhB3zZ&f=MxGHzfrfjepBCWHEHGtQC661tBS4Txr1CE2g7%2CEjgSDfEfgVhzHAHjt6Cq6daKSVTYr3hBgQ5%2CQxWH4fjfP65ZHxH5HYt9C6ZmH6S4TGD4HEzJ5&c=160&d=600&e=&g=2740e1c93a0954c841ded5be661aa4a0%2F6236052650347061060&i=20773%2C1676%2C30890&j=14%2C4%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1703542844509&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jky0g48whp12nezg6retbkm88jjfak3vhh4fynt25gg20tn5n8xtfrwegza89yhkcbws6ggxws3tzzym2a8qj28gs9y838gj21tc70znkhfhdg9kg9bbstkgxgwrrfsx3kfh820p4pdtrmhy07p9c4n9ww8mm7vf2e44w754cghhrr08cmdjw9k8wgfwmda2pmfvx6d48cqy91zxtvr44cphyad1py95hvy8vk9132ctcd89qrxyajpasdn64dh1dp5gj9mh2rj60e4xj1d6qhm%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCGp0UOwCKZb-3OJyTmLAPkJa0wAOQ4YGEXLaoworwAsCNtwEQASAAYJWipIKwB4IBF2NhLXB1Yi00NzY2NjU2MDc1MzUyODI0yAEJqQIRY4ZOUXiyPqgDAcgDAqoEmgJP0JuNx3sOuOU3Tz258PPZQ--bzVpbxonUTlMnbypF_XTZygKfOxLfZYuzG74SZSM3kz_DdSfJFIWoF8AMxb0BQyITDZ0nxnxwIdzMZBlslCKrQNtzmfbaTCcyku8zDG38Xw1mGMSOEjOJtqsXT-bysHncurfEEF8UMR3cqzlruX-Qk3VNtMcpgZC0DmeiUS5a9mpbMj-smGfIBB4zrB7nGqwZJEaioDRnVVCKaLZoNrHOoCHmi0ugClMeKqH3ZlbEjQ_ly5DEKc1PbhtFenRO76RBV3PxF2CbDpRcxpA9AD75fsXqE0-r4gPlawJ1wqPcw6c8_zgTctga1hZYoF9FJV1tX6bzoF6sWP9yXa3nUHpq8XhcuwE0IDeABvnEndus88zewwGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYpYbJ0M-rgwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1I93El2lPjZx4jNcyAVHzTNSYykg%2526client%253Dca-pub-4766656075352824%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3685448bbd11fc1068d9ca86f059db1227513f3a1a22769e030bae45a26d83bc

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src ;connect-src https:;default-src 'self';font-src ;form-action 'none';frame-src ;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src 'unsafe-inline'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1g3548v11szq27s4e8antfrek2765b002nvdt0v52xgcm7cp32dky51xbts1ay6hmc0hjekr5e8xrzsdb4vsrkqcwrmg0cz9fj7z2d2rf1wrn9wyv6hjhp6q727mrkkwew3tqfyn8ss2geqch6wctstrz2k18d3yrmmgdp4x4zzh1h78762y9w0b8rnma7379nwayw6x5whv2pg5r933zwtejsnrsj4vqbfba8487pthqvfgj79h65rndf2rfxcy13w9pp9c71x4x6zpkxvnhth12esep9b43786z5r59mwqhbte67gx7p5yqedf2t5vdx79yscc2qkjek0qf2j2f2b2795nnx9hbe5sdjngrrw74cm4ft5j5fmrpa83h6hny977crcsf9008nzktjqwn8739pyps3ye9q96sd4j8cbc052dvsntg43skrhm8zw4dr686jgr28&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCGp0UOwCKZb-3OJyTmLAPkJa0wAOQ4YGEXLaoworwAsCNtwEQASAAYJWipIKwB4IBF2NhLXB1Yi00NzY2NjU2MDc1MzUyODI0yAEJqQIRY4ZOUXiyPqgDAcgDAqoEmgJP0JuNx3sOuOU3Tz258PPZQ--bzVpbxonUTlMnbypF_XTZygKfOxLfZYuzG74SZSM3kz_DdSfJFIWoF8AMxb0BQyITDZ0nxnxwIdzMZBlslCKrQNtzmfbaTCcyku8zDG38Xw1mGMSOEjOJtqsXT-bysHncurfEEF8UMR3cqzlruX-Qk3VNtMcpgZC0DmeiUS5a9mpbMj-smGfIBB4zrB7nGqwZJEaioDRnVVCKaLZoNrHOoCHmi0ugClMeKqH3ZlbEjQ_ly5DEKc1PbhtFenRO76RBV3PxF2CbDpRcxpA9AD75fsXqE0-r4gPlawJ1wqPcw6c8_zgTctga1hZYoF9FJV1tX6bzoF6sWP9yXa3nUHpq8XhcuwE0IDeABvnEndus88zewwGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYpYbJ0M-rgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1I93El2lPjZx4jNcyAVHzTNSYykg%26client%3Dca-pub-4766656075352824%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 83b4791a8ca76ab8-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Mon, 25 Dec 2023 22:20:44 GMT
expires: 0
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy: accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H2 200 link.html Show response
track.webgains.com/ Frame ED51 2 KB
2 KB 199ms
83ms Script
text/html 13.41.26.165
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=3641431&wgcampaignid=1384975&wgprogramid=286305&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1kp4bd722mejm81yenx875fyyq5ca10tey6r7ehevf03q2fzmjqjenwdqktqwy262ja7j86p3m5bmf5wvv12mmdh3d2nsmmncvdkqweab1z5fa1nkeyzzd8bnejvs96deptbrhjrgkyrmk7ed3dhm69c16vekrz9rffpwzre7fdhvc4p7030nr4xxrc9n6egns2m3rspvt34gvtdckspvhr4597w16cnfzqhb4cgvh168xvjgmkfbdxajm3nwda3s8ecp%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1j7qapmvpbe50gecgw9cnb5ddk2jqdvf6767g4x2ejzehwf7akq433kepytwd2an91dyrkb6pyk2qbyf2qdw8a3s15d2y7f5z74s3jfyzcmnzm2q9ydg32mn5bhpwj77vmhs824as3gcfd8tpdc5gskn3xhdbdfcxpj1h30ykhgf95j8p8a9tr0j1vf48mmvnw0tx7k3etza9a1gn31gjhtdhetdfjnsq14f5yzs4ec6z3fqryjaxsk40axk7hn9ycbjmarw4j4xxg9m440t7b97%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCi7XcOwCKZcX7N6jJmLAPjdea2AeQ4YGEXLaoworwAsCNtwEQASAAYJWipIKwB4IBF2NhLXB1Yi00NzY2NjU2MDc1MzUyODI0yAEJqQIRY4ZOUXiyPqgDAcgDAqoEoAJP0NcqJtg55nB97JQdWA9hOfZx658I9BM70u2wKuatPeCCl73oqHIJb06E8gPpkN78w_jwiJCk6TbTFuxURvadFFk735Y2Wk8ry37wu_gpweFbfdBKj-lJ-tIIO4v0OTu9mPDxbvjTi2Y9xfZNZ91EzZsMWYOuzzUbVnoVIUWOzB7Kj_vTOYmYjm8iIy2SN5ZE8lZJ0ZOLnhW94Avz7-O-S4JAcrsJsnmcofKH-CkGLwNCfgt78QsqaBx7sERWmeAsR7aRqkTj87b5tuUm6WkwqB3B41GcZ0SU9dVxwxmN76BUUw1KjlemuLbvQA8hYhLg0vVocKaWOWpXA2gAdauO-Z4iKFGjfb57ZL6YKal3NH9r_i6di2F3Ur7hak8L7IqABunliPTnivbzeaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOljCzsjQz6uDA_oLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_1x-587HaxUC_6pOl6qHjyOystF2w%252526client%25253Dca-pub-4766656075352824%252526adurl%25253D&clickref=oneidQxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5oneid__suite_Netmix_Reach118_EXTRAPUSH&viewref=oneidRx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZoneid__suite_Netmix_Reach118_EXTRAPUSH
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C14019%2C19769&b=Rx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ%2CRx3HgfQfZx7TkHwH3tQtdWgf9SzTYMAhB3zZ%2C8R3cDf8f2qZfgHJHEtxtkZEhGSwTpQZtbw6A&f=QxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5%2CQxWH4fjfbV7txH5HYt9CZekh6S4TGD4HEzJ5%2CZxqHwfBf6A8UmHDHDtDCJQ2a6SXTQRBuY51p&c=120&d=600&e=&g=06b647365d674e1bad81df141eec0978%2F15389399129828522219&i=71725%2C21596%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1703542844432&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j7qapmvpbe50gecgw9cnb5ddk2jqdvf6767g4x2ejzehwf7akq433kepytwd2an91dyrkb6pyk2qbyf2qdw8a3s15d2y7f5z74s3jfyzcmnzm2q9ydg32mn5bhpwj77vmhs824as3gcfd8tpdc5gskn3xhdbdfcxpj1h30ykhgf95j8p8a9tr0j1vf48mmvnw0tx7k3etza9a1gn31gjhtdhetdfjnsq14f5yzs4ec6z3fqryjaxsk40axk7hn9ycbjmarw4j4xxg9m440t7b97%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCi7XcOwCKZcX7N6jJmLAPjdea2AeQ4YGEXLaoworwAsCNtwEQASAAYJWipIKwB4IBF2NhLXB1Yi00NzY2NjU2MDc1MzUyODI0yAEJqQIRY4ZOUXiyPqgDAcgDAqoEoAJP0NcqJtg55nB97JQdWA9hOfZx658I9BM70u2wKuatPeCCl73oqHIJb06E8gPpkN78w_jwiJCk6TbTFuxURvadFFk735Y2Wk8ry37wu_gpweFbfdBKj-lJ-tIIO4v0OTu9mPDxbvjTi2Y9xfZNZ91EzZsMWYOuzzUbVnoVIUWOzB7Kj_vTOYmYjm8iIy2SN5ZE8lZJ0ZOLnhW94Avz7-O-S4JAcrsJsnmcofKH-CkGLwNCfgt78QsqaBx7sERWmeAsR7aRqkTj87b5tuUm6WkwqB3B41GcZ0SU9dVxwxmN76BUUw1KjlemuLbvQA8hYhLg0vVocKaWOWpXA2gAdauO-Z4iKFGjfb57ZL6YKal3NH9r_i6di2F3Ur7hak8L7IqABunliPTnivbzeaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOljCzsjQz6uDA_oLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1x-587HaxUC_6pOl6qHjyOystF2w%2526client%253Dca-pub-4766656075352824%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.41.26.165 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-41-26-165.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: 27177fdd44784104db7b205bbb8d93235c59f28695cb17c2b191f0eed2da4b29

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 22:20:44 GMT
last-modified: Mon, 25 Dec 2023 22:20:44 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Mon, 25 Dec 2023 22:21:44 GMT

GET
H2 200 link.html Show response
track.webgains.com/ Frame DD0A 2 KB
2 KB 198ms
82ms Script
text/html 13.41.26.165
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=3641431&wgcampaignid=1384975&wgprogramid=286305&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1heh90z6wqdpkdr81wwkna9d4b5pexnjfq6scwfccx64369a7dr3a40mp8phwb2r3gknjcfgt53aqgqxap1ry54h7x3a7xh203fs4m099h3a8bs8zcr2vr26n5p1zqrj3j5qeyyqwyjfq625yyfkv85ex7r3579kc29cgsbsk7x6493bd6570ngwwe8zzvy2y05ha19q3bst4j1amxt04hkjr2atgrbskvxxk63b5t7brj7zrthvfr6a6tjf36qqc0z0%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gy40w9tx9095cmnndrcgdeqngkpp0nj7pd3mpdkem9h83t4wjw9rrpbntcscr9zwzec4gqbj2j6zp3hhcmq7kt312y5zjy62re14410nbs5ctf1ygz81gd0vnjx340v643y3vdm6tjftgp02j9vyg1jxevpagq6qjk93qj4ep7hjrw84bw29vbb5sh76g87gstzwkcbtbvf7dba3kkex7ktew25va7w76t3xp1nkfskxqb9wyr4xqknjtnt9qq5kz5f8cf3v9tvs1t0qht17wms%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCkS20OwCKZYf7N9KI1wazjJq4AZDhgYRctqjCivACwI23ARABIABglaKkgrAHggEXY2EtcHViLTQ3NjY2NTYwNzUzNTI4MjTIAQmpAhFjhk5ReLI-qAMByAMCqgSZAk_Qc9zH2_Sz2GxxBDvhfUg5fnk2Q-IAdKxkGIR8ALGhKIfbcyr29s_2Rj5og1fDlZRepQNAjTSyZsIXKEqEX6SMuSfWqrK8z3KqRKdU4xadGQYzrmVNYv_jfW7jdsIEzHc-F_ZaeYxz9TLQ5DmXtatNOkguFdMVUhWvKF-_ODpnz3JD7ZDyJh7pNmlnLJ1FvFxap384kbk6OxYdfCJCRpB_DX8Hn_6eptLoozWo3oK_pfmeI9LOvTMLiG95FcuqZQlq7KIWVfAiRHI1yQKiiDkRl8BnfHCbEtSLiIoOeGsU8oQWC8GtyNByA2XNRH8LE-26QJC2l8mNH0XMLRtXUTcttcoaEZSxKxn0eFsADUHnNXLZkSWe30J1gAbF76qXrOryphygBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYl8rI0M-rgwP6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_1952ya8fZ910P_mJoyi5pP1WtiJQ%252526client%25253Dca-pub-4766656075352824%252526adurl%25253D&clickref=oneidQxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5oneid__suite_Netmix_Reach118_EXTRAPUSH&viewref=oneidRx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZoneid__suite_Netmix_Reach118_EXTRAPUSH
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862&b=Rx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ&f=QxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5&c=320&d=50&e=&g=e2eaa6b7231780b2f2b3870f08acc77d%2F5666372123874972876&i=71725&j=21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1703542844431&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gy40w9tx9095cmnndrcgdeqngkpp0nj7pd3mpdkem9h83t4wjw9rrpbntcscr9zwzec4gqbj2j6zp3hhcmq7kt312y5zjy62re14410nbs5ctf1ygz81gd0vnjx340v643y3vdm6tjftgp02j9vyg1jxevpagq6qjk93qj4ep7hjrw84bw29vbb5sh76g87gstzwkcbtbvf7dba3kkex7ktew25va7w76t3xp1nkfskxqb9wyr4xqknjtnt9qq5kz5f8cf3v9tvs1t0qht17wms%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCkS20OwCKZYf7N9KI1wazjJq4AZDhgYRctqjCivACwI23ARABIABglaKkgrAHggEXY2EtcHViLTQ3NjY2NTYwNzUzNTI4MjTIAQmpAhFjhk5ReLI-qAMByAMCqgSZAk_Qc9zH2_Sz2GxxBDvhfUg5fnk2Q-IAdKxkGIR8ALGhKIfbcyr29s_2Rj5og1fDlZRepQNAjTSyZsIXKEqEX6SMuSfWqrK8z3KqRKdU4xadGQYzrmVNYv_jfW7jdsIEzHc-F_ZaeYxz9TLQ5DmXtatNOkguFdMVUhWvKF-_ODpnz3JD7ZDyJh7pNmlnLJ1FvFxap384kbk6OxYdfCJCRpB_DX8Hn_6eptLoozWo3oK_pfmeI9LOvTMLiG95FcuqZQlq7KIWVfAiRHI1yQKiiDkRl8BnfHCbEtSLiIoOeGsU8oQWC8GtyNByA2XNRH8LE-26QJC2l8mNH0XMLRtXUTcttcoaEZSxKxn0eFsADUHnNXLZkSWe30J1gAbF76qXrOryphygBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYl8rI0M-rgwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1952ya8fZ910P_mJoyi5pP1WtiJQ%2526client%253Dca-pub-4766656075352824%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.41.26.165 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-41-26-165.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: 5a4c74c8eee3163f81a733380cdb05df020139e50688b0dd517927cd7d82a2a0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 22:20:44 GMT
last-modified: Mon, 25 Dec 2023 22:20:44 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Mon, 25 Dec 2023 22:21:44 GMT

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.50/one-ad/ Frame 9741 115 KB
14 KB 35ms
35ms Stylesheet
text/css 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=196438%2C183975%2C23576&b=GjMSBfpfXwx9UKHeHGtPt31dHZSYTJ78sQVeB%2Ce7mt3fVfrkRMajHZHet1t4jXTwSQTK3gsJxrj%2CdE7HEfkf8x8cEHjHwtEtbbrfeS4T59ATgVmM&f=Vx4HwfmfDjJEfVHbHAtXC8j4cBSzTgbrUDJdX%2CDjBS3fwfGA3rF3HmH9twCZ3kTxSmTYEXhZMAz%2CK1mCRfZfjwju5HMHktzCBB4C7SAT84Jtp2Qx&c=728&d=90&e=&g=ad23e113f62ea3fa4eb767672c96042c%2F4565384704278724705&i=25174%2C20597%2C20774&j=16%2C21%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1703542844486&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g9k4gy9s8say8kxpkefqswk01wasxs1e549r8zd3v4ejnv013h2aaqdfagxspemjsjhcmwp0cm690nha7cv0gpa7cdyh9k69309sc5shw6axrj1fvzxj1twfczfmbdapeb82ms4gt0r3bvdx2e1ygsa6t0wwv1xnhj5qfcg3tcfdm1mbs8abq5nc1s2bnh9hcmms8wp3kax8mz5t3enqbffjgkw3jp44gbkd64qsj2bzgcx7a812ncgb1njj5cvbffv2kx9m1dfczz31v8m1vmr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCjabNOwCKZaHiN4vE9u8Pr7eS4AOQ4YGEXLaoworwAsCNtwEQASAAYJWipIKwB4IBF2NhLXB1Yi00NzY2NjU2MDc1MzUyODI0yAEJqQIRY4ZOUXiyPqgDAcgDAqoEmQJP0GDVPx2-HIFJ4_DO5-AZ_Usvc1Ew0hF0ShpGECcspFxlQ6y-VX-86iEBa9ifQJ_bCcqFSwqY10bA9bzv_qgSUmSUZVwo1e1eA8kOzu1IgssZ_t5HtJYmmpZW8ZHNsXW4xWWv1o1bKb96jH-zNs0Z0H98ldBKn2DViwdPEeeZcOh8UFKp-aninbmIQ8EbRhsDrZ2mbnftNvWDgjFtvTDtRZsP9z4X2xtHhsQrdzUVX7F7MEUBck3jRbAy7fq5rthigWu4cvjq4OCg6YbiKcu6N6G7Ib8DgzwjAky94ehuO6FV2z8dKrK2to9PQAh95leMaVZhJAlukTxUh1BJ6Eo5UQUXE-6bP7FbaheVhlmgPxlxi8X0aeibnYAGx5G4oZi-xt9soAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WPvFyNDPq4MD-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3Sv86g3e0VJzP1tbgCWTF9HmFMcg%2526client%253Dca-pub-4766656075352824%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=196438%2C183975%2C23576&b=GjMSBfpfXwx9UKHeHGtPt31dHZSYTJ78sQVeB%2Ce7mt3fVfrkRMajHZHet1t4jXTwSQTK3gsJxrj%2CdE7HEfkf8x8cEHjHwtEtbbrfeS4T59ATgVmM&f=Vx4HwfmfDjJEfVHbHAtXC8j4cBSzTgbrUDJdX%2CDjBS3fwfGA3rF3HmH9twCZ3kTxSmTYEXhZMAz%2CK1mCRfZfjwju5HMHktzCBB4C7SAT84Jtp2Qx&c=728&d=90&e=&g=ad23e113f62ea3fa4eb767672c96042c%2F4565384704278724705&i=25174%2C20597%2C20774&j=16%2C21%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1703542844486&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g9k4gy9s8say8kxpkefqswk01wasxs1e549r8zd3v4ejnv013h2aaqdfagxspemjsjhcmwp0cm690nha7cv0gpa7cdyh9k69309sc5shw6axrj1fvzxj1twfczfmbdapeb82ms4gt0r3bvdx2e1ygsa6t0wwv1xnhj5qfcg3tcfdm1mbs8abq5nc1s2bnh9hcmms8wp3kax8mz5t3enqbffjgkw3jp44gbkd64qsj2bzgcx7a812ncgb1njj5cvbffv2kx9m1dfczz31v8m1vmr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCjabNOwCKZaHiN4vE9u8Pr7eS4AOQ4YGEXLaoworwAsCNtwEQASAAYJWipIKwB4IBF2NhLXB1Yi00NzY2NjU2MDc1MzUyODI0yAEJqQIRY4ZOUXiyPqgDAcgDAqoEmQJP0GDVPx2-HIFJ4_DO5-AZ_Usvc1Ew0hF0ShpGECcspFxlQ6y-VX-86iEBa9ifQJ_bCcqFSwqY10bA9bzv_qgSUmSUZVwo1e1eA8kOzu1IgssZ_t5HtJYmmpZW8ZHNsXW4xWWv1o1bKb96jH-zNs0Z0H98ldBKn2DViwdPEeeZcOh8UFKp-aninbmIQ8EbRhsDrZ2mbnftNvWDgjFtvTDtRZsP9z4X2xtHhsQrdzUVX7F7MEUBck3jRbAy7fq5rthigWu4cvjq4OCg6YbiKcu6N6G7Ib8DgzwjAky94ehuO6FV2z8dKrK2to9PQAh95leMaVZhJAlukTxUh1BJ6Eo5UQUXE-6bP7FbaheVhlmgPxlxi8X0aeibnYAGx5G4oZi-xt9soAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WPvFyNDPq4MD-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3Sv86g3e0VJzP1tbgCWTF9HmFMcg%2526client%253Dca-pub-4766656075352824%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 22:20:44 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2313042
cf-polished: origSize=118430
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 02 Nov 2023 10:26:17 GMT
server: cloudflare
etag: W/"486507ccce9ac587d11c0ef3f32a109a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fb7%2Fx1LNfmqMNkQAQ%2BHt2U6JlJZydmmr2YLU62UImR2GTz8oPqSIu9bKCSc57oaa2P24jgOLgR7avozjzdqvHUgrhbk3ZTiYPPEp6sWFsKcqvUYQpvJ81Bkz9K9cXQ%2BVx2fxmBiGGgk%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=86400
cf-ray: 83b4791abcd76ab8-FRA
expires: Tue, 26 Dec 2023 22:20:44 GMT

GET
H3 200 F1668CEEF41AAD8A0C029F9D23FE46EC6F8068CDC15DA60F85AFC1E3BD14A8C560B4DF91D88D53A78DBCC7160246BC21A8B17CCED604428331EE91402A545B83
assets.ad4m.at/logo/ Frame 9741 9 KB
10 KB 36ms
36ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/F1668CEEF41AAD8A0C029F9D23FE46EC6F8068CDC15DA60F85AFC1E3BD14A8C560B4DF91D88D53A78DBCC7160246BC21A8B17CCED604428331EE91402A545B83
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=196438%2C183975%2C23576&b=GjMSBfpfXwx9UKHeHGtPt31dHZSYTJ78sQVeB%2Ce7mt3fVfrkRMajHZHet1t4jXTwSQTK3gsJxrj%2CdE7HEfkf8x8cEHjHwtEtbbrfeS4T59ATgVmM&f=Vx4HwfmfDjJEfVHbHAtXC8j4cBSzTgbrUDJdX%2CDjBS3fwfGA3rF3HmH9twCZ3kTxSmTYEXhZMAz%2CK1mCRfZfjwju5HMHktzCBB4C7SAT84Jtp2Qx&c=728&d=90&e=&g=ad23e113f62ea3fa4eb767672c96042c%2F4565384704278724705&i=25174%2C20597%2C20774&j=16%2C21%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1703542844486&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g9k4gy9s8say8kxpkefqswk01wasxs1e549r8zd3v4ejnv013h2aaqdfagxspemjsjhcmwp0cm690nha7cv0gpa7cdyh9k69309sc5shw6axrj1fvzxj1twfczfmbdapeb82ms4gt0r3bvdx2e1ygsa6t0wwv1xnhj5qfcg3tcfdm1mbs8abq5nc1s2bnh9hcmms8wp3kax8mz5t3enqbffjgkw3jp44gbkd64qsj2bzgcx7a812ncgb1njj5cvbffv2kx9m1dfczz31v8m1vmr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCjabNOwCKZaHiN4vE9u8Pr7eS4AOQ4YGEXLaoworwAsCNtwEQASAAYJWipIKwB4IBF2NhLXB1Yi00NzY2NjU2MDc1MzUyODI0yAEJqQIRY4ZOUXiyPqgDAcgDAqoEmQJP0GDVPx2-HIFJ4_DO5-AZ_Usvc1Ew0hF0ShpGECcspFxlQ6y-VX-86iEBa9ifQJ_bCcqFSwqY10bA9bzv_qgSUmSUZVwo1e1eA8kOzu1IgssZ_t5HtJYmmpZW8ZHNsXW4xWWv1o1bKb96jH-zNs0Z0H98ldBKn2DViwdPEeeZcOh8UFKp-aninbmIQ8EbRhsDrZ2mbnftNvWDgjFtvTDtRZsP9z4X2xtHhsQrdzUVX7F7MEUBck3jRbAy7fq5rthigWu4cvjq4OCg6YbiKcu6N6G7Ib8DgzwjAky94ehuO6FV2z8dKrK2to9PQAh95leMaVZhJAlukTxUh1BJ6Eo5UQUXE-6bP7FbaheVhlmgPxlxi8X0aeibnYAGx5G4oZi-xt9soAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WPvFyNDPq4MD-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3Sv86g3e0VJzP1tbgCWTF9HmFMcg%2526client%253Dca-pub-4766656075352824%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3dd5bb9fda081a3cb1bd6d513edb1a71746031bec07d8c646abe5813ba9dd4c4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 22:20:44 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 428783
cf-polished: qual=85, origFmt=jpeg, origSize=13332
alt-svc: h3=":443"; ma=86400
content-length: 9604
cf-bgj: imgq:85,h2pri
last-modified: Fri, 03 Nov 2023 17:02:02 GMT
server: cloudflare
etag: "23e86ef8ba51d351917574e3e8d33ca5"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RrNx2h5TFSeFYXir%2FGg1UDClj%2FhUkLMUR7C2bS1QRcNqj3i7jlUODCHwqwCpoMQDY4wbPlYdM52gOZ1oJyp%2BtTKg2RxHbFwE2R1nwyhGg26nCyjwbjIxZbrwQvninDOBF22KbOokhhjy7dbG"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 83b4791abcd86ab8-FRA

GET
H3 200 BE6DC3223230068E9577E01057A3B7B2EF16298C4CB50492A156BC698A0B935475C050BE8658A2EEFAFF80ECE4CCAAFC1E82AC22B24DC4054F36591D448FD712
assets.ad4m.at/ Frame 9741 28 KB
29 KB 42ms
42ms Image
image/jpeg 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/BE6DC3223230068E9577E01057A3B7B2EF16298C4CB50492A156BC698A0B935475C050BE8658A2EEFAFF80ECE4CCAAFC1E82AC22B24DC4054F36591D448FD712
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=196438%2C183975%2C23576&b=GjMSBfpfXwx9UKHeHGtPt31dHZSYTJ78sQVeB%2Ce7mt3fVfrkRMajHZHet1t4jXTwSQTK3gsJxrj%2CdE7HEfkf8x8cEHjHwtEtbbrfeS4T59ATgVmM&f=Vx4HwfmfDjJEfVHbHAtXC8j4cBSzTgbrUDJdX%2CDjBS3fwfGA3rF3HmH9twCZ3kTxSmTYEXhZMAz%2CK1mCRfZfjwju5HMHktzCBB4C7SAT84Jtp2Qx&c=728&d=90&e=&g=ad23e113f62ea3fa4eb767672c96042c%2F4565384704278724705&i=25174%2C20597%2C20774&j=16%2C21%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1703542844486&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g9k4gy9s8say8kxpkefqswk01wasxs1e549r8zd3v4ejnv013h2aaqdfagxspemjsjhcmwp0cm690nha7cv0gpa7cdyh9k69309sc5shw6axrj1fvzxj1twfczfmbdapeb82ms4gt0r3bvdx2e1ygsa6t0wwv1xnhj5qfcg3tcfdm1mbs8abq5nc1s2bnh9hcmms8wp3kax8mz5t3enqbffjgkw3jp44gbkd64qsj2bzgcx7a812ncgb1njj5cvbffv2kx9m1dfczz31v8m1vmr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCjabNOwCKZaHiN4vE9u8Pr7eS4AOQ4YGEXLaoworwAsCNtwEQASAAYJWipIKwB4IBF2NhLXB1Yi00NzY2NjU2MDc1MzUyODI0yAEJqQIRY4ZOUXiyPqgDAcgDAqoEmQJP0GDVPx2-HIFJ4_DO5-AZ_Usvc1Ew0hF0ShpGECcspFxlQ6y-VX-86iEBa9ifQJ_bCcqFSwqY10bA9bzv_qgSUmSUZVwo1e1eA8kOzu1IgssZ_t5HtJYmmpZW8ZHNsXW4xWWv1o1bKb96jH-zNs0Z0H98ldBKn2DViwdPEeeZcOh8UFKp-aninbmIQ8EbRhsDrZ2mbnftNvWDgjFtvTDtRZsP9z4X2xtHhsQrdzUVX7F7MEUBck3jRbAy7fq5rthigWu4cvjq4OCg6YbiKcu6N6G7Ib8DgzwjAky94ehuO6FV2z8dKrK2to9PQAh95leMaVZhJAlukTxUh1BJ6Eo5UQUXE-6bP7FbaheVhlmgPxlxi8X0aeibnYAGx5G4oZi-xt9soAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WPvFyNDPq4MD-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3Sv86g3e0VJzP1tbgCWTF9HmFMcg%2526client%253Dca-pub-4766656075352824%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 013c46bb69056b44df46c3a4d22b3b4ec4eb52aa2d8253019988ffe1494caf7f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 22:20:44 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2227132
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400
content-length: 28954
cf-bgj: imgq:85,h2pri
last-modified: Thu, 23 Nov 2023 07:58:31 GMT
server: cloudflare
etag: "85b2952dc2f72512aefd9f8454909e82"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EaKBzub4kvgX0CKQKwQOT28%2Fl92hYww1W4E1KGeU1LVhrqCV4n26LtzghEj2vp%2B%2F5F1JZU1av7kT0Fiiad7DGQIPVbrehcPaRL928aQ9%2FPmdh3mnb%2FoMOl5SYeRbc5MKipOAKOGfgb6%2BuUGc"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 83b4791abcda6ab8-FRA

GET
H/1.1

200

/
banner.congstar.de/cookie/ Frame 9741
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%...
https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_pre=CMXY9tDPq4MDFVgXVQgdjCYJAw;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_d...
https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneidGjMSBfpfXwx9UKHeHGtPt31dHZSYTJ78sQVeBoneid__suite_Netmix_Reach118_EXTRAPUSH&gdpr_consent=&gdpr=0&gdpr_pd=0
https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1703542844_d8c41640-a373-11ee-bd07-2236e1f32b64

0
549 B

76ms
16ms

Image
text/plain

87.118.116.9
KEYWEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1703542844_d8c41640-a373-11ee-bd07-2236e1f32b64
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=196438%2C183975%2C23576&b=GjMSBfpfXwx9UKHeHGtPt31dHZSYTJ78sQVeB%2Ce7mt3fVfrkRMajHZHet1t4jXTwSQTK3gsJxrj%2CdE7HEfkf8x8cEHjHwtEtbbrfeS4T59ATgVmM&f=Vx4HwfmfDjJEfVHbHAtXC8j4cBSzTgbrUDJdX%2CDjBS3fwfGA3rF3HmH9twCZ3kTxSmTYEXhZMAz%2CK1mCRfZfjwju5HMHktzCBB4C7SAT84Jtp2Qx&c=728&d=90&e=&g=ad23e113f62ea3fa4eb767672c96042c%2F4565384704278724705&i=25174%2C20597%2C20774&j=16%2C21%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1703542844486&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g9k4gy9s8say8kxpkefqswk01wasxs1e549r8zd3v4ejnv013h2aaqdfagxspemjsjhcmwp0cm690nha7cv0gpa7cdyh9k69309sc5shw6axrj1fvzxj1twfczfmbdapeb82ms4gt0r3bvdx2e1ygsa6t0wwv1xnhj5qfcg3tcfdm1mbs8abq5nc1s2bnh9hcmms8wp3kax8mz5t3enqbffjgkw3jp44gbkd64qsj2bzgcx7a812ncgb1njj5cvbffv2kx9m1dfczz31v8m1vmr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCjabNOwCKZaHiN4vE9u8Pr7eS4AOQ4YGEXLaoworwAsCNtwEQASAAYJWipIKwB4IBF2NhLXB1Yi00NzY2NjU2MDc1MzUyODI0yAEJqQIRY4ZOUXiyPqgDAcgDAqoEmQJP0GDVPx2-HIFJ4_DO5-AZ_Usvc1Ew0hF0ShpGECcspFxlQ6y-VX-86iEBa9ifQJ_bCcqFSwqY10bA9bzv_qgSUmSUZVwo1e1eA8kOzu1IgssZ_t5HtJYmmpZW8ZHNsXW4xWWv1o1bKb96jH-zNs0Z0H98ldBKn2DViwdPEeeZcOh8UFKp-aninbmIQ8EbRhsDrZ2mbnftNvWDgjFtvTDtRZsP9z4X2xtHhsQrdzUVX7F7MEUBck3jRbAy7fq5rthigWu4cvjq4OCg6YbiKcu6N6G7Ib8DgzwjAky94ehuO6FV2z8dKrK2to9PQAh95leMaVZhJAlukTxUh1BJ6Eo5UQUXE-6bP7FbaheVhlmgPxlxi8X0aeibnYAGx5G4oZi-xt9soAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WPvFyNDPq4MD-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3Sv86g3e0VJzP1tbgCWTF9HmFMcg%2526client%253Dca-pub-4766656075352824%2526adurl%253D&y=1&s=&z=0
Protocol: HTTP/1.1
Server: 87.118.116.9 , Germany, ASN31103 (KEYWEB-AS, DE),
Reverse DNS: km36617.keymachine.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 25 Dec 2023 22:20:43 GMT
Server: Apache
P3P: CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 0

Redirect headers

Date: Mon, 25 Dec 2023 22:20:44 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location: https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1703542844_d8c41640-a373-11ee-bd07-2236e1f32b64
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 0

GET
H3 200 71822252443746CAFD12D9E55FD268C1CD4E723FC7E6FEA7C619297C18F60F705EDC75D8C302298612ADE97D145F0B4D195653C63CDD1F77FE140282FF3AC22A
assets.ad4m.at/logo/ Frame 9741 10 KB
10 KB 62ms
61ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/71822252443746CAFD12D9E55FD268C1CD4E723FC7E6FEA7C619297C18F60F705EDC75D8C302298612ADE97D145F0B4D195653C63CDD1F77FE140282FF3AC22A
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=196438%2C183975%2C23576&b=GjMSBfpfXwx9UKHeHGtPt31dHZSYTJ78sQVeB%2Ce7mt3fVfrkRMajHZHet1t4jXTwSQTK3gsJxrj%2CdE7HEfkf8x8cEHjHwtEtbbrfeS4T59ATgVmM&f=Vx4HwfmfDjJEfVHbHAtXC8j4cBSzTgbrUDJdX%2CDjBS3fwfGA3rF3HmH9twCZ3kTxSmTYEXhZMAz%2CK1mCRfZfjwju5HMHktzCBB4C7SAT84Jtp2Qx&c=728&d=90&e=&g=ad23e113f62ea3fa4eb767672c96042c%2F4565384704278724705&i=25174%2C20597%2C20774&j=16%2C21%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1703542844486&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g9k4gy9s8say8kxpkefqswk01wasxs1e549r8zd3v4ejnv013h2aaqdfagxspemjsjhcmwp0cm690nha7cv0gpa7cdyh9k69309sc5shw6axrj1fvzxj1twfczfmbdapeb82ms4gt0r3bvdx2e1ygsa6t0wwv1xnhj5qfcg3tcfdm1mbs8abq5nc1s2bnh9hcmms8wp3kax8mz5t3enqbffjgkw3jp44gbkd64qsj2bzgcx7a812ncgb1njj5cvbffv2kx9m1dfczz31v8m1vmr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCjabNOwCKZaHiN4vE9u8Pr7eS4AOQ4YGEXLaoworwAsCNtwEQASAAYJWipIKwB4IBF2NhLXB1Yi00NzY2NjU2MDc1MzUyODI0yAEJqQIRY4ZOUXiyPqgDAcgDAqoEmQJP0GDVPx2-HIFJ4_DO5-AZ_Usvc1Ew0hF0ShpGECcspFxlQ6y-VX-86iEBa9ifQJ_bCcqFSwqY10bA9bzv_qgSUmSUZVwo1e1eA8kOzu1IgssZ_t5HtJYmmpZW8ZHNsXW4xWWv1o1bKb96jH-zNs0Z0H98ldBKn2DViwdPEeeZcOh8UFKp-aninbmIQ8EbRhsDrZ2mbnftNvWDgjFtvTDtRZsP9z4X2xtHhsQrdzUVX7F7MEUBck3jRbAy7fq5rthigWu4cvjq4OCg6YbiKcu6N6G7Ib8DgzwjAky94ehuO6FV2z8dKrK2to9PQAh95leMaVZhJAlukTxUh1BJ6Eo5UQUXE-6bP7FbaheVhlmgPxlxi8X0aeibnYAGx5G4oZi-xt9soAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WPvFyNDPq4MD-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3Sv86g3e0VJzP1tbgCWTF9HmFMcg%2526client%253Dca-pub-4766656075352824%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 40df2b78182e4ea8c29b45c73a0e7bef10dc5ab61798ce22238d039d2bd81b92

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 22:20:44 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 436865
cf-polished: origFmt=png, origSize=10653
alt-svc: h3=":443"; ma=86400
content-length: 9924
cf-bgj: imgq:85,h2pri
last-modified: Wed, 08 Nov 2023 11:11:38 GMT
server: cloudflare
etag: "ca1cf24fc82b7541b262f0d4b15a8100"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4GeAn2HtLdQiK%2FDiAyaHhrvpMsPTS5LXahlCvQVUtM%2FXNApVbFBoAdp80kwtuDmcJZZHZXnMw4SLtEhPKAX2n1FsYWtW6tWdgGPxq62cqkuSvE0uJ0lhxLQYUIr0ryfjvsBQUQg3k11rnHxd"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 83b4791abcdb6ab8-FRA

GET
H3 200 1408E404D125984EC307986C30204BFB93CEF5A079A8B664A2AB24EB8E10E04B06FC2810F2A3432611FA8E4EB56D40C4CE476E3578F76162AC45AD15ADEE2CC0
assets.ad4m.at/product_image/ Frame 9741 28 KB
28 KB 37ms
36ms Image
image/jpeg 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/1408E404D125984EC307986C30204BFB93CEF5A079A8B664A2AB24EB8E10E04B06FC2810F2A3432611FA8E4EB56D40C4CE476E3578F76162AC45AD15ADEE2CC0
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=196438%2C183975%2C23576&b=GjMSBfpfXwx9UKHeHGtPt31dHZSYTJ78sQVeB%2Ce7mt3fVfrkRMajHZHet1t4jXTwSQTK3gsJxrj%2CdE7HEfkf8x8cEHjHwtEtbbrfeS4T59ATgVmM&f=Vx4HwfmfDjJEfVHbHAtXC8j4cBSzTgbrUDJdX%2CDjBS3fwfGA3rF3HmH9twCZ3kTxSmTYEXhZMAz%2CK1mCRfZfjwju5HMHktzCBB4C7SAT84Jtp2Qx&c=728&d=90&e=&g=ad23e113f62ea3fa4eb767672c96042c%2F4565384704278724705&i=25174%2C20597%2C20774&j=16%2C21%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1703542844486&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g9k4gy9s8say8kxpkefqswk01wasxs1e549r8zd3v4ejnv013h2aaqdfagxspemjsjhcmwp0cm690nha7cv0gpa7cdyh9k69309sc5shw6axrj1fvzxj1twfczfmbdapeb82ms4gt0r3bvdx2e1ygsa6t0wwv1xnhj5qfcg3tcfdm1mbs8abq5nc1s2bnh9hcmms8wp3kax8mz5t3enqbffjgkw3jp44gbkd64qsj2bzgcx7a812ncgb1njj5cvbffv2kx9m1dfczz31v8m1vmr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCjabNOwCKZaHiN4vE9u8Pr7eS4AOQ4YGEXLaoworwAsCNtwEQASAAYJWipIKwB4IBF2NhLXB1Yi00NzY2NjU2MDc1MzUyODI0yAEJqQIRY4ZOUXiyPqgDAcgDAqoEmQJP0GDVPx2-HIFJ4_DO5-AZ_Usvc1Ew0hF0ShpGECcspFxlQ6y-VX-86iEBa9ifQJ_bCcqFSwqY10bA9bzv_qgSUmSUZVwo1e1eA8kOzu1IgssZ_t5HtJYmmpZW8ZHNsXW4xWWv1o1bKb96jH-zNs0Z0H98ldBKn2DViwdPEeeZcOh8UFKp-aninbmIQ8EbRhsDrZ2mbnftNvWDgjFtvTDtRZsP9z4X2xtHhsQrdzUVX7F7MEUBck3jRbAy7fq5rthigWu4cvjq4OCg6YbiKcu6N6G7Ib8DgzwjAky94ehuO6FV2z8dKrK2to9PQAh95leMaVZhJAlukTxUh1BJ6Eo5UQUXE-6bP7FbaheVhlmgPxlxi8X0aeibnYAGx5G4oZi-xt9soAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WPvFyNDPq4MD-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3Sv86g3e0VJzP1tbgCWTF9HmFMcg%2526client%253Dca-pub-4766656075352824%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8dc0b8445f80ad134748d7c83953db4326302247a34ba6fa2239b61836930842

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 22:20:44 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2313736
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400
content-length: 28452
cf-bgj: imgq:85,h2pri
last-modified: Thu, 09 Nov 2023 08:10:32 GMT
server: cloudflare
etag: "ad60aab65075d58e4390c75c7ea7b04e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1rAYjAoBm55Y9hkUEpzQE4s9OsaLmialRpLiTNueFoYNO4Aa4Ob74IPSnsmKZ5VwRnUFL8PSMPBsBrq1LR4p7JldyOBO2rgaGxq2kug5MThKDZ5lagC1sUCWeugGjHNLM5Iico35%2BJN4ToUS"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 83b4791abcdc6ab8-FRA

GET
H3 200 D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
assets.ad4m.at/logo/ Frame 9741 8 KB
8 KB 66ms
65ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=196438%2C183975%2C23576&b=GjMSBfpfXwx9UKHeHGtPt31dHZSYTJ78sQVeB%2Ce7mt3fVfrkRMajHZHet1t4jXTwSQTK3gsJxrj%2CdE7HEfkf8x8cEHjHwtEtbbrfeS4T59ATgVmM&f=Vx4HwfmfDjJEfVHbHAtXC8j4cBSzTgbrUDJdX%2CDjBS3fwfGA3rF3HmH9twCZ3kTxSmTYEXhZMAz%2CK1mCRfZfjwju5HMHktzCBB4C7SAT84Jtp2Qx&c=728&d=90&e=&g=ad23e113f62ea3fa4eb767672c96042c%2F4565384704278724705&i=25174%2C20597%2C20774&j=16%2C21%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1703542844486&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g9k4gy9s8say8kxpkefqswk01wasxs1e549r8zd3v4ejnv013h2aaqdfagxspemjsjhcmwp0cm690nha7cv0gpa7cdyh9k69309sc5shw6axrj1fvzxj1twfczfmbdapeb82ms4gt0r3bvdx2e1ygsa6t0wwv1xnhj5qfcg3tcfdm1mbs8abq5nc1s2bnh9hcmms8wp3kax8mz5t3enqbffjgkw3jp44gbkd64qsj2bzgcx7a812ncgb1njj5cvbffv2kx9m1dfczz31v8m1vmr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCjabNOwCKZaHiN4vE9u8Pr7eS4AOQ4YGEXLaoworwAsCNtwEQASAAYJWipIKwB4IBF2NhLXB1Yi00NzY2NjU2MDc1MzUyODI0yAEJqQIRY4ZOUXiyPqgDAcgDAqoEmQJP0GDVPx2-HIFJ4_DO5-AZ_Usvc1Ew0hF0ShpGECcspFxlQ6y-VX-86iEBa9ifQJ_bCcqFSwqY10bA9bzv_qgSUmSUZVwo1e1eA8kOzu1IgssZ_t5HtJYmmpZW8ZHNsXW4xWWv1o1bKb96jH-zNs0Z0H98ldBKn2DViwdPEeeZcOh8UFKp-aninbmIQ8EbRhsDrZ2mbnftNvWDgjFtvTDtRZsP9z4X2xtHhsQrdzUVX7F7MEUBck3jRbAy7fq5rthigWu4cvjq4OCg6YbiKcu6N6G7Ib8DgzwjAky94ehuO6FV2z8dKrK2to9PQAh95leMaVZhJAlukTxUh1BJ6Eo5UQUXE-6bP7FbaheVhlmgPxlxi8X0aeibnYAGx5G4oZi-xt9soAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WPvFyNDPq4MD-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3Sv86g3e0VJzP1tbgCWTF9HmFMcg%2526client%253Dca-pub-4766656075352824%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4275ee4b58a39dcbd59ebeb2c806cb7afc45bde82e90daf14808b64702ad40b7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 22:20:44 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 429191
cf-polished: qual=85, origFmt=jpeg, origSize=12951
alt-svc: h3=":443"; ma=86400
content-length: 7758
cf-bgj: imgq:85,h2pri
last-modified: Fri, 20 Oct 2023 22:22:01 GMT
server: cloudflare
etag: "12e3523b35b31c7ddfe7c77dcdb14a34"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t8H%2FRHRFZVgOAXVADME42%2B9MddZzrfZGbYYtIRwHcgGiAkl%2Bcg8qZbAdSJnwDQVWf3wsF1FfIQD5nAq7GVfOHT058Z%2BlIm4ZfdZ3Vg4vDY%2FXX04gL2nQMrXEK1kk0djUMFpOXxOFqYoH7ITY"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 83b4791abcdf6ab8-FRA

GET
H3 200 F62A1DE9558535D0FF655677BD09A3CC277ACE3637CF682E0D52C0F5BBA2668E34C6194AEF65CBBC1F6ECA33D1332A3C8BE1215EA4AB0FD0FBE5F5B485AF1875
assets.ad4m.at/product_image/ Frame 9741 20 KB
21 KB 72ms
71ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/F62A1DE9558535D0FF655677BD09A3CC277ACE3637CF682E0D52C0F5BBA2668E34C6194AEF65CBBC1F6ECA33D1332A3C8BE1215EA4AB0FD0FBE5F5B485AF1875
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=196438%2C183975%2C23576&b=GjMSBfpfXwx9UKHeHGtPt31dHZSYTJ78sQVeB%2Ce7mt3fVfrkRMajHZHet1t4jXTwSQTK3gsJxrj%2CdE7HEfkf8x8cEHjHwtEtbbrfeS4T59ATgVmM&f=Vx4HwfmfDjJEfVHbHAtXC8j4cBSzTgbrUDJdX%2CDjBS3fwfGA3rF3HmH9twCZ3kTxSmTYEXhZMAz%2CK1mCRfZfjwju5HMHktzCBB4C7SAT84Jtp2Qx&c=728&d=90&e=&g=ad23e113f62ea3fa4eb767672c96042c%2F4565384704278724705&i=25174%2C20597%2C20774&j=16%2C21%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1703542844486&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g9k4gy9s8say8kxpkefqswk01wasxs1e549r8zd3v4ejnv013h2aaqdfagxspemjsjhcmwp0cm690nha7cv0gpa7cdyh9k69309sc5shw6axrj1fvzxj1twfczfmbdapeb82ms4gt0r3bvdx2e1ygsa6t0wwv1xnhj5qfcg3tcfdm1mbs8abq5nc1s2bnh9hcmms8wp3kax8mz5t3enqbffjgkw3jp44gbkd64qsj2bzgcx7a812ncgb1njj5cvbffv2kx9m1dfczz31v8m1vmr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCjabNOwCKZaHiN4vE9u8Pr7eS4AOQ4YGEXLaoworwAsCNtwEQASAAYJWipIKwB4IBF2NhLXB1Yi00NzY2NjU2MDc1MzUyODI0yAEJqQIRY4ZOUXiyPqgDAcgDAqoEmQJP0GDVPx2-HIFJ4_DO5-AZ_Usvc1Ew0hF0ShpGECcspFxlQ6y-VX-86iEBa9ifQJ_bCcqFSwqY10bA9bzv_qgSUmSUZVwo1e1eA8kOzu1IgssZ_t5HtJYmmpZW8ZHNsXW4xWWv1o1bKb96jH-zNs0Z0H98ldBKn2DViwdPEeeZcOh8UFKp-aninbmIQ8EbRhsDrZ2mbnftNvWDgjFtvTDtRZsP9z4X2xtHhsQrdzUVX7F7MEUBck3jRbAy7fq5rthigWu4cvjq4OCg6YbiKcu6N6G7Ib8DgzwjAky94ehuO6FV2z8dKrK2to9PQAh95leMaVZhJAlukTxUh1BJ6Eo5UQUXE-6bP7FbaheVhlmgPxlxi8X0aeibnYAGx5G4oZi-xt9soAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WPvFyNDPq4MD-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3Sv86g3e0VJzP1tbgCWTF9HmFMcg%2526client%253Dca-pub-4766656075352824%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8be82f349b2994d7f0ed7fcba5e50ffb8a960f135e513b34730af4578cab9883

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 22:20:44 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 440851
cf-polished: qual=85, origFmt=jpeg, origSize=23329
alt-svc: h3=":443"; ma=86400
content-length: 20802
cf-bgj: imgq:85,h2pri
last-modified: Tue, 31 Oct 2023 16:54:32 GMT
server: cloudflare
etag: "e320c43993ae8577c544483e96756c59"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hsj%2FUeb2yrhzC%2FhfQE8EctJD4%2BXSeQYSAWw15uWcN%2F0biDbn3UkaiECjYsIb5P7VFgKkK1X7M8Ks5nQgVWb5Ydx6W2tdtVHwyyLhUbqQYA2gqfouynWl9jyT9NK4%2FSOKfnx1OUDcT6hWwYHV"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 83b4791abce06ab8-FRA

GET
H/1.1

200
OK

/
partner.o2online.de/a/ Frame 9741
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_t...
https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CKXa9tDPq4MDFTAnVQgdBXUCzw;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=...
https://www.telefonica-partner.de/tpv.php?t=120211V1226132702M&subid=viewoneiddE7HEfkf8x8cEHjHwtEtbbrfeS4T59ATgVmMoneid__suite_Netmix_Reach118_EXTRAPUSH&gdpr_consent=&gdpr=0&gdpr_pd=0
https://www.lead-alliance.net/tpv.php?t=120211V1226132702M&subid=viewoneiddE7HEfkf8x8cEHjHwtEtbbrfeS4T59ATgVmMoneid__suite_Netmix_Reach118_EXTRAPUSH&gdpr_consent=&gdpr=0&gdpr_pd=0
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=120211&s_id=2023122523204491637156139X120211V1226132702MSviewoneiddE7HEfkf8x8cEHjHwtEtbbrfeS4T59ATgVmMoneid__suite...

49 B
1 KB

162ms
39ms

Image
image/gif

167.233.13.224
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=120211&s_id=2023122523204491637156139X120211V1226132702MSviewoneiddE7HEfkf8x8cEHjHwtEtbbrfeS4T59ATgVmMoneid__suite_Netmix_Reach118_EXTRAPUSH&gdpr_consent=&gdpr=0&cons=0&spid=2023122523204491637156139X120211V1226132702MSviewoneiddE7HEfkf8x8cEHjHwtEtbbrfeS4T59ATgVmMoneid__suite_Netmix_Reach118_EXTRAPUSH&wfid=120211&partnerid=12218
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=196438%2C183975%2C23576&b=GjMSBfpfXwx9UKHeHGtPt31dHZSYTJ78sQVeB%2Ce7mt3fVfrkRMajHZHet1t4jXTwSQTK3gsJxrj%2CdE7HEfkf8x8cEHjHwtEtbbrfeS4T59ATgVmM&f=Vx4HwfmfDjJEfVHbHAtXC8j4cBSzTgbrUDJdX%2CDjBS3fwfGA3rF3HmH9twCZ3kTxSmTYEXhZMAz%2CK1mCRfZfjwju5HMHktzCBB4C7SAT84Jtp2Qx&c=728&d=90&e=&g=ad23e113f62ea3fa4eb767672c96042c%2F4565384704278724705&i=25174%2C20597%2C20774&j=16%2C21%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1703542844486&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g9k4gy9s8say8kxpkefqswk01wasxs1e549r8zd3v4ejnv013h2aaqdfagxspemjsjhcmwp0cm690nha7cv0gpa7cdyh9k69309sc5shw6axrj1fvzxj1twfczfmbdapeb82ms4gt0r3bvdx2e1ygsa6t0wwv1xnhj5qfcg3tcfdm1mbs8abq5nc1s2bnh9hcmms8wp3kax8mz5t3enqbffjgkw3jp44gbkd64qsj2bzgcx7a812ncgb1njj5cvbffv2kx9m1dfczz31v8m1vmr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCjabNOwCKZaHiN4vE9u8Pr7eS4AOQ4YGEXLaoworwAsCNtwEQASAAYJWipIKwB4IBF2NhLXB1Yi00NzY2NjU2MDc1MzUyODI0yAEJqQIRY4ZOUXiyPqgDAcgDAqoEmQJP0GDVPx2-HIFJ4_DO5-AZ_Usvc1Ew0hF0ShpGECcspFxlQ6y-VX-86iEBa9ifQJ_bCcqFSwqY10bA9bzv_qgSUmSUZVwo1e1eA8kOzu1IgssZ_t5HtJYmmpZW8ZHNsXW4xWWv1o1bKb96jH-zNs0Z0H98ldBKn2DViwdPEeeZcOh8UFKp-aninbmIQ8EbRhsDrZ2mbnftNvWDgjFtvTDtRZsP9z4X2xtHhsQrdzUVX7F7MEUBck3jRbAy7fq5rthigWu4cvjq4OCg6YbiKcu6N6G7Ib8DgzwjAky94ehuO6FV2z8dKrK2to9PQAh95leMaVZhJAlukTxUh1BJ6Eo5UQUXE-6bP7FbaheVhlmgPxlxi8X0aeibnYAGx5G4oZi-xt9soAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WPvFyNDPq4MD-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3Sv86g3e0VJzP1tbgCWTF9HmFMcg%2526client%253Dca-pub-4766656075352824%2526adurl%253D&y=1&s=&z=0
Protocol: HTTP/1.1
Server: 167.233.13.224 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.224.13.233.167.clients.your-server.de
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Mon, 25 Dec 2023 22:20:45 GMT
X-NODEIP: 46.4.41.145
Server: nginx/1.14.0 (Ubuntu)
RM-PrivacyPolicy: https://www.nonstoppartner.net/
Content-Type: image/gif
P3P: policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection: keep-alive
Keep-Alive: timeout=10
Content-Length: 49

Redirect headers

location: https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=120211&s_id=2023122523204491637156139X120211V1226132702MSviewoneiddE7HEfkf8x8cEHjHwtEtbbrfeS4T59ATgVmMoneid__suite_Netmix_Reach118_EXTRAPUSH&gdpr_consent=&gdpr=0&cons=0&spid=2023122523204491637156139X120211V1226132702MSviewoneiddE7HEfkf8x8cEHjHwtEtbbrfeS4T59ATgVmMoneid__suite_Netmix_Reach118_EXTRAPUSH&wfid=120211&partnerid=12218
date: Mon, 25 Dec 2023 22:20:44 GMT
x-content-type-options: nosniff
server: nginx
x-xss-protection: 1; mode=block
content-type: text/html; charset=UTF-8

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.50/one-ad/ Frame BD8A 115 KB
14 KB 69ms
68ms Stylesheet
text/css 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197100%2C765%2C199445&b=ADYaYfqf2VJXsAHRH4tktMMGsRS4TRrAH3JMm%2C7QWSqfzf38crHXHgtAtBGMc4S1TQ8Eu2k1j%2CRx3HgfQfGzwYCkHwH3tQt4dYF9SzTYMAhB3zZ&f=MxGHzfrfjepBCWHEHGtQC661tBS4Txr1CE2g7%2CEjgSDfEfgVhzHAHjt6Cq6daKSVTYr3hBgQ5%2CQxWH4fjfP65ZHxH5HYt9C6ZmH6S4TGD4HEzJ5&c=160&d=600&e=&g=2740e1c93a0954c841ded5be661aa4a0%2F6236052650347061060&i=20773%2C1676%2C30890&j=14%2C4%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1703542844509&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jky0g48whp12nezg6retbkm88jjfak3vhh4fynt25gg20tn5n8xtfrwegza89yhkcbws6ggxws3tzzym2a8qj28gs9y838gj21tc70znkhfhdg9kg9bbstkgxgwrrfsx3kfh820p4pdtrmhy07p9c4n9ww8mm7vf2e44w754cghhrr08cmdjw9k8wgfwmda2pmfvx6d48cqy91zxtvr44cphyad1py95hvy8vk9132ctcd89qrxyajpasdn64dh1dp5gj9mh2rj60e4xj1d6qhm%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCGp0UOwCKZb-3OJyTmLAPkJa0wAOQ4YGEXLaoworwAsCNtwEQASAAYJWipIKwB4IBF2NhLXB1Yi00NzY2NjU2MDc1MzUyODI0yAEJqQIRY4ZOUXiyPqgDAcgDAqoEmgJP0JuNx3sOuOU3Tz258PPZQ--bzVpbxonUTlMnbypF_XTZygKfOxLfZYuzG74SZSM3kz_DdSfJFIWoF8AMxb0BQyITDZ0nxnxwIdzMZBlslCKrQNtzmfbaTCcyku8zDG38Xw1mGMSOEjOJtqsXT-bysHncurfEEF8UMR3cqzlruX-Qk3VNtMcpgZC0DmeiUS5a9mpbMj-smGfIBB4zrB7nGqwZJEaioDRnVVCKaLZoNrHOoCHmi0ugClMeKqH3ZlbEjQ_ly5DEKc1PbhtFenRO76RBV3PxF2CbDpRcxpA9AD75fsXqE0-r4gPlawJ1wqPcw6c8_zgTctga1hZYoF9FJV1tX6bzoF6sWP9yXa3nUHpq8XhcuwE0IDeABvnEndus88zewwGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYpYbJ0M-rgwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1I93El2lPjZx4jNcyAVHzTNSYykg%2526client%253Dca-pub-4766656075352824%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=197100%2C765%2C199445&b=ADYaYfqf2VJXsAHRH4tktMMGsRS4TRrAH3JMm%2C7QWSqfzf38crHXHgtAtBGMc4S1TQ8Eu2k1j%2CRx3HgfQfGzwYCkHwH3tQt4dYF9SzTYMAhB3zZ&f=MxGHzfrfjepBCWHEHGtQC661tBS4Txr1CE2g7%2CEjgSDfEfgVhzHAHjt6Cq6daKSVTYr3hBgQ5%2CQxWH4fjfP65ZHxH5HYt9C6ZmH6S4TGD4HEzJ5&c=160&d=600&e=&g=2740e1c93a0954c841ded5be661aa4a0%2F6236052650347061060&i=20773%2C1676%2C30890&j=14%2C4%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1703542844509&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jky0g48whp12nezg6retbkm88jjfak3vhh4fynt25gg20tn5n8xtfrwegza89yhkcbws6ggxws3tzzym2a8qj28gs9y838gj21tc70znkhfhdg9kg9bbstkgxgwrrfsx3kfh820p4pdtrmhy07p9c4n9ww8mm7vf2e44w754cghhrr08cmdjw9k8wgfwmda2pmfvx6d48cqy91zxtvr44cphyad1py95hvy8vk9132ctcd89qrxyajpasdn64dh1dp5gj9mh2rj60e4xj1d6qhm%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCGp0UOwCKZb-3OJyTmLAPkJa0wAOQ4YGEXLaoworwAsCNtwEQASAAYJWipIKwB4IBF2NhLXB1Yi00NzY2NjU2MDc1MzUyODI0yAEJqQIRY4ZOUXiyPqgDAcgDAqoEmgJP0JuNx3sOuOU3Tz258PPZQ--bzVpbxonUTlMnbypF_XTZygKfOxLfZYuzG74SZSM3kz_DdSfJFIWoF8AMxb0BQyITDZ0nxnxwIdzMZBlslCKrQNtzmfbaTCcyku8zDG38Xw1mGMSOEjOJtqsXT-bysHncurfEEF8UMR3cqzlruX-Qk3VNtMcpgZC0DmeiUS5a9mpbMj-smGfIBB4zrB7nGqwZJEaioDRnVVCKaLZoNrHOoCHmi0ugClMeKqH3ZlbEjQ_ly5DEKc1PbhtFenRO76RBV3PxF2CbDpRcxpA9AD75fsXqE0-r4gPlawJ1wqPcw6c8_zgTctga1hZYoF9FJV1tX6bzoF6sWP9yXa3nUHpq8XhcuwE0IDeABvnEndus88zewwGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYpYbJ0M-rgwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1I93El2lPjZx4jNcyAVHzTNSYykg%2526client%253Dca-pub-4766656075352824%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 22:20:44 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2313042
cf-polished: origSize=118430
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 02 Nov 2023 10:26:17 GMT
server: cloudflare
etag: W/"486507ccce9ac587d11c0ef3f32a109a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=quAhvINxvNypg9Zeu9ENKvnhzepsxJm7pE2CFDMoxIHMTMCbJ9daH3fEQDOwt%2FkGU8iXvvwb9G0UCZ5cZfpaFswyMHg22yH5kQ7kJXOK14%2BB8eo4Jbn3OVX%2BYV442BK%2B%2BUnOtIG5iXk%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=86400
cf-ray: 83b4791adcf66ab8-FRA
expires: Tue, 26 Dec 2023 22:20:44 GMT

GET
H3 200 DF9A32151D42BCC835EC0C9BE62CF0094313EE46FD4E5D3DC0F1217B7F8F1AD49F0F4DDF5D50AE1511A12D11F97A6BCA3DF8CE9D056CE7A3DC11AF6ED1255D71
assets.ad4m.at/logo/ Frame BD8A 4 KB
4 KB 70ms
70ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/DF9A32151D42BCC835EC0C9BE62CF0094313EE46FD4E5D3DC0F1217B7F8F1AD49F0F4DDF5D50AE1511A12D11F97A6BCA3DF8CE9D056CE7A3DC11AF6ED1255D71
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197100%2C765%2C199445&b=ADYaYfqf2VJXsAHRH4tktMMGsRS4TRrAH3JMm%2C7QWSqfzf38crHXHgtAtBGMc4S1TQ8Eu2k1j%2CRx3HgfQfGzwYCkHwH3tQt4dYF9SzTYMAhB3zZ&f=MxGHzfrfjepBCWHEHGtQC661tBS4Txr1CE2g7%2CEjgSDfEfgVhzHAHjt6Cq6daKSVTYr3hBgQ5%2CQxWH4fjfP65ZHxH5HYt9C6ZmH6S4TGD4HEzJ5&c=160&d=600&e=&g=2740e1c93a0954c841ded5be661aa4a0%2F6236052650347061060&i=20773%2C1676%2C30890&j=14%2C4%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1703542844509&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jky0g48whp12nezg6retbkm88jjfak3vhh4fynt25gg20tn5n8xtfrwegza89yhkcbws6ggxws3tzzym2a8qj28gs9y838gj21tc70znkhfhdg9kg9bbstkgxgwrrfsx3kfh820p4pdtrmhy07p9c4n9ww8mm7vf2e44w754cghhrr08cmdjw9k8wgfwmda2pmfvx6d48cqy91zxtvr44cphyad1py95hvy8vk9132ctcd89qrxyajpasdn64dh1dp5gj9mh2rj60e4xj1d6qhm%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCGp0UOwCKZb-3OJyTmLAPkJa0wAOQ4YGEXLaoworwAsCNtwEQASAAYJWipIKwB4IBF2NhLXB1Yi00NzY2NjU2MDc1MzUyODI0yAEJqQIRY4ZOUXiyPqgDAcgDAqoEmgJP0JuNx3sOuOU3Tz258PPZQ--bzVpbxonUTlMnbypF_XTZygKfOxLfZYuzG74SZSM3kz_DdSfJFIWoF8AMxb0BQyITDZ0nxnxwIdzMZBlslCKrQNtzmfbaTCcyku8zDG38Xw1mGMSOEjOJtqsXT-bysHncurfEEF8UMR3cqzlruX-Qk3VNtMcpgZC0DmeiUS5a9mpbMj-smGfIBB4zrB7nGqwZJEaioDRnVVCKaLZoNrHOoCHmi0ugClMeKqH3ZlbEjQ_ly5DEKc1PbhtFenRO76RBV3PxF2CbDpRcxpA9AD75fsXqE0-r4gPlawJ1wqPcw6c8_zgTctga1hZYoF9FJV1tX6bzoF6sWP9yXa3nUHpq8XhcuwE0IDeABvnEndus88zewwGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYpYbJ0M-rgwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1I93El2lPjZx4jNcyAVHzTNSYykg%2526client%253Dca-pub-4766656075352824%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: edf1f567fd0e29d5899e287541a1623601c1b33cea621dbe80eaefbbaea28ff1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 22:20:44 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 431220
cf-polished: origFmt=png, origSize=4006
alt-svc: h3=":443"; ma=86400
content-length: 3690
cf-bgj: imgq:85,h2pri
last-modified: Thu, 09 Nov 2023 06:54:50 GMT
server: cloudflare
etag: "22de341e7cd2b7cc34bb6862e6295571"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7jlBJYqOCB%2Fk6Rw1Z36508YOVsna2giyQYAKtQisKlqXEuQ1UW5g%2F88KQ0t%2BQaK5AxajrbfvLPMD2blNTc2tybdn%2FlYJVWHk4ItVJy78j7DWL1pw7lnxEoQHqkIN022X2dxZ36B5xe0Lzfnt"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 83b4791adcf96ab8-FRA

GET
H3 200 889802724ADCE2146F48FCE7EC90F6CD108DAFCC62496C95A873616DDD732ECF548D8CB44A350646AF2A651EB681F65353F68EF16A780A6B502FA5C548449E34
assets.ad4m.at/ Frame BD8A 17 KB
18 KB 71ms
71ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/889802724ADCE2146F48FCE7EC90F6CD108DAFCC62496C95A873616DDD732ECF548D8CB44A350646AF2A651EB681F65353F68EF16A780A6B502FA5C548449E34
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197100%2C765%2C199445&b=ADYaYfqf2VJXsAHRH4tktMMGsRS4TRrAH3JMm%2C7QWSqfzf38crHXHgtAtBGMc4S1TQ8Eu2k1j%2CRx3HgfQfGzwYCkHwH3tQt4dYF9SzTYMAhB3zZ&f=MxGHzfrfjepBCWHEHGtQC661tBS4Txr1CE2g7%2CEjgSDfEfgVhzHAHjt6Cq6daKSVTYr3hBgQ5%2CQxWH4fjfP65ZHxH5HYt9C6ZmH6S4TGD4HEzJ5&c=160&d=600&e=&g=2740e1c93a0954c841ded5be661aa4a0%2F6236052650347061060&i=20773%2C1676%2C30890&j=14%2C4%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1703542844509&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jky0g48whp12nezg6retbkm88jjfak3vhh4fynt25gg20tn5n8xtfrwegza89yhkcbws6ggxws3tzzym2a8qj28gs9y838gj21tc70znkhfhdg9kg9bbstkgxgwrrfsx3kfh820p4pdtrmhy07p9c4n9ww8mm7vf2e44w754cghhrr08cmdjw9k8wgfwmda2pmfvx6d48cqy91zxtvr44cphyad1py95hvy8vk9132ctcd89qrxyajpasdn64dh1dp5gj9mh2rj60e4xj1d6qhm%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCGp0UOwCKZb-3OJyTmLAPkJa0wAOQ4YGEXLaoworwAsCNtwEQASAAYJWipIKwB4IBF2NhLXB1Yi00NzY2NjU2MDc1MzUyODI0yAEJqQIRY4ZOUXiyPqgDAcgDAqoEmgJP0JuNx3sOuOU3Tz258PPZQ--bzVpbxonUTlMnbypF_XTZygKfOxLfZYuzG74SZSM3kz_DdSfJFIWoF8AMxb0BQyITDZ0nxnxwIdzMZBlslCKrQNtzmfbaTCcyku8zDG38Xw1mGMSOEjOJtqsXT-bysHncurfEEF8UMR3cqzlruX-Qk3VNtMcpgZC0DmeiUS5a9mpbMj-smGfIBB4zrB7nGqwZJEaioDRnVVCKaLZoNrHOoCHmi0ugClMeKqH3ZlbEjQ_ly5DEKc1PbhtFenRO76RBV3PxF2CbDpRcxpA9AD75fsXqE0-r4gPlawJ1wqPcw6c8_zgTctga1hZYoF9FJV1tX6bzoF6sWP9yXa3nUHpq8XhcuwE0IDeABvnEndus88zewwGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYpYbJ0M-rgwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1I93El2lPjZx4jNcyAVHzTNSYykg%2526client%253Dca-pub-4766656075352824%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 48ec683dddd9075b02220a4d04658adeccf2dd597735da6ea45fe8f705bb195f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 22:20:44 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 435951
cf-polished: qual=85, origFmt=jpeg, origSize=20580
alt-svc: h3=":443"; ma=86400
content-length: 17900
cf-bgj: imgq:85,h2pri
last-modified: Wed, 06 Dec 2023 08:22:48 GMT
server: cloudflare
etag: "8b72f81254ef5865f57f21d9ced58b5a"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UNnM4ZwdbikWUGlgm%2B%2B%2Bs0cj%2FQOYfec7i%2F4HB2LFWcHMlwE%2F3M41bW%2FS5w1sdd%2Bcalnb77j3ryJKj6wzeiVhfJxzxwgoDq3NK%2BVR%2Fqtxw3m6nOmic0rDyIxGpxOxocq9xs2kiEi7PnKsNVfm"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 83b4791adcfb6ab8-FRA

GET
H/1.1

200
OK

/
partner.blau.de/a/ Frame BD8A
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N773418.3163536BLAU_AFFILIATE/B25532621.345088000;dc_trk_aid=536454876;dc_trk_cid=177082088;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed...
https://ad.doubleclick.net/ddm/trackimp/N773418.3163536BLAU_AFFILIATE/B25532621.345088000;dc_pre=CPfc9tDPq4MDFS2c_QcdTcsCQA;dc_trk_aid=536454876;dc_trk_cid=177082088;ord=%7B%7Btimestamp%7D%7D;dc_la...
https://www.telefonica-partner.de/tpv.php?t=117663V1225131106M&subid=viewoneidADYaYfqf2VJXsAHRH4tktMMGsRS4TRrAH3JMmoneid__suite_Netmix_Reach118_EXTRAPUSH&gdpr_consent=&gdpr=0&gdpr_pd=0
https://www.lead-alliance.net/tpv.php?t=117663V1225131106M&subid=viewoneidADYaYfqf2VJXsAHRH4tktMMGsRS4TRrAH3JMmoneid__suite_Netmix_Reach118_EXTRAPUSH&gdpr_consent=&gdpr=0&gdpr_pd=0
https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117663&s_id=2023122523204491637156141X117663V1225131106MSviewoneidADYaYfqf2VJXsAHRH4tktMMGsRS4TRrAH3JMmoneid__suite_...

49 B
1 KB

136ms
50ms

Image
image/gif

167.233.13.224
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117663&s_id=2023122523204491637156141X117663V1225131106MSviewoneidADYaYfqf2VJXsAHRH4tktMMGsRS4TRrAH3JMmoneid__suite_Netmix_Reach118_EXTRAPUSH&gdpr_consent=&gdpr=0&cons=0
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197100%2C765%2C199445&b=ADYaYfqf2VJXsAHRH4tktMMGsRS4TRrAH3JMm%2C7QWSqfzf38crHXHgtAtBGMc4S1TQ8Eu2k1j%2CRx3HgfQfGzwYCkHwH3tQt4dYF9SzTYMAhB3zZ&f=MxGHzfrfjepBCWHEHGtQC661tBS4Txr1CE2g7%2CEjgSDfEfgVhzHAHjt6Cq6daKSVTYr3hBgQ5%2CQxWH4fjfP65ZHxH5HYt9C6ZmH6S4TGD4HEzJ5&c=160&d=600&e=&g=2740e1c93a0954c841ded5be661aa4a0%2F6236052650347061060&i=20773%2C1676%2C30890&j=14%2C4%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1703542844509&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jky0g48whp12nezg6retbkm88jjfak3vhh4fynt25gg20tn5n8xtfrwegza89yhkcbws6ggxws3tzzym2a8qj28gs9y838gj21tc70znkhfhdg9kg9bbstkgxgwrrfsx3kfh820p4pdtrmhy07p9c4n9ww8mm7vf2e44w754cghhrr08cmdjw9k8wgfwmda2pmfvx6d48cqy91zxtvr44cphyad1py95hvy8vk9132ctcd89qrxyajpasdn64dh1dp5gj9mh2rj60e4xj1d6qhm%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCGp0UOwCKZb-3OJyTmLAPkJa0wAOQ4YGEXLaoworwAsCNtwEQASAAYJWipIKwB4IBF2NhLXB1Yi00NzY2NjU2MDc1MzUyODI0yAEJqQIRY4ZOUXiyPqgDAcgDAqoEmgJP0JuNx3sOuOU3Tz258PPZQ--bzVpbxonUTlMnbypF_XTZygKfOxLfZYuzG74SZSM3kz_DdSfJFIWoF8AMxb0BQyITDZ0nxnxwIdzMZBlslCKrQNtzmfbaTCcyku8zDG38Xw1mGMSOEjOJtqsXT-bysHncurfEEF8UMR3cqzlruX-Qk3VNtMcpgZC0DmeiUS5a9mpbMj-smGfIBB4zrB7nGqwZJEaioDRnVVCKaLZoNrHOoCHmi0ugClMeKqH3ZlbEjQ_ly5DEKc1PbhtFenRO76RBV3PxF2CbDpRcxpA9AD75fsXqE0-r4gPlawJ1wqPcw6c8_zgTctga1hZYoF9FJV1tX6bzoF6sWP9yXa3nUHpq8XhcuwE0IDeABvnEndus88zewwGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYpYbJ0M-rgwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1I93El2lPjZx4jNcyAVHzTNSYykg%2526client%253Dca-pub-4766656075352824%2526adurl%253D&y=1&s=&z=0
Protocol: HTTP/1.1
Server: 167.233.13.224 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.224.13.233.167.clients.your-server.de
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Mon, 25 Dec 2023 22:20:45 GMT
X-NODEIP: 78.46.85.162
Server: nginx/1.14.0 (Ubuntu)
RM-PrivacyPolicy: https://www.nonstoppartner.net/
Content-Type: image/gif
P3P: policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection: keep-alive
Keep-Alive: timeout=10
Content-Length: 49

Redirect headers

location: https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117663&s_id=2023122523204491637156141X117663V1225131106MSviewoneidADYaYfqf2VJXsAHRH4tktMMGsRS4TRrAH3JMmoneid__suite_Netmix_Reach118_EXTRAPUSH&gdpr_consent=&gdpr=0&cons=0
date: Mon, 25 Dec 2023 22:20:44 GMT
x-content-type-options: nosniff
server: nginx
x-xss-protection: 1; mode=block
content-type: text/html; charset=UTF-8

GET
H3 200 5BEA37F6D446D4C03B5B8A479BAA7B5322DEA7B4FA3695C41DD3E6D3E6347B5DE247A601FDF909E0717C08186D3BBFC9B7677AEC046BA8D01CF57DDA0A0AE7A5
assets.ad4m.at/logo/ Frame BD8A 6 KB
6 KB 71ms
71ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/5BEA37F6D446D4C03B5B8A479BAA7B5322DEA7B4FA3695C41DD3E6D3E6347B5DE247A601FDF909E0717C08186D3BBFC9B7677AEC046BA8D01CF57DDA0A0AE7A5
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197100%2C765%2C199445&b=ADYaYfqf2VJXsAHRH4tktMMGsRS4TRrAH3JMm%2C7QWSqfzf38crHXHgtAtBGMc4S1TQ8Eu2k1j%2CRx3HgfQfGzwYCkHwH3tQt4dYF9SzTYMAhB3zZ&f=MxGHzfrfjepBCWHEHGtQC661tBS4Txr1CE2g7%2CEjgSDfEfgVhzHAHjt6Cq6daKSVTYr3hBgQ5%2CQxWH4fjfP65ZHxH5HYt9C6ZmH6S4TGD4HEzJ5&c=160&d=600&e=&g=2740e1c93a0954c841ded5be661aa4a0%2F6236052650347061060&i=20773%2C1676%2C30890&j=14%2C4%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1703542844509&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jky0g48whp12nezg6retbkm88jjfak3vhh4fynt25gg20tn5n8xtfrwegza89yhkcbws6ggxws3tzzym2a8qj28gs9y838gj21tc70znkhfhdg9kg9bbstkgxgwrrfsx3kfh820p4pdtrmhy07p9c4n9ww8mm7vf2e44w754cghhrr08cmdjw9k8wgfwmda2pmfvx6d48cqy91zxtvr44cphyad1py95hvy8vk9132ctcd89qrxyajpasdn64dh1dp5gj9mh2rj60e4xj1d6qhm%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCGp0UOwCKZb-3OJyTmLAPkJa0wAOQ4YGEXLaoworwAsCNtwEQASAAYJWipIKwB4IBF2NhLXB1Yi00NzY2NjU2MDc1MzUyODI0yAEJqQIRY4ZOUXiyPqgDAcgDAqoEmgJP0JuNx3sOuOU3Tz258PPZQ--bzVpbxonUTlMnbypF_XTZygKfOxLfZYuzG74SZSM3kz_DdSfJFIWoF8AMxb0BQyITDZ0nxnxwIdzMZBlslCKrQNtzmfbaTCcyku8zDG38Xw1mGMSOEjOJtqsXT-bysHncurfEEF8UMR3cqzlruX-Qk3VNtMcpgZC0DmeiUS5a9mpbMj-smGfIBB4zrB7nGqwZJEaioDRnVVCKaLZoNrHOoCHmi0ugClMeKqH3ZlbEjQ_ly5DEKc1PbhtFenRO76RBV3PxF2CbDpRcxpA9AD75fsXqE0-r4gPlawJ1wqPcw6c8_zgTctga1hZYoF9FJV1tX6bzoF6sWP9yXa3nUHpq8XhcuwE0IDeABvnEndus88zewwGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYpYbJ0M-rgwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1I93El2lPjZx4jNcyAVHzTNSYykg%2526client%253Dca-pub-4766656075352824%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 40803f6727061b25fdffeca62b391f51e86f4656ec71f6748e70adb24e4ef2a7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 22:20:44 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 433410
cf-polished: origFmt=png, origSize=12441
alt-svc: h3=":443"; ma=86400
content-length: 5676
cf-bgj: imgq:85,h2pri
last-modified: Thu, 12 Oct 2023 15:47:18 GMT
server: cloudflare
etag: "db74c4d3f2426619eeab7362f8f8e9a4"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pVfiLMnD7zxpWjGu%2BMwRh9t4CHDyX%2FTzdK4gp%2F%2B0vwx%2FZXr1c76M2FhAQH9JuNimNDx7cguTqvNyk%2Fd7xNQedLhElEfRSfe%2FAXFusj4HsmsE14%2FH9FRanU2kdlTXw1DbUdCqe4o6jlgTOB3M"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 83b4791adcfd6ab8-FRA

GET
H3 200 9A6AB5B03987FD43FC0F4811D9BA44190BAE529CC9CDBC80A1EE8AEE414929F6AA6AD8AD382FDF20E7DF4F4A57A5523074CB0D4B7C5049C1CFA10DA8CFB941EF
assets.ad4m.at/product_image/ Frame BD8A 35 KB
36 KB 72ms
71ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/9A6AB5B03987FD43FC0F4811D9BA44190BAE529CC9CDBC80A1EE8AEE414929F6AA6AD8AD382FDF20E7DF4F4A57A5523074CB0D4B7C5049C1CFA10DA8CFB941EF
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197100%2C765%2C199445&b=ADYaYfqf2VJXsAHRH4tktMMGsRS4TRrAH3JMm%2C7QWSqfzf38crHXHgtAtBGMc4S1TQ8Eu2k1j%2CRx3HgfQfGzwYCkHwH3tQt4dYF9SzTYMAhB3zZ&f=MxGHzfrfjepBCWHEHGtQC661tBS4Txr1CE2g7%2CEjgSDfEfgVhzHAHjt6Cq6daKSVTYr3hBgQ5%2CQxWH4fjfP65ZHxH5HYt9C6ZmH6S4TGD4HEzJ5&c=160&d=600&e=&g=2740e1c93a0954c841ded5be661aa4a0%2F6236052650347061060&i=20773%2C1676%2C30890&j=14%2C4%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1703542844509&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jky0g48whp12nezg6retbkm88jjfak3vhh4fynt25gg20tn5n8xtfrwegza89yhkcbws6ggxws3tzzym2a8qj28gs9y838gj21tc70znkhfhdg9kg9bbstkgxgwrrfsx3kfh820p4pdtrmhy07p9c4n9ww8mm7vf2e44w754cghhrr08cmdjw9k8wgfwmda2pmfvx6d48cqy91zxtvr44cphyad1py95hvy8vk9132ctcd89qrxyajpasdn64dh1dp5gj9mh2rj60e4xj1d6qhm%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCGp0UOwCKZb-3OJyTmLAPkJa0wAOQ4YGEXLaoworwAsCNtwEQASAAYJWipIKwB4IBF2NhLXB1Yi00NzY2NjU2MDc1MzUyODI0yAEJqQIRY4ZOUXiyPqgDAcgDAqoEmgJP0JuNx3sOuOU3Tz258PPZQ--bzVpbxonUTlMnbypF_XTZygKfOxLfZYuzG74SZSM3kz_DdSfJFIWoF8AMxb0BQyITDZ0nxnxwIdzMZBlslCKrQNtzmfbaTCcyku8zDG38Xw1mGMSOEjOJtqsXT-bysHncurfEEF8UMR3cqzlruX-Qk3VNtMcpgZC0DmeiUS5a9mpbMj-smGfIBB4zrB7nGqwZJEaioDRnVVCKaLZoNrHOoCHmi0ugClMeKqH3ZlbEjQ_ly5DEKc1PbhtFenRO76RBV3PxF2CbDpRcxpA9AD75fsXqE0-r4gPlawJ1wqPcw6c8_zgTctga1hZYoF9FJV1tX6bzoF6sWP9yXa3nUHpq8XhcuwE0IDeABvnEndus88zewwGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYpYbJ0M-rgwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1I93El2lPjZx4jNcyAVHzTNSYykg%2526client%253Dca-pub-4766656075352824%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f121a336589baa8e4e36ff8e08c70847b57ad8545b693a2e4e96a0fbda38e42a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 22:20:44 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1059689
cf-polished: qual=85, origFmt=jpeg, origSize=36074
alt-svc: h3=":443"; ma=86400
content-length: 36044
cf-bgj: imgq:85,h2pri
last-modified: Fri, 10 Nov 2023 06:27:23 GMT
server: cloudflare
etag: "7850b9052be937f41ce82bc92c12f968"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MROeGWZ1BiGZfE73xPNCfRWklclQ1mX%2B3kDUI3DhuoARvPOCVmusFMGMq0fYq9YOp24l7sEXeJJkiZYr4ZVvXLGuO3eCcKc3RO2vdZfNO50WTcTd9Njps5sOIOoFOi3PwPyAfih9OdSdvakD"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 83b4791adcfe6ab8-FRA

GET
H2 200 view
t.adcell.com/p/ Frame BD8A 42 B
459 B 134ms
59ms Image
image/gif 2a02:cb40:200::242
SOPRADO-ANY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.adcell.com/p/view?promoId=164800&slotId=46690&pv=1&subId=oneid7QWSqfzf38crHXHgtAtBGMc4S1TQ8Eu2k1joneid__suite_Netmix_Reach118_EXTRAPUSH&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197100%2C765%2C199445&b=ADYaYfqf2VJXsAHRH4tktMMGsRS4TRrAH3JMm%2C7QWSqfzf38crHXHgtAtBGMc4S1TQ8Eu2k1j%2CRx3HgfQfGzwYCkHwH3tQt4dYF9SzTYMAhB3zZ&f=MxGHzfrfjepBCWHEHGtQC661tBS4Txr1CE2g7%2CEjgSDfEfgVhzHAHjt6Cq6daKSVTYr3hBgQ5%2CQxWH4fjfP65ZHxH5HYt9C6ZmH6S4TGD4HEzJ5&c=160&d=600&e=&g=2740e1c93a0954c841ded5be661aa4a0%2F6236052650347061060&i=20773%2C1676%2C30890&j=14%2C4%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1703542844509&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jky0g48whp12nezg6retbkm88jjfak3vhh4fynt25gg20tn5n8xtfrwegza89yhkcbws6ggxws3tzzym2a8qj28gs9y838gj21tc70znkhfhdg9kg9bbstkgxgwrrfsx3kfh820p4pdtrmhy07p9c4n9ww8mm7vf2e44w754cghhrr08cmdjw9k8wgfwmda2pmfvx6d48cqy91zxtvr44cphyad1py95hvy8vk9132ctcd89qrxyajpasdn64dh1dp5gj9mh2rj60e4xj1d6qhm%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCGp0UOwCKZb-3OJyTmLAPkJa0wAOQ4YGEXLaoworwAsCNtwEQASAAYJWipIKwB4IBF2NhLXB1Yi00NzY2NjU2MDc1MzUyODI0yAEJqQIRY4ZOUXiyPqgDAcgDAqoEmgJP0JuNx3sOuOU3Tz258PPZQ--bzVpbxonUTlMnbypF_XTZygKfOxLfZYuzG74SZSM3kz_DdSfJFIWoF8AMxb0BQyITDZ0nxnxwIdzMZBlslCKrQNtzmfbaTCcyku8zDG38Xw1mGMSOEjOJtqsXT-bysHncurfEEF8UMR3cqzlruX-Qk3VNtMcpgZC0DmeiUS5a9mpbMj-smGfIBB4zrB7nGqwZJEaioDRnVVCKaLZoNrHOoCHmi0ugClMeKqH3ZlbEjQ_ly5DEKc1PbhtFenRO76RBV3PxF2CbDpRcxpA9AD75fsXqE0-r4gPlawJ1wqPcw6c8_zgTctga1hZYoF9FJV1tX6bzoF6sWP9yXa3nUHpq8XhcuwE0IDeABvnEndus88zewwGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYpYbJ0M-rgwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1I93El2lPjZx4jNcyAVHzTNSYykg%2526client%253Dca-pub-4766656075352824%2526adurl%253D&y=1&s=&z=0

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:cb40:200::242 , Germany, ASN20546 (SOPRADO-ANY, DE),

Reverse DNS

Software

myracloud /

Resource Hash

b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Dec 2023 22:20:44 GMT
strict-transport-security: max-age=15768000
last-modified: Wed, 11 Jan 2006 12:59:00 GMT
server: myracloud
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length: 42
expires: Sat, 11 Jan 2003 12:59:00 GMT

GET
H3 200 410F9B8729DCCB6529D4265EDE0A8D14768C8A9944E520488DC77FE5BFF69557C6B7A7E11D1C112626794DFE8AD8E81809BE12539B53971F9EA7978EF8E85069
assets.ad4m.at/logo/ Frame BD8A 4 KB
5 KB 74ms
73ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/410F9B8729DCCB6529D4265EDE0A8D14768C8A9944E520488DC77FE5BFF69557C6B7A7E11D1C112626794DFE8AD8E81809BE12539B53971F9EA7978EF8E85069
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197100%2C765%2C199445&b=ADYaYfqf2VJXsAHRH4tktMMGsRS4TRrAH3JMm%2C7QWSqfzf38crHXHgtAtBGMc4S1TQ8Eu2k1j%2CRx3HgfQfGzwYCkHwH3tQt4dYF9SzTYMAhB3zZ&f=MxGHzfrfjepBCWHEHGtQC661tBS4Txr1CE2g7%2CEjgSDfEfgVhzHAHjt6Cq6daKSVTYr3hBgQ5%2CQxWH4fjfP65ZHxH5HYt9C6ZmH6S4TGD4HEzJ5&c=160&d=600&e=&g=2740e1c93a0954c841ded5be661aa4a0%2F6236052650347061060&i=20773%2C1676%2C30890&j=14%2C4%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1703542844509&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jky0g48whp12nezg6retbkm88jjfak3vhh4fynt25gg20tn5n8xtfrwegza89yhkcbws6ggxws3tzzym2a8qj28gs9y838gj21tc70znkhfhdg9kg9bbstkgxgwrrfsx3kfh820p4pdtrmhy07p9c4n9ww8mm7vf2e44w754cghhrr08cmdjw9k8wgfwmda2pmfvx6d48cqy91zxtvr44cphyad1py95hvy8vk9132ctcd89qrxyajpasdn64dh1dp5gj9mh2rj60e4xj1d6qhm%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCGp0UOwCKZb-3OJyTmLAPkJa0wAOQ4YGEXLaoworwAsCNtwEQASAAYJWipIKwB4IBF2NhLXB1Yi00NzY2NjU2MDc1MzUyODI0yAEJqQIRY4ZOUXiyPqgDAcgDAqoEmgJP0JuNx3sOuOU3Tz258PPZQ--bzVpbxonUTlMnbypF_XTZygKfOxLfZYuzG74SZSM3kz_DdSfJFIWoF8AMxb0BQyITDZ0nxnxwIdzMZBlslCKrQNtzmfbaTCcyku8zDG38Xw1mGMSOEjOJtqsXT-bysHncurfEEF8UMR3cqzlruX-Qk3VNtMcpgZC0DmeiUS5a9mpbMj-smGfIBB4zrB7nGqwZJEaioDRnVVCKaLZoNrHOoCHmi0ugClMeKqH3ZlbEjQ_ly5DEKc1PbhtFenRO76RBV3PxF2CbDpRcxpA9AD75fsXqE0-r4gPlawJ1wqPcw6c8_zgTctga1hZYoF9FJV1tX6bzoF6sWP9yXa3nUHpq8XhcuwE0IDeABvnEndus88zewwGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYpYbJ0M-rgwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1I93El2lPjZx4jNcyAVHzTNSYykg%2526client%253Dca-pub-4766656075352824%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d9d687403a888b690e8483af6169d3de1f0f052396edf8fc25078eae056e6180

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 22:20:44 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 434609
cf-polished: origFmt=png, origSize=5793
alt-svc: h3=":443"; ma=86400
content-length: 4226
cf-bgj: imgq:85,h2pri
last-modified: Thu, 12 Oct 2023 15:45:22 GMT
server: cloudflare
etag: "5ee1925a9ba68dabc0123652922954de"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TtMcftp3rAQdW464oiV35T5Mst6HdZeZMFW%2Bx9xb7KZ%2FYzqDNcPwt4hwKqdf9FlSqxYGjfO%2Ft8Uhtidh%2FJ5d25koLIPiertQqfMxrTCNEcyeA4Q%2BvX4%2FycyB1%2FvTS1W69qEKVKDnRqRfSNIz"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 83b4791add006ab8-FRA

GET
H3 200 53F01CC3E9AA51F77B4A486F9C89312C6BE459B3CEDFEC07EDF759CC4D841F8B95329EBAE76CB77EFAEBFD0E1B9BBB671E23D12E8E30017A684429A77A34135C
assets.ad4m.at/ Frame BD8A 31 KB
31 KB 74ms
74ms Image
image/jpeg 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/53F01CC3E9AA51F77B4A486F9C89312C6BE459B3CEDFEC07EDF759CC4D841F8B95329EBAE76CB77EFAEBFD0E1B9BBB671E23D12E8E30017A684429A77A34135C
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197100%2C765%2C199445&b=ADYaYfqf2VJXsAHRH4tktMMGsRS4TRrAH3JMm%2C7QWSqfzf38crHXHgtAtBGMc4S1TQ8Eu2k1j%2CRx3HgfQfGzwYCkHwH3tQt4dYF9SzTYMAhB3zZ&f=MxGHzfrfjepBCWHEHGtQC661tBS4Txr1CE2g7%2CEjgSDfEfgVhzHAHjt6Cq6daKSVTYr3hBgQ5%2CQxWH4fjfP65ZHxH5HYt9C6ZmH6S4TGD4HEzJ5&c=160&d=600&e=&g=2740e1c93a0954c841ded5be661aa4a0%2F6236052650347061060&i=20773%2C1676%2C30890&j=14%2C4%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1703542844509&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jky0g48whp12nezg6retbkm88jjfak3vhh4fynt25gg20tn5n8xtfrwegza89yhkcbws6ggxws3tzzym2a8qj28gs9y838gj21tc70znkhfhdg9kg9bbstkgxgwrrfsx3kfh820p4pdtrmhy07p9c4n9ww8mm7vf2e44w754cghhrr08cmdjw9k8wgfwmda2pmfvx6d48cqy91zxtvr44cphyad1py95hvy8vk9132ctcd89qrxyajpasdn64dh1dp5gj9mh2rj60e4xj1d6qhm%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCGp0UOwCKZb-3OJyTmLAPkJa0wAOQ4YGEXLaoworwAsCNtwEQASAAYJWipIKwB4IBF2NhLXB1Yi00NzY2NjU2MDc1MzUyODI0yAEJqQIRY4ZOUXiyPqgDAcgDAqoEmgJP0JuNx3sOuOU3Tz258PPZQ--bzVpbxonUTlMnbypF_XTZygKfOxLfZYuzG74SZSM3kz_DdSfJFIWoF8AMxb0BQyITDZ0nxnxwIdzMZBlslCKrQNtzmfbaTCcyku8zDG38Xw1mGMSOEjOJtqsXT-bysHncurfEEF8UMR3cqzlruX-Qk3VNtMcpgZC0DmeiUS5a9mpbMj-smGfIBB4zrB7nGqwZJEaioDRnVVCKaLZoNrHOoCHmi0ugClMeKqH3ZlbEjQ_ly5DEKc1PbhtFenRO76RBV3PxF2CbDpRcxpA9AD75fsXqE0-r4gPlawJ1wqPcw6c8_zgTctga1hZYoF9FJV1tX6bzoF6sWP9yXa3nUHpq8XhcuwE0IDeABvnEndus88zewwGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYpYbJ0M-rgwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1I93El2lPjZx4jNcyAVHzTNSYykg%2526client%253Dca-pub-4766656075352824%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 80f50929d3405fe521ed603dc6bb8fae7967b1cc0c527d07f9e1f32cd1e54d35

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 22:20:44 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2315480
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400
content-length: 31447
cf-bgj: imgq:85,h2pri
last-modified: Fri, 10 Nov 2023 13:12:21 GMT
server: cloudflare
etag: "8e94f34854f878ed3f2dc00ced543e82"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lQaMu1b1ppQpJb%2F7Zmkr4tr%2BffUegaocaAjyi0Eycn6sTByxZ4I%2B9H%2FjSaOseYP1m7pWRZikxk4qPeptwSGQHZlwKvz2Zh3Kk%2BbmekSMUaxAWg0QkynHWWlYwmjnLOb64r6wsIEInguP1FDy"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 83b4791add026ab8-FRA

GET
H2

200

htlp
www.guenther.de/ Frame BD8A
Redirect Chain

https://www.awin1.com/cshow.php?s=2527593&v=14063&q=365261&r=412871&pv=1&pref3=oneidRx3HgfQfGzwYCkHwH3tQt4dYF9SzTYMAhB3zZoneid__suite_Netmix_Reach118_EXTRAPUSH&gdpr_consent=&gdpr=0&gdpr_pd=0
https://www.guenther.de/htlp?awc=14063_412871_1703542844_d8b32650-a373-11ee-9488-2234841a3abe

0
481 B

208ms
134ms

Image
text/html

37.208.110.235
UVENSYS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.guenther.de/htlp?awc=14063_412871_1703542844_d8b32650-a373-11ee-9488-2234841a3abe

Requested by

Protocol

Server

37.208.110.235 , Germany, ASN58010 (UVENSYS, DE),

Reverse DNS

web01.g-direct.de

Software

nginx / pimcore

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 22:20:44 GMT
strict-transport-security: max-age=15768000
content-encoding: gzip
server: nginx
x-powered-by: pimcore
content-language: de
content-type: text/html; charset=UTF-8
cache-control: max-age=0, must-revalidate, private
x-pimcore-output-cache-disable-reason: Session in use
expires: Mon, 25 Dec 2023 22:20:44 GMT

Redirect headers

Date: Mon, 25 Dec 2023 22:20:44 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location: https://www.guenther.de/htlp?awc=14063_412871_1703542844_d8b32650-a373-11ee-9488-2234841a3abe
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 0

GET
H2 429 link.html
track.webgains.com/ Frame 9741 0
0 104ms
51ms Script
text/html 13.41.26.165
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=2370525&wgcampaignid=1384975&wgprogramid=265645&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1jrcs2h8en2ymb7s4fdx9jxdxwt8ka7q60mv481s1k4zxh55wj2s0szjyyy46z31at9x8r7dp8ffv3rkv4xk6zt1gcag15pw6kwxamc37fxa371e7htewzh026pqmvt5jcewd01zyqh4vwnmj5e26aedm8s0th96etfa7bwt43w15thw04sj5m4bgxwvd86tn84yrxq3vjn4fgnzrzqr0rws4rmhhe8jzcp5cnt1qsd7q4k77baxnwmqgvvegs8zevkg%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1g9k4gy9s8say8kxpkefqswk01wasxs1e549r8zd3v4ejnv013h2aaqdfagxspemjsjhcmwp0cm690nha7cv0gpa7cdyh9k69309sc5shw6axrj1fvzxj1twfczfmbdapeb82ms4gt0r3bvdx2e1ygsa6t0wwv1xnhj5qfcg3tcfdm1mbs8abq5nc1s2bnh9hcmms8wp3kax8mz5t3enqbffjgkw3jp44gbkd64qsj2bzgcx7a812ncgb1njj5cvbffv2kx9m1dfczz31v8m1vmr%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCjabNOwCKZaHiN4vE9u8Pr7eS4AOQ4YGEXLaoworwAsCNtwEQASAAYJWipIKwB4IBF2NhLXB1Yi00NzY2NjU2MDc1MzUyODI0yAEJqQIRY4ZOUXiyPqgDAcgDAqoEmQJP0GDVPx2-HIFJ4_DO5-AZ_Usvc1Ew0hF0ShpGECcspFxlQ6y-VX-86iEBa9ifQJ_bCcqFSwqY10bA9bzv_qgSUmSUZVwo1e1eA8kOzu1IgssZ_t5HtJYmmpZW8ZHNsXW4xWWv1o1bKb96jH-zNs0Z0H98ldBKn2DViwdPEeeZcOh8UFKp-aninbmIQ8EbRhsDrZ2mbnftNvWDgjFtvTDtRZsP9z4X2xtHhsQrdzUVX7F7MEUBck3jRbAy7fq5rthigWu4cvjq4OCg6YbiKcu6N6G7Ib8DgzwjAky94ehuO6FV2z8dKrK2to9PQAh95leMaVZhJAlukTxUh1BJ6Eo5UQUXE-6bP7FbaheVhlmgPxlxi8X0aeibnYAGx5G4oZi-xt9soAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WPvFyNDPq4MD-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_3Sv86g3e0VJzP1tbgCWTF9HmFMcg%252526client%25253Dca-pub-4766656075352824%252526adurl%25253D&clickref=oneidDjBS3fwfGA3rF3HmH9twCZ3kTxSmTYEXhZMAzoneid__suite_Netmix_Reach118_EXTRAPUSH&viewref=oneide7mt3fVfrkRMajHZHet1t4jXTwSQTK3gsJxrjoneid__suite_Netmix_Reach118_EXTRAPUSH
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=196438%2C183975%2C23576&b=GjMSBfpfXwx9UKHeHGtPt31dHZSYTJ78sQVeB%2Ce7mt3fVfrkRMajHZHet1t4jXTwSQTK3gsJxrj%2CdE7HEfkf8x8cEHjHwtEtbbrfeS4T59ATgVmM&f=Vx4HwfmfDjJEfVHbHAtXC8j4cBSzTgbrUDJdX%2CDjBS3fwfGA3rF3HmH9twCZ3kTxSmTYEXhZMAz%2CK1mCRfZfjwju5HMHktzCBB4C7SAT84Jtp2Qx&c=728&d=90&e=&g=ad23e113f62ea3fa4eb767672c96042c%2F4565384704278724705&i=25174%2C20597%2C20774&j=16%2C21%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1703542844486&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g9k4gy9s8say8kxpkefqswk01wasxs1e549r8zd3v4ejnv013h2aaqdfagxspemjsjhcmwp0cm690nha7cv0gpa7cdyh9k69309sc5shw6axrj1fvzxj1twfczfmbdapeb82ms4gt0r3bvdx2e1ygsa6t0wwv1xnhj5qfcg3tcfdm1mbs8abq5nc1s2bnh9hcmms8wp3kax8mz5t3enqbffjgkw3jp44gbkd64qsj2bzgcx7a812ncgb1njj5cvbffv2kx9m1dfczz31v8m1vmr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCjabNOwCKZaHiN4vE9u8Pr7eS4AOQ4YGEXLaoworwAsCNtwEQASAAYJWipIKwB4IBF2NhLXB1Yi00NzY2NjU2MDc1MzUyODI0yAEJqQIRY4ZOUXiyPqgDAcgDAqoEmQJP0GDVPx2-HIFJ4_DO5-AZ_Usvc1Ew0hF0ShpGECcspFxlQ6y-VX-86iEBa9ifQJ_bCcqFSwqY10bA9bzv_qgSUmSUZVwo1e1eA8kOzu1IgssZ_t5HtJYmmpZW8ZHNsXW4xWWv1o1bKb96jH-zNs0Z0H98ldBKn2DViwdPEeeZcOh8UFKp-aninbmIQ8EbRhsDrZ2mbnftNvWDgjFtvTDtRZsP9z4X2xtHhsQrdzUVX7F7MEUBck3jRbAy7fq5rthigWu4cvjq4OCg6YbiKcu6N6G7Ib8DgzwjAky94ehuO6FV2z8dKrK2to9PQAh95leMaVZhJAlukTxUh1BJ6Eo5UQUXE-6bP7FbaheVhlmgPxlxi8X0aeibnYAGx5G4oZi-xt9soAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WPvFyNDPq4MD-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3Sv86g3e0VJzP1tbgCWTF9HmFMcg%2526client%253Dca-pub-4766656075352824%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.41.26.165 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-41-26-165.eu-west-2.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 22:20:44 GMT
server: awselb/2.0
content-length: 45
content-type: text/html

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/ Frame 9988 9 KB
4 KB 22ms
21ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.paranaturismo.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 65017
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4130
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 25 Dec 2023 04:17:07 GMT
etag: 5585625838579639069
expires: Mon, 08 Jan 2024 04:17:07 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/ Frame 8B15 9 KB
4 KB 22ms
22ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.paranaturismo.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 65017
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4130
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 25 Dec 2023 04:17:07 GMT
etag: 5585625838579639069
expires: Mon, 08 Jan 2024 04:17:07 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dr Show response
as.ad4m.at/ad/ Frame 9B19 2 KB
3 KB 46ms
46ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1gwcr6yx0q1xerbgnsyp1twbe0kjg5p7519jnx12j06frmmkhcm27ewy854xnqp4x3eaykhzgggcnyja02wxtp0gcdedh1w836cpe6pqx3x5q72wqd15fthksz5ks383na938x6wz03bbm6mvr956vtjgcp24rd461q9rf721d8kkp1a6xr5622b0ws32qw5a2x7kpeaadz91s043ae3c373xj1ypgw90cyfnnp67496z5nk3r8ske5d1c8bhhqd17fjgdty98mdkn09hn0k783ka28414n9rwf8d30w5t07em4c8x3gm1x2sk8vdmj9x6s970pbazrqa5qqm5nx6tsta9sfrzpnt2dh9rq13kh99hk8g3m33sjtx9wxc7pban2gkdkbs5mwxvvm94wscj196dm0e7awwezh9c73g9vk9q9jjvd8sz4hp2fmcj22cdr3k0e9wg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCJfYPOwCKZZahOJz3mLAP59itmA6Q4YGEXLaoworwAsCNtwEQASAAYJWCgICoB4IBF2NhLXB1Yi00NzY2NjU2MDc1MzUyODI0yAEJqQIRY4ZOUXiyPqgDAcgDAqoEmgJP0PeFROxOycK6Lmg_9VNKzI37mkkFnPw5tkewQEqCTQB5-yOt_KniiqJUPQZQKHNkCw_xiMre7MYeDTVgTviyGvfhGj0GqeAWCJ5PhftflEDoaxIo4sK6wmUXsJb-HXxXSQw-ozGRHi-iE4MGgWg4BdZLsdAXvahCSA_EnUAL-LROdBSrU5pmNuev0Bq1NvnAtFTXX9Z1OirN_I_aNmAxYlmATtCXluw_SwLBr0_tfSnjyWxl5iZ5p-UU-7Cmtdw-NgaXHfjFtBk3PPPCQuQ6JSC6yx0DvIWfsbVUDqkmK0aWf7dYmTRZIwXZV3KE3DOABSdgB042HvDdqn6ZYobLvKCLcC6feZEf3FOlAvYnFNisvBc7670RbY2ABvnEndus88zewwGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYwdXI0M-rgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3O8J_IwTbI3GueqlCiVCuHUfW8aQ%26client%3Dca-pub-4766656075352824%26adurl%3D

Requested by

Host: www.paranaturismo.com.br
URL: https://www.paranaturismo.com.br/lunardelli/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bdac3fe6194360ac819c83f48b5118d17fdbbe71a3797c169c64e729a8ae610e

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src ;connect-src https:;default-src 'self';font-src ;form-action 'none';frame-src ;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src 'unsafe-inline'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 83b4791bbdc86ab8-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Mon, 25 Dec 2023 22:20:44 GMT
expires: 0
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy: accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 487F 3 KB
1 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js

Requested by

Host: www.paranaturismo.com.br
URL: https://www.paranaturismo.com.br/lunardelli/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 20:41:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5925
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 08 Jan 2024 20:41:59 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 740B 1 KB
643 B 22ms
22ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: www.paranaturismo.com.br
URL: https://www.paranaturismo.com.br/lunardelli/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 6050
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 25 Dec 2023 20:39:54 GMT
etag: 48472445140208031
expires: Tue, 26 Dec 2023 20:39:54 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 487F 20 KB
8 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: www.paranaturismo.com.br
URL: https://www.paranaturismo.com.br/lunardelli/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 01:54:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73585
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 08 Jan 2024 01:54:19 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 487F 203 KB
64 KB 51ms
51ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: www.paranaturismo.com.br
URL: https://www.paranaturismo.com.br/lunardelli/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 22:20:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65731
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 25 Dec 2023 22:20:44 GMT

GET
H3 200 dr Show response
as.ad4m.at/ad/ Frame 71C5 2 KB
3 KB 49ms
49ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1g4r0eb7vebnwvddsfz11p6mdym2wfnyw5pvwd6wb2x8jj18d66edn134k5ay006gcsx2yvnzwt8y3p6g2c0aw98p3h9aw17hqz30k9q5nt995ds8aj0xqvwbnx4s34bqvgwxgkc1tym2fag57yjczsbys4cqwsen63pfm2dn85bwp623exgm2rt6em2dpz1rj4j0633ntdckbvpsf4zqsje66bthsvbtrfa3gd7m4aqhx3ptwem71e1tv3a1ntgsx1t6jv8b22eh2853rmvd6ycqcstcp89wytmc34jbdm8h6c47bwc464fnxjc4fprfhyhcfnpg7tqnj0krsj4qpg3zd55z57dhnpwsv7gva181z6s9j49ds430546srdc1c4cesezkhv9ff2ahqbw0x5serrqagr5403gjsvt2zsk80s1hxtk2&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCiU42OwCKZZehOJz3mLAP59itmA6Q4YGEXLaoworwAsCNtwEQASAAYJWCgICoB4IBF2NhLXB1Yi00NzY2NjU2MDc1MzUyODI0yAEJqQIRY4ZOUXiyPqgDAcgDAqoEmgJP0FvycjXe_1kHWtTjnYzqJVCrL7kx4yJ1nz6rFPReUkBkYz2zeBkzLjJsWJZ5Alcq3gOhWHpRFnpBnjLbSUI_n6puaG8zbdqUwFdx6u5okiXjrpFKatyooi9ZzEBaPEYmBgxw8dAvoWl2uqmNPfDyXbswgNfDNe_qZOWW9jJbzDoNY7-FHLNAGjz3E2Zp9zB3b0u4GvxGZFQnuonsUdnL5cCs1oWGnKFuljvPUkUFSPD-qZKriQEcsJzTCOzTSutUGMadUJNSmM1qNC8N4TopYV4abgAc-u7QmqGj_R_DzkWQtg_TTLMBEbuTLJ8qAdjGxd5W7WV-kQ-Q9-8fh4tEgum0fr9r0GG5xQWrJvLy5Y80gHa4DklJhlSABujT1d-Jy93T1gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYwdXI0M-rgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_15sxHpokwjHNY7Qy8d3lcCdRcVUA%26client%3Dca-pub-4766656075352824%26adurl%3D

Requested by

Host: www.paranaturismo.com.br
URL: https://www.paranaturismo.com.br/lunardelli/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d714f5906b6828c8e3906cca2da6502f21660da54a9caabd2db962097fd8c863

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src ;connect-src https:;default-src 'self';font-src ;form-action 'none';frame-src ;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src 'unsafe-inline'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 83b4791bdde86ab8-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Mon, 25 Dec 2023 22:20:44 GMT
expires: 0
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy: accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 6C9B 3 KB
1 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js

Requested by

Host: www.paranaturismo.com.br
URL: https://www.paranaturismo.com.br/lunardelli/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 20:41:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5925
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 08 Jan 2024 20:41:59 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame C5DA 1 KB
643 B 24ms
24ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: www.paranaturismo.com.br
URL: https://www.paranaturismo.com.br/lunardelli/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 6050
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 25 Dec 2023 20:39:54 GMT
etag: 48472445140208031
expires: Tue, 26 Dec 2023 20:39:54 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 6C9B 20 KB
8 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: www.paranaturismo.com.br
URL: https://www.paranaturismo.com.br/lunardelli/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 01:54:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73585
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 08 Jan 2024 01:54:19 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 6C9B 0
0 33ms
33ms Image
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSKhnUusG-qxjDuOoe2d4wAihgDCxKUCxgiyHKkSXSKtRhqTEytA7fAX66CBJGG-oCtTGHvW_-u2_3HzXizz0q74eL0xQ
Requested by: Host: www.paranaturismo.com.br
URL: https://www.paranaturismo.com.br/lunardelli/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6C9B 203 KB
64 KB 78ms
77ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: www.paranaturismo.com.br
URL: https://www.paranaturismo.com.br/lunardelli/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 22:20:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65731
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 25 Dec 2023 22:20:44 GMT

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame DD0A 53 KB
19 KB 109ms
32ms Script
application/javascript 18.66.147.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=3641431&wgcampaignid=1384975&wgprogramid=286305&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1heh90z6wqdpkdr81wwkna9d4b5pexnjfq6scwfccx64369a7dr3a40mp8phwb2r3gknjcfgt53aqgqxap1ry54h7x3a7xh203fs4m099h3a8bs8zcr2vr26n5p1zqrj3j5qeyyqwyjfq625yyfkv85ex7r3579kc29cgsbsk7x6493bd6570ngwwe8zzvy2y05ha19q3bst4j1amxt04hkjr2atgrbskvxxk63b5t7brj7zrthvfr6a6tjf36qqc0z0%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gy40w9tx9095cmnndrcgdeqngkpp0nj7pd3mpdkem9h83t4wjw9rrpbntcscr9zwzec4gqbj2j6zp3hhcmq7kt312y5zjy62re14410nbs5ctf1ygz81gd0vnjx340v643y3vdm6tjftgp02j9vyg1jxevpagq6qjk93qj4ep7hjrw84bw29vbb5sh76g87gstzwkcbtbvf7dba3kkex7ktew25va7w76t3xp1nkfskxqb9wyr4xqknjtnt9qq5kz5f8cf3v9tvs1t0qht17wms%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCkS20OwCKZYf7N9KI1wazjJq4AZDhgYRctqjCivACwI23ARABIABglaKkgrAHggEXY2EtcHViLTQ3NjY2NTYwNzUzNTI4MjTIAQmpAhFjhk5ReLI-qAMByAMCqgSZAk_Qc9zH2_Sz2GxxBDvhfUg5fnk2Q-IAdKxkGIR8ALGhKIfbcyr29s_2Rj5og1fDlZRepQNAjTSyZsIXKEqEX6SMuSfWqrK8z3KqRKdU4xadGQYzrmVNYv_jfW7jdsIEzHc-F_ZaeYxz9TLQ5DmXtatNOkguFdMVUhWvKF-_ODpnz3JD7ZDyJh7pNmlnLJ1FvFxap384kbk6OxYdfCJCRpB_DX8Hn_6eptLoozWo3oK_pfmeI9LOvTMLiG95FcuqZQlq7KIWVfAiRHI1yQKiiDkRl8BnfHCbEtSLiIoOeGsU8oQWC8GtyNByA2XNRH8LE-26QJC2l8mNH0XMLRtXUTcttcoaEZSxKxn0eFsADUHnNXLZkSWe30J1gAbF76qXrOryphygBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYl8rI0M-rgwP6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_1952ya8fZ910P_mJoyi5pP1WtiJQ%252526client%25253Dca-pub-4766656075352824%252526adurl%25253D&clickref=oneidQxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5oneid__suite_Netmix_Reach118_EXTRAPUSH&viewref=oneidRx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZoneid__suite_Netmix_Reach118_EXTRAPUSH
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-41.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fbc6bed540723f219a878e5735ae8cb1c05aa9f7012bf21870cd79e41af25bcd

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 01:58:54 GMT
content-encoding: gzip
via: 1.1 dde951f556570d42a581084479d8b0e8.cloudfront.net (CloudFront)
last-modified: Sat, 09 Dec 2023 12:01:22 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 73311
etag: W/"1180a1bfee0aad979766ecd6180b923e"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: JIB-VN1GIuEU00CO7iD9YNq6CAxUogBa8vjZQuLdvUDtm5PXRu4fWg==

GET
H2 200 1619604937_fPkEZHu3MNy3GC7XuV3lA1s9E5XlSAcF.png
cdn.track.production.webgains.team/286305/ Frame DD0A 15 KB
15 KB 162ms
53ms Image
image/png 52.84.45.100
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.track.production.webgains.team/286305/1619604937_fPkEZHu3MNy3GC7XuV3lA1s9E5XlSAcF.png?Expires=1703543144&Signature=ikzRk8weFb5wRt-gV5DG9E3CvIPYJ1b4vFgmoT65uGwnKwHog-Ax2Qwh6ERw4sCKiIwCYHVlu-diK~Fo1ybVSci8ExUhh46fFds~n9TYkBEjOO32mXRRsMDRTIP47MO0V5URzR3kg0sbu19OBqWfUVw5jN4N7vfDZCr~aufpcbuemO8Dza2qmN-MfNrrIV1ZVmI6oEcDXxzpKnUzcKmFLFAgqlj1D7oZ7hHgGMGXyQAhJMpHFTBeDtkGwWny3q8PVeZUtRfaY9-377i9qo0dNzrZ2m~-Awb3Wucjw41DX5jeii5kHG3-8GiKi69s6zn8wQlhOnBUHb5a189~XLZs1g__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862&b=Rx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ&f=QxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5&c=320&d=50&e=&g=e2eaa6b7231780b2f2b3870f08acc77d%2F5666372123874972876&i=71725&j=21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1703542844431&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gy40w9tx9095cmnndrcgdeqngkpp0nj7pd3mpdkem9h83t4wjw9rrpbntcscr9zwzec4gqbj2j6zp3hhcmq7kt312y5zjy62re14410nbs5ctf1ygz81gd0vnjx340v643y3vdm6tjftgp02j9vyg1jxevpagq6qjk93qj4ep7hjrw84bw29vbb5sh76g87gstzwkcbtbvf7dba3kkex7ktew25va7w76t3xp1nkfskxqb9wyr4xqknjtnt9qq5kz5f8cf3v9tvs1t0qht17wms%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCkS20OwCKZYf7N9KI1wazjJq4AZDhgYRctqjCivACwI23ARABIABglaKkgrAHggEXY2EtcHViLTQ3NjY2NTYwNzUzNTI4MjTIAQmpAhFjhk5ReLI-qAMByAMCqgSZAk_Qc9zH2_Sz2GxxBDvhfUg5fnk2Q-IAdKxkGIR8ALGhKIfbcyr29s_2Rj5og1fDlZRepQNAjTSyZsIXKEqEX6SMuSfWqrK8z3KqRKdU4xadGQYzrmVNYv_jfW7jdsIEzHc-F_ZaeYxz9TLQ5DmXtatNOkguFdMVUhWvKF-_ODpnz3JD7ZDyJh7pNmlnLJ1FvFxap384kbk6OxYdfCJCRpB_DX8Hn_6eptLoozWo3oK_pfmeI9LOvTMLiG95FcuqZQlq7KIWVfAiRHI1yQKiiDkRl8BnfHCbEtSLiIoOeGsU8oQWC8GtyNByA2XNRH8LE-26QJC2l8mNH0XMLRtXUTcttcoaEZSxKxn0eFsADUHnNXLZkSWe30J1gAbF76qXrOryphygBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYl8rI0M-rgwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1952ya8fZ910P_mJoyi5pP1WtiJQ%2526client%253Dca-pub-4766656075352824%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.84.45.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-84-45-100.mrs52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 60bf02832688d14251ec1c7b8acfda233a91f927f26c7202bdaba781a1f0fcdf

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: null
date: Mon, 25 Dec 2023 13:28:53 GMT
via: 1.1 51f76c8cc795edfca51e07563f87887c.cloudfront.net (CloudFront)
last-modified: Fri, 06 May 2022 10:41:35 GMT
server: AmazonS3
x-amz-cf-pop: MRS52-P1
age: 31950
etag: "d4e8f970f24f6d19b53aa92b1907c1ef"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 15054
x-amz-cf-id: 2niSLj3NdAxJK05XPa-F8BGjgqMiYQAF0CL7gHAUvY1VnBM67-ceMw==

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame ED51 53 KB
19 KB 105ms
28ms Script
application/javascript 18.66.147.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=3641431&wgcampaignid=1384975&wgprogramid=286305&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1kp4bd722mejm81yenx875fyyq5ca10tey6r7ehevf03q2fzmjqjenwdqktqwy262ja7j86p3m5bmf5wvv12mmdh3d2nsmmncvdkqweab1z5fa1nkeyzzd8bnejvs96deptbrhjrgkyrmk7ed3dhm69c16vekrz9rffpwzre7fdhvc4p7030nr4xxrc9n6egns2m3rspvt34gvtdckspvhr4597w16cnfzqhb4cgvh168xvjgmkfbdxajm3nwda3s8ecp%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1j7qapmvpbe50gecgw9cnb5ddk2jqdvf6767g4x2ejzehwf7akq433kepytwd2an91dyrkb6pyk2qbyf2qdw8a3s15d2y7f5z74s3jfyzcmnzm2q9ydg32mn5bhpwj77vmhs824as3gcfd8tpdc5gskn3xhdbdfcxpj1h30ykhgf95j8p8a9tr0j1vf48mmvnw0tx7k3etza9a1gn31gjhtdhetdfjnsq14f5yzs4ec6z3fqryjaxsk40axk7hn9ycbjmarw4j4xxg9m440t7b97%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCi7XcOwCKZcX7N6jJmLAPjdea2AeQ4YGEXLaoworwAsCNtwEQASAAYJWipIKwB4IBF2NhLXB1Yi00NzY2NjU2MDc1MzUyODI0yAEJqQIRY4ZOUXiyPqgDAcgDAqoEoAJP0NcqJtg55nB97JQdWA9hOfZx658I9BM70u2wKuatPeCCl73oqHIJb06E8gPpkN78w_jwiJCk6TbTFuxURvadFFk735Y2Wk8ry37wu_gpweFbfdBKj-lJ-tIIO4v0OTu9mPDxbvjTi2Y9xfZNZ91EzZsMWYOuzzUbVnoVIUWOzB7Kj_vTOYmYjm8iIy2SN5ZE8lZJ0ZOLnhW94Avz7-O-S4JAcrsJsnmcofKH-CkGLwNCfgt78QsqaBx7sERWmeAsR7aRqkTj87b5tuUm6WkwqB3B41GcZ0SU9dVxwxmN76BUUw1KjlemuLbvQA8hYhLg0vVocKaWOWpXA2gAdauO-Z4iKFGjfb57ZL6YKal3NH9r_i6di2F3Ur7hak8L7IqABunliPTnivbzeaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOljCzsjQz6uDA_oLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_1x-587HaxUC_6pOl6qHjyOystF2w%252526client%25253Dca-pub-4766656075352824%252526adurl%25253D&clickref=oneidQxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5oneid__suite_Netmix_Reach118_EXTRAPUSH&viewref=oneidRx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZoneid__suite_Netmix_Reach118_EXTRAPUSH
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-41.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fbc6bed540723f219a878e5735ae8cb1c05aa9f7012bf21870cd79e41af25bcd

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 01:58:54 GMT
content-encoding: gzip
via: 1.1 dde951f556570d42a581084479d8b0e8.cloudfront.net (CloudFront)
last-modified: Sat, 09 Dec 2023 12:01:22 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 73311
etag: W/"1180a1bfee0aad979766ecd6180b923e"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: 23P0aAU-Ax2p-i1cXzuIOngj_LRhxX26-2pMHUB57xwofihYFKEeyA==

GET
H2 200 1619604937_fPkEZHu3MNy3GC7XuV3lA1s9E5XlSAcF.png
cdn.track.production.webgains.team/286305/ Frame ED51 15 KB
15 KB 154ms
46ms Image
image/png 52.84.45.100
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.track.production.webgains.team/286305/1619604937_fPkEZHu3MNy3GC7XuV3lA1s9E5XlSAcF.png?Expires=1703543144&Signature=ikzRk8weFb5wRt-gV5DG9E3CvIPYJ1b4vFgmoT65uGwnKwHog-Ax2Qwh6ERw4sCKiIwCYHVlu-diK~Fo1ybVSci8ExUhh46fFds~n9TYkBEjOO32mXRRsMDRTIP47MO0V5URzR3kg0sbu19OBqWfUVw5jN4N7vfDZCr~aufpcbuemO8Dza2qmN-MfNrrIV1ZVmI6oEcDXxzpKnUzcKmFLFAgqlj1D7oZ7hHgGMGXyQAhJMpHFTBeDtkGwWny3q8PVeZUtRfaY9-377i9qo0dNzrZ2m~-Awb3Wucjw41DX5jeii5kHG3-8GiKi69s6zn8wQlhOnBUHb5a189~XLZs1g__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=3641431&wgcampaignid=1384975&wgprogramid=286305&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1kp4bd722mejm81yenx875fyyq5ca10tey6r7ehevf03q2fzmjqjenwdqktqwy262ja7j86p3m5bmf5wvv12mmdh3d2nsmmncvdkqweab1z5fa1nkeyzzd8bnejvs96deptbrhjrgkyrmk7ed3dhm69c16vekrz9rffpwzre7fdhvc4p7030nr4xxrc9n6egns2m3rspvt34gvtdckspvhr4597w16cnfzqhb4cgvh168xvjgmkfbdxajm3nwda3s8ecp%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1j7qapmvpbe50gecgw9cnb5ddk2jqdvf6767g4x2ejzehwf7akq433kepytwd2an91dyrkb6pyk2qbyf2qdw8a3s15d2y7f5z74s3jfyzcmnzm2q9ydg32mn5bhpwj77vmhs824as3gcfd8tpdc5gskn3xhdbdfcxpj1h30ykhgf95j8p8a9tr0j1vf48mmvnw0tx7k3etza9a1gn31gjhtdhetdfjnsq14f5yzs4ec6z3fqryjaxsk40axk7hn9ycbjmarw4j4xxg9m440t7b97%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCi7XcOwCKZcX7N6jJmLAPjdea2AeQ4YGEXLaoworwAsCNtwEQASAAYJWipIKwB4IBF2NhLXB1Yi00NzY2NjU2MDc1MzUyODI0yAEJqQIRY4ZOUXiyPqgDAcgDAqoEoAJP0NcqJtg55nB97JQdWA9hOfZx658I9BM70u2wKuatPeCCl73oqHIJb06E8gPpkN78w_jwiJCk6TbTFuxURvadFFk735Y2Wk8ry37wu_gpweFbfdBKj-lJ-tIIO4v0OTu9mPDxbvjTi2Y9xfZNZ91EzZsMWYOuzzUbVnoVIUWOzB7Kj_vTOYmYjm8iIy2SN5ZE8lZJ0ZOLnhW94Avz7-O-S4JAcrsJsnmcofKH-CkGLwNCfgt78QsqaBx7sERWmeAsR7aRqkTj87b5tuUm6WkwqB3B41GcZ0SU9dVxwxmN76BUUw1KjlemuLbvQA8hYhLg0vVocKaWOWpXA2gAdauO-Z4iKFGjfb57ZL6YKal3NH9r_i6di2F3Ur7hak8L7IqABunliPTnivbzeaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOljCzsjQz6uDA_oLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_1x-587HaxUC_6pOl6qHjyOystF2w%252526client%25253Dca-pub-4766656075352824%252526adurl%25253D&clickref=oneidQxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5oneid__suite_Netmix_Reach118_EXTRAPUSH&viewref=oneidRx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZoneid__suite_Netmix_Reach118_EXTRAPUSH
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.84.45.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-84-45-100.mrs52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 60bf02832688d14251ec1c7b8acfda233a91f927f26c7202bdaba781a1f0fcdf

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: null
date: Mon, 25 Dec 2023 13:28:53 GMT
via: 1.1 51f76c8cc795edfca51e07563f87887c.cloudfront.net (CloudFront)
last-modified: Fri, 06 May 2022 10:41:35 GMT
server: AmazonS3
x-amz-cf-pop: MRS52-P1
age: 31950
etag: "d4e8f970f24f6d19b53aa92b1907c1ef"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 15054
x-amz-cf-id: SI5Fh1sR9zhQExzf0VGfSHTMQh3AN_iE3ouW7c36nrtqxAEbU6gnSw==

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 740B
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEBEM92jLhx9LsRT_OVRLGrA&google_cver=1&google_push=AXcoOmTbEHgcUBOq25Ui1a8Cb7uuMRFhKrsF1kqAGHCdF0lucm01JarADouVOO7grO-KWKoFXyB90wOAE6ZmKSrPs67z5VuBbFbB20BV
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=OTEwOTIwODkyNzExNjc1MzM3Mw==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEBEM92jLhx9LsRT_OVRLGrA&google_cver=1

43 B
398 B

83ms
82ms

Image
image/gif

2001:678:cb4:bbbb::11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEBEM92jLhx9LsRT_OVRLGrA&google_cver=1
Requested by: Host: www.paranaturismo.com.br
URL: https://www.paranaturismo.com.br/lunardelli/
Protocol: H2
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 25 Dec 2023 22:20:44 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Mon, 25 Dec 2023 22:20:44 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEBEM92jLhx9LsRT_OVRLGrA&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 740B
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEN9PCHSOe1UMP1VyZzvj4qs&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEN9PCHSOe1UMP1VyZzvj4qs&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=S21iY25sOGQxUmhUanU1&google_gid=CAESEN9PCHSOe1UMP1VyZzvj4qs&google_cver=1&google_push=AXcoOmRKuGvYO00hBhqBAsAxBl3GB8wAUe0_PWVKee_kiKT...

170 B
188 B

33ms
33ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=S21iY25sOGQxUmhUanU1&google_gid=CAESEN9PCHSOe1UMP1VyZzvj4qs&google_cver=1&google_push=AXcoOmRKuGvYO00hBhqBAsAxBl3GB8wAUe0_PWVKee_kiKT4Kb2IJqXoojyZYRBBt1iRKH2HAhDqsLaTNlBI8jKQI7z3bNx6ClK9pko

Requested by

Host: www.paranaturismo.com.br
URL: https://www.paranaturismo.com.br/lunardelli/

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Dec 2023 22:20:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 25 Dec 2023 22:20:44 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-795-gb641a57#rel-ec2-master i-091a6d662d9a132c7@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=S21iY25sOGQxUmhUanU1&google_gid=CAESEN9PCHSOe1UMP1VyZzvj4qs&google_cver=1&google_push=AXcoOmRKuGvYO00hBhqBAsAxBl3GB8wAUe0_PWVKee_kiKT4Kb2IJqXoojyZYRBBt1iRKH2HAhDqsLaTNlBI8jKQI7z3bNx6ClK9pko
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 740B
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WllvQVBBQUpxQUp4N0FCZA==&google_gid=CAESEFY_K31LKJrGIx_HEoJ2jIQ&google_cver=1&google_push=AXcoOmSQ2TeGjlJC9p1E2_Vn_OHlxhtZFp...

170 B
188 B

35ms
35ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WllvQVBBQUpxQUp4N0FCZA==&google_gid=CAESEFY_K31LKJrGIx_HEoJ2jIQ&google_cver=1&google_push=AXcoOmSQ2TeGjlJC9p1E2_Vn_OHlxhtZFp7QQekNs1x0g4uZ_Xry2WP7kPRQbpSHr4rmD4p52ZmFxo4xiZvfnclzcirKyMgndBSK5-X5

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Dec 2023 22:20:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-cph2320056-CPH
pragma: no-cache
date: Mon, 25 Dec 2023 22:20:44 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1703542845.797178,VS0,VE0
x-cache: HIT
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WllvQVBBQUpxQUp4N0FCZA==&google_gid=CAESEFY_K31LKJrGIx_HEoJ2jIQ&google_cver=1&google_push=AXcoOmSQ2TeGjlJC9p1E2_Vn_OHlxhtZFp7QQekNs1x0g4uZ_Xry2WP7kPRQbpSHr4rmD4p52ZmFxo4xiZvfnclzcirKyMgndBSK5-X5
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 740B
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEBUpJaF_xmaV7v_vcLsoS7U&google_cver=1&google_push=AXcoOmQzeA4aS7EFHDMh1Ay1o2e38bAheCbp4U6Dn8L6KxOQcdxwrBB0-_KXyIe38RgL7J9D_7oQSDaRb8K76NfzpEvaPpWSmBPNF4o0
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=01F855ECA5EA4A1297B4233D9DAB710C&google_push=AXcoOmQzeA4aS7EFHDMh1Ay1o2e38bAheCbp4U6Dn8L6KxOQcdxwrBB0-_KXyIe38RgL7J9D_7oQSDaRb8K76Nf...

170 B
188 B

33ms
33ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=01F855ECA5EA4A1297B4233D9DAB710C&google_push=AXcoOmQzeA4aS7EFHDMh1Ay1o2e38bAheCbp4U6Dn8L6KxOQcdxwrBB0-_KXyIe38RgL7J9D_7oQSDaRb8K76NfzpEvaPpWSmBPNF4o0

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Dec 2023 22:20:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 25 Dec 2023 22:20:44 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=01F855ECA5EA4A1297B4233D9DAB710C&google_push=AXcoOmQzeA4aS7EFHDMh1Ay1o2e38bAheCbp4U6Dn8L6KxOQcdxwrBB0-_KXyIe38RgL7J9D_7oQSDaRb8K76NfzpEvaPpWSmBPNF4o0
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Sun, 24 Dec 2023 22:20:44 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 740B
Redirect Chain

https://d.agkn.com/pixel/2175/?google_gid=CAESEEaBp_O4_c5JF6Jscn7iq0c&google_cver=1&google_push=AXcoOmSGRUSY6LRrruhZZ4vrDXDHXaKC1Rugz-yjbKQ55s22lNg2N-4j5-cE8wv1-G8W7AfPWhJcQgEXxYH8P93m2PD09cdY8RQdB0n1
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AXcoOmSGRUSY6LRrruhZZ4vrDXDHXaKC1Rugz-yjbKQ55s22lNg2N-4j5-cE8wv1-G8W7AfPWhJcQgEXxYH8P93m2PD09cdY8RQdB0n1&google_hm=Q0FFU0VFYUJwX080X...

170 B
188 B

33ms
32ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AXcoOmSGRUSY6LRrruhZZ4vrDXDHXaKC1Rugz-yjbKQ55s22lNg2N-4j5-cE8wv1-G8W7AfPWhJcQgEXxYH8P93m2PD09cdY8RQdB0n1&google_hm=Q0FFU0VFYUJwX080X2M1SkY2SnNjbjdpcTBj

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Dec 2023 22:20:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 25 Dec 2023 22:20:44 GMT
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AXcoOmSGRUSY6LRrruhZZ4vrDXDHXaKC1Rugz-yjbKQ55s22lNg2N-4j5-cE8wv1-G8W7AfPWhJcQgEXxYH8P93m2PD09cdY8RQdB0n1&google_hm=Q0FFU0VFYUJwX080X2M1SkY2SnNjbjdpcTBj
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 740B
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEJHkwEHbclELEl1MTDeIhfg&google_cver=1&google_push=AXcoOmTMWpe09cEYkTUVESseNWjeivkPAfFP0wx0kQWDLg9SDmPu6pzKEt8_lc7Y9zc2LZRn5sT8dOcM...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzExODExNzMwMzM0MjgzMDU2NQ&google_push=AXcoOmTMWpe09cEYkTUVESseNWjeivkPAfFP0wx0kQWDLg9SDmPu6pzKEt8_lc7Y9zc2LZRn5sT8dO...

170 B
188 B

33ms
33ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzExODExNzMwMzM0MjgzMDU2NQ&google_push=AXcoOmTMWpe09cEYkTUVESseNWjeivkPAfFP0wx0kQWDLg9SDmPu6pzKEt8_lc7Y9zc2LZRn5sT8dOcMhVJR_6F4lE_-rVxqG_4FHec

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Dec 2023 22:20:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 25 Dec 2023 22:20:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzExODExNzMwMzM0MjgzMDU2NQ&google_push=AXcoOmTMWpe09cEYkTUVESseNWjeivkPAfFP0wx0kQWDLg9SDmPu6pzKEt8_lc7Y9zc2LZRn5sT8dOcMhVJR_6F4lE_-rVxqG_4FHec
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2

200

report
sync.teads.tv/um/ Frame 740B
Redirect Chain

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEHiiRiYvbqNQ...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmTM6u5enFeGBcxaSDKrl86evUcIbA7hBIPoF9I13wmhtkX7XHROaxgcp2oxQ39UzoBr1IE-IxCOMR2W1UNz64vX90Lmg58T8nQc
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
163 B

55ms
54ms

Image
image/gif

2.19.245.101
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by: Host: www.paranaturismo.com.br
URL: https://www.paranaturismo.com.br/lunardelli/
Protocol: H2
Server: 2.19.245.101 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-245-101.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Mon, 25 Dec 2023 22:20:44 GMT
pragma: no-cache
date: Mon, 25 Dec 2023 22:20:44 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Mon, 25 Dec 2023 22:20:44 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 740B 0
12 B 30ms
30ms Image
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13I_AVwrIJIIoNkBoZxEl8uKiT6CNwu1_yavtVSTm9-7PrsjinDFcAlJZeqEZYsjo8DRwZjk6w

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 22:20:44 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.50/one-ad/ Frame 9B19 115 KB
14 KB 36ms
35ms Stylesheet
text/css 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1gwcr6yx0q1xerbgnsyp1twbe0kjg5p7519jnx12j06frmmkhcm27ewy854xnqp4x3eaykhzgggcnyja02wxtp0gcdedh1w836cpe6pqx3x5q72wqd15fthksz5ks383na938x6wz03bbm6mvr956vtjgcp24rd461q9rf721d8kkp1a6xr5622b0ws32qw5a2x7kpeaadz91s043ae3c373xj1ypgw90cyfnnp67496z5nk3r8ske5d1c8bhhqd17fjgdty98mdkn09hn0k783ka28414n9rwf8d30w5t07em4c8x3gm1x2sk8vdmj9x6s970pbazrqa5qqm5nx6tsta9sfrzpnt2dh9rq13kh99hk8g3m33sjtx9wxc7pban2gkdkbs5mwxvvm94wscj196dm0e7awwezh9c73g9vk9q9jjvd8sz4hp2fmcj22cdr3k0e9wg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCJfYPOwCKZZahOJz3mLAP59itmA6Q4YGEXLaoworwAsCNtwEQASAAYJWCgICoB4IBF2NhLXB1Yi00NzY2NjU2MDc1MzUyODI0yAEJqQIRY4ZOUXiyPqgDAcgDAqoEmgJP0PeFROxOycK6Lmg_9VNKzI37mkkFnPw5tkewQEqCTQB5-yOt_KniiqJUPQZQKHNkCw_xiMre7MYeDTVgTviyGvfhGj0GqeAWCJ5PhftflEDoaxIo4sK6wmUXsJb-HXxXSQw-ozGRHi-iE4MGgWg4BdZLsdAXvahCSA_EnUAL-LROdBSrU5pmNuev0Bq1NvnAtFTXX9Z1OirN_I_aNmAxYlmATtCXluw_SwLBr0_tfSnjyWxl5iZ5p-UU-7Cmtdw-NgaXHfjFtBk3PPPCQuQ6JSC6yx0DvIWfsbVUDqkmK0aWf7dYmTRZIwXZV3KE3DOABSdgB042HvDdqn6ZYobLvKCLcC6feZEf3FOlAvYnFNisvBc7670RbY2ABvnEndus88zewwGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYwdXI0M-rgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3O8J_IwTbI3GueqlCiVCuHUfW8aQ%26client%3Dca-pub-4766656075352824%26adurl%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1gwcr6yx0q1xerbgnsyp1twbe0kjg5p7519jnx12j06frmmkhcm27ewy854xnqp4x3eaykhzgggcnyja02wxtp0gcdedh1w836cpe6pqx3x5q72wqd15fthksz5ks383na938x6wz03bbm6mvr956vtjgcp24rd461q9rf721d8kkp1a6xr5622b0ws32qw5a2x7kpeaadz91s043ae3c373xj1ypgw90cyfnnp67496z5nk3r8ske5d1c8bhhqd17fjgdty98mdkn09hn0k783ka28414n9rwf8d30w5t07em4c8x3gm1x2sk8vdmj9x6s970pbazrqa5qqm5nx6tsta9sfrzpnt2dh9rq13kh99hk8g3m33sjtx9wxc7pban2gkdkbs5mwxvvm94wscj196dm0e7awwezh9c73g9vk9q9jjvd8sz4hp2fmcj22cdr3k0e9wg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCJfYPOwCKZZahOJz3mLAP59itmA6Q4YGEXLaoworwAsCNtwEQASAAYJWCgICoB4IBF2NhLXB1Yi00NzY2NjU2MDc1MzUyODI0yAEJqQIRY4ZOUXiyPqgDAcgDAqoEmgJP0PeFROxOycK6Lmg_9VNKzI37mkkFnPw5tkewQEqCTQB5-yOt_KniiqJUPQZQKHNkCw_xiMre7MYeDTVgTviyGvfhGj0GqeAWCJ5PhftflEDoaxIo4sK6wmUXsJb-HXxXSQw-ozGRHi-iE4MGgWg4BdZLsdAXvahCSA_EnUAL-LROdBSrU5pmNuev0Bq1NvnAtFTXX9Z1OirN_I_aNmAxYlmATtCXluw_SwLBr0_tfSnjyWxl5iZ5p-UU-7Cmtdw-NgaXHfjFtBk3PPPCQuQ6JSC6yx0DvIWfsbVUDqkmK0aWf7dYmTRZIwXZV3KE3DOABSdgB042HvDdqn6ZYobLvKCLcC6feZEf3FOlAvYnFNisvBc7670RbY2ABvnEndus88zewwGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYwdXI0M-rgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3O8J_IwTbI3GueqlCiVCuHUfW8aQ%26client%3Dca-pub-4766656075352824%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 22:20:44 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2313042
cf-polished: origSize=118430
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 02 Nov 2023 10:26:17 GMT
server: cloudflare
etag: W/"486507ccce9ac587d11c0ef3f32a109a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HZlEjWAvlgnMxzK3WWgx55Z3nr64dCvfZLY41vdS%2BlkatO7C01XwfiOmUvI6N7%2FTQEtmAq9B1jo3o5gejSIVvwVmt1ze%2BqeLCGiDD%2BrcTP8xca9n%2BX35rCf0lq4lWXNfSsIQxXO6VWA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=86400
cf-ray: 83b4791c0e156ab8-FRA
expires: Tue, 26 Dec 2023 22:20:44 GMT

GET
H3 200 r62eglto.js Show response
ad4m.at/ Frame 9B19 24 KB
10 KB 34ms
34ms Script
application/javascript 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1gwcr6yx0q1xerbgnsyp1twbe0kjg5p7519jnx12j06frmmkhcm27ewy854xnqp4x3eaykhzgggcnyja02wxtp0gcdedh1w836cpe6pqx3x5q72wqd15fthksz5ks383na938x6wz03bbm6mvr956vtjgcp24rd461q9rf721d8kkp1a6xr5622b0ws32qw5a2x7kpeaadz91s043ae3c373xj1ypgw90cyfnnp67496z5nk3r8ske5d1c8bhhqd17fjgdty98mdkn09hn0k783ka28414n9rwf8d30w5t07em4c8x3gm1x2sk8vdmj9x6s970pbazrqa5qqm5nx6tsta9sfrzpnt2dh9rq13kh99hk8g3m33sjtx9wxc7pban2gkdkbs5mwxvvm94wscj196dm0e7awwezh9c73g9vk9q9jjvd8sz4hp2fmcj22cdr3k0e9wg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCJfYPOwCKZZahOJz3mLAP59itmA6Q4YGEXLaoworwAsCNtwEQASAAYJWCgICoB4IBF2NhLXB1Yi00NzY2NjU2MDc1MzUyODI0yAEJqQIRY4ZOUXiyPqgDAcgDAqoEmgJP0PeFROxOycK6Lmg_9VNKzI37mkkFnPw5tkewQEqCTQB5-yOt_KniiqJUPQZQKHNkCw_xiMre7MYeDTVgTviyGvfhGj0GqeAWCJ5PhftflEDoaxIo4sK6wmUXsJb-HXxXSQw-ozGRHi-iE4MGgWg4BdZLsdAXvahCSA_EnUAL-LROdBSrU5pmNuev0Bq1NvnAtFTXX9Z1OirN_I_aNmAxYlmATtCXluw_SwLBr0_tfSnjyWxl5iZ5p-UU-7Cmtdw-NgaXHfjFtBk3PPPCQuQ6JSC6yx0DvIWfsbVUDqkmK0aWf7dYmTRZIwXZV3KE3DOABSdgB042HvDdqn6ZYobLvKCLcC6feZEf3FOlAvYnFNisvBc7670RbY2ABvnEndus88zewwGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYwdXI0M-rgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3O8J_IwTbI3GueqlCiVCuHUfW8aQ%26client%3Dca-pub-4766656075352824%26adurl%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e688c863b85a28f75e5c1c7f21092f1f419649e10496f9f1fc36826112bbd348

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 22:20:44 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 29 Nov 2023 09:14:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 479154
etag: W/"aa3e81d21ff1f0e18f4862e53a794952"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k%2B2t%2BBnvQKoclNeqJC3yLsFS6bvaPDRoh77llpRZ4S437HQ6G4Kw5OY2b%2BH%2BCQqHf6BM88VBMbTqJ%2FH9x%2BECEHMvrAzewGjQnsit1OAK67WBz4iqc2lq36KfOYc%2ByyhXBbGW5gQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 83b4791c0e176ab8-FRA
alt-svc: h3=":443"; ma=86400
expires: Wed, 13 Dec 2023 09:16:49 GMT

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame C5DA
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEBEM92jLhx9LsRT_OVRLGrA&google_cver=1&google_push=AXcoOmTLzgstOjRgcJs4AWIU33JW5SFz68g1-gqTDvIIGfSDlCznFITRpT8a9_KwrCx1vTvR0JOT5PyUTUfyShV4ZwYWgiQQru31eQ
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=OTEwOTIwODkyNzExNjc1MzM3Mw==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEBEM92jLhx9LsRT_OVRLGrA&google_cver=1

43 B
398 B

81ms
81ms

Image
image/gif

2001:678:cb4:bbbb::11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEBEM92jLhx9LsRT_OVRLGrA&google_cver=1
Requested by: Host: www.paranaturismo.com.br
URL: https://www.paranaturismo.com.br/lunardelli/
Protocol: H2
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 25 Dec 2023 22:20:44 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Mon, 25 Dec 2023 22:20:44 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEBEM92jLhx9LsRT_OVRLGrA&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C5DA
Redirect Chain

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEFF-TY7mLcy5lJX-T5eJgaw&google_cver=1&google_push=AXcoOmT4qSRtMwf-f7hMoYLwE6XeOWOqOilRoto-6us6vyC9IV-2_jefjJ...
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AXcoOmT4qSRtMwf-f7hMoYLwE6XeOWOqOilRoto-6us6vyC9IV-2_jefjJqbQRdC4mJzPLAZoIsV-HVQ_AMowF6-wmIfRrl3zLMe9w&google_hm=mWC1TRrUov...

170 B
188 B

33ms
33ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AXcoOmT4qSRtMwf-f7hMoYLwE6XeOWOqOilRoto-6us6vyC9IV-2_jefjJqbQRdC4mJzPLAZoIsV-HVQ_AMowF6-wmIfRrl3zLMe9w&google_hm=mWC1TRrUovBb61Ah3Y6-dg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Dec 2023 22:20:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AXcoOmT4qSRtMwf-f7hMoYLwE6XeOWOqOilRoto-6us6vyC9IV-2_jefjJqbQRdC4mJzPLAZoIsV-HVQ_AMowF6-wmIfRrl3zLMe9w&google_hm=mWC1TRrUovBb61Ah3Y6-dg
pragma: no-cache
date: Mon, 25 Dec 2023 22:20:44 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
strict-transport-security: max-age=86400
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame C5DA 0
103 B 39ms
38ms Image
text/plain 2a02:fa8:8806:16::1400
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEJU-Ee7rd44JYdV9_IbNFnU&google_cver=1&google_push=AXcoOmRTZtH9KGKzv3kv5SEaDdgjkbrBQeqrhnrMmMppIHEVsQQ-fNikAJGk1o37pc0hVnqCNy5TidcFr8d-XZ_RzceuY63bg0z7c5M
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:16::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Dec 2023 22:20:44 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2 204 AdxPixel
tr.blismedia.com/v1/api/sync/ Frame C5DA 0
172 B 91ms
35ms Image
text/plain 34.96.105.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEOPNL9AqbbSd_eH3TL69MVw&google_cver=1&google_push=AXcoOmSatsl2r2jHwamE2glHLOrxyIlWdMR99OAjRQMkG4ZxFfnajekVMMvjrWSPukLCK7beDPJlG7vVQupI5vUPVMMyNAcbiNkUydM
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.105.96.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 22:20:44 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 sync
x.bidswitch.net/ Frame C5DA 43 B
145 B 23ms
23ms Image
image/gif 3.122.189.67
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEIuQ-l9YOSXwuiBYLkfN6yc&google_cver=1&google_push=AXcoOmRPU_C9IvQgKjTzcrEZMc5eAfHDWvzZKizJppRH5E4YsxQLNmYFTAwnGVe4wSoB6tNY5zc_wlB9ibmwaqP2WT0V3GUW4cwOvF0
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.122.189.67 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-122-189-67.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 22:20:44 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame C5DA 43 B
362 B 30ms
29ms Image
image/gif 178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmS26hr1jCxpbi7ol8f3sQWEcgeGVkL-U89w5Qnj1I_uYOSB41-H4j-EtbRYim1xe3CNn4E3GBM_THPlNkow4WqIXG2wthvD4g&google_gid=CAESECxdZ3pcbjbguYRNpwis2Fk&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Dec 2023 22:20:44 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 235090
expires: Mon, 25 Dec 2023 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C5DA
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEJHkwEHbclELEl1MTDeIhfg&google_cver=1&google_push=AXcoOmT5euFnfFtwd_-RCBaMQJ25YrHhOiisTpRQmm5_UynL2LjQDuYAHa5uf8UGTVyxQF-El0NSXm00...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzExODExNzMwMzM0MjgzMDU2NQ&google_push=AXcoOmT5euFnfFtwd_-RCBaMQJ25YrHhOiisTpRQmm5_UynL2LjQDuYAHa5uf8UGTVyxQF-El0NSXm...

170 B
188 B

34ms
34ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzExODExNzMwMzM0MjgzMDU2NQ&google_push=AXcoOmT5euFnfFtwd_-RCBaMQJ25YrHhOiisTpRQmm5_UynL2LjQDuYAHa5uf8UGTVyxQF-El0NSXm00DHuPMTVJS3CT5nixNv1ACw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Dec 2023 22:20:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 25 Dec 2023 22:20:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzExODExNzMwMzM0MjgzMDU2NQ&google_push=AXcoOmT5euFnfFtwd_-RCBaMQJ25YrHhOiisTpRQmm5_UynL2LjQDuYAHa5uf8UGTVyxQF-El0NSXm00DHuPMTVJS3CT5nixNv1ACw
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame C5DA 0
12 B 32ms
32ms Image
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JogOcEumvlceV-WWze0uRtTbckuST3jxjV1U55Erey-aZZDRpfDiNc_wzICqx8vZc2DFn4

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 22:20:44 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.50/one-ad/ Frame 71C5 115 KB
14 KB 35ms
35ms Stylesheet
text/css 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1g4r0eb7vebnwvddsfz11p6mdym2wfnyw5pvwd6wb2x8jj18d66edn134k5ay006gcsx2yvnzwt8y3p6g2c0aw98p3h9aw17hqz30k9q5nt995ds8aj0xqvwbnx4s34bqvgwxgkc1tym2fag57yjczsbys4cqwsen63pfm2dn85bwp623exgm2rt6em2dpz1rj4j0633ntdckbvpsf4zqsje66bthsvbtrfa3gd7m4aqhx3ptwem71e1tv3a1ntgsx1t6jv8b22eh2853rmvd6ycqcstcp89wytmc34jbdm8h6c47bwc464fnxjc4fprfhyhcfnpg7tqnj0krsj4qpg3zd55z57dhnpwsv7gva181z6s9j49ds430546srdc1c4cesezkhv9ff2ahqbw0x5serrqagr5403gjsvt2zsk80s1hxtk2&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCiU42OwCKZZehOJz3mLAP59itmA6Q4YGEXLaoworwAsCNtwEQASAAYJWCgICoB4IBF2NhLXB1Yi00NzY2NjU2MDc1MzUyODI0yAEJqQIRY4ZOUXiyPqgDAcgDAqoEmgJP0FvycjXe_1kHWtTjnYzqJVCrL7kx4yJ1nz6rFPReUkBkYz2zeBkzLjJsWJZ5Alcq3gOhWHpRFnpBnjLbSUI_n6puaG8zbdqUwFdx6u5okiXjrpFKatyooi9ZzEBaPEYmBgxw8dAvoWl2uqmNPfDyXbswgNfDNe_qZOWW9jJbzDoNY7-FHLNAGjz3E2Zp9zB3b0u4GvxGZFQnuonsUdnL5cCs1oWGnKFuljvPUkUFSPD-qZKriQEcsJzTCOzTSutUGMadUJNSmM1qNC8N4TopYV4abgAc-u7QmqGj_R_DzkWQtg_TTLMBEbuTLJ8qAdjGxd5W7WV-kQ-Q9-8fh4tEgum0fr9r0GG5xQWrJvLy5Y80gHa4DklJhlSABujT1d-Jy93T1gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYwdXI0M-rgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_15sxHpokwjHNY7Qy8d3lcCdRcVUA%26client%3Dca-pub-4766656075352824%26adurl%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1g4r0eb7vebnwvddsfz11p6mdym2wfnyw5pvwd6wb2x8jj18d66edn134k5ay006gcsx2yvnzwt8y3p6g2c0aw98p3h9aw17hqz30k9q5nt995ds8aj0xqvwbnx4s34bqvgwxgkc1tym2fag57yjczsbys4cqwsen63pfm2dn85bwp623exgm2rt6em2dpz1rj4j0633ntdckbvpsf4zqsje66bthsvbtrfa3gd7m4aqhx3ptwem71e1tv3a1ntgsx1t6jv8b22eh2853rmvd6ycqcstcp89wytmc34jbdm8h6c47bwc464fnxjc4fprfhyhcfnpg7tqnj0krsj4qpg3zd55z57dhnpwsv7gva181z6s9j49ds430546srdc1c4cesezkhv9ff2ahqbw0x5serrqagr5403gjsvt2zsk80s1hxtk2&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCiU42OwCKZZehOJz3mLAP59itmA6Q4YGEXLaoworwAsCNtwEQASAAYJWCgICoB4IBF2NhLXB1Yi00NzY2NjU2MDc1MzUyODI0yAEJqQIRY4ZOUXiyPqgDAcgDAqoEmgJP0FvycjXe_1kHWtTjnYzqJVCrL7kx4yJ1nz6rFPReUkBkYz2zeBkzLjJsWJZ5Alcq3gOhWHpRFnpBnjLbSUI_n6puaG8zbdqUwFdx6u5okiXjrpFKatyooi9ZzEBaPEYmBgxw8dAvoWl2uqmNPfDyXbswgNfDNe_qZOWW9jJbzDoNY7-FHLNAGjz3E2Zp9zB3b0u4GvxGZFQnuonsUdnL5cCs1oWGnKFuljvPUkUFSPD-qZKriQEcsJzTCOzTSutUGMadUJNSmM1qNC8N4TopYV4abgAc-u7QmqGj_R_DzkWQtg_TTLMBEbuTLJ8qAdjGxd5W7WV-kQ-Q9-8fh4tEgum0fr9r0GG5xQWrJvLy5Y80gHa4DklJhlSABujT1d-Jy93T1gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYwdXI0M-rgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_15sxHpokwjHNY7Qy8d3lcCdRcVUA%26client%3Dca-pub-4766656075352824%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 22:20:44 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2313042
cf-polished: origSize=118430
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 02 Nov 2023 10:26:17 GMT
server: cloudflare
etag: W/"486507ccce9ac587d11c0ef3f32a109a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y5xT0sEXA3ECNibUE3qacVNbnGXz5GILf43bghZ9WfxtO5vuscQEV1PgeA1dGd6NlFFwEO%2Bu%2FXqzapC6qK9X8We14MMIXJrLhGcjAtbgSPdyEnQD09ijvkBRyNEAhFg8PTRENs3F%2BO4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=86400
cf-ray: 83b4791c2e386ab8-FRA
expires: Tue, 26 Dec 2023 22:20:44 GMT

GET
H3 200 r62eglto.js Show response
ad4m.at/ Frame 71C5 24 KB
10 KB 37ms
37ms Script
application/javascript 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1g4r0eb7vebnwvddsfz11p6mdym2wfnyw5pvwd6wb2x8jj18d66edn134k5ay006gcsx2yvnzwt8y3p6g2c0aw98p3h9aw17hqz30k9q5nt995ds8aj0xqvwbnx4s34bqvgwxgkc1tym2fag57yjczsbys4cqwsen63pfm2dn85bwp623exgm2rt6em2dpz1rj4j0633ntdckbvpsf4zqsje66bthsvbtrfa3gd7m4aqhx3ptwem71e1tv3a1ntgsx1t6jv8b22eh2853rmvd6ycqcstcp89wytmc34jbdm8h6c47bwc464fnxjc4fprfhyhcfnpg7tqnj0krsj4qpg3zd55z57dhnpwsv7gva181z6s9j49ds430546srdc1c4cesezkhv9ff2ahqbw0x5serrqagr5403gjsvt2zsk80s1hxtk2&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCiU42OwCKZZehOJz3mLAP59itmA6Q4YGEXLaoworwAsCNtwEQASAAYJWCgICoB4IBF2NhLXB1Yi00NzY2NjU2MDc1MzUyODI0yAEJqQIRY4ZOUXiyPqgDAcgDAqoEmgJP0FvycjXe_1kHWtTjnYzqJVCrL7kx4yJ1nz6rFPReUkBkYz2zeBkzLjJsWJZ5Alcq3gOhWHpRFnpBnjLbSUI_n6puaG8zbdqUwFdx6u5okiXjrpFKatyooi9ZzEBaPEYmBgxw8dAvoWl2uqmNPfDyXbswgNfDNe_qZOWW9jJbzDoNY7-FHLNAGjz3E2Zp9zB3b0u4GvxGZFQnuonsUdnL5cCs1oWGnKFuljvPUkUFSPD-qZKriQEcsJzTCOzTSutUGMadUJNSmM1qNC8N4TopYV4abgAc-u7QmqGj_R_DzkWQtg_TTLMBEbuTLJ8qAdjGxd5W7WV-kQ-Q9-8fh4tEgum0fr9r0GG5xQWrJvLy5Y80gHa4DklJhlSABujT1d-Jy93T1gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYwdXI0M-rgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_15sxHpokwjHNY7Qy8d3lcCdRcVUA%26client%3Dca-pub-4766656075352824%26adurl%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e688c863b85a28f75e5c1c7f21092f1f419649e10496f9f1fc36826112bbd348

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 22:20:44 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 29 Nov 2023 09:14:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 479154
etag: W/"aa3e81d21ff1f0e18f4862e53a794952"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AkUM5Rl51cgm%2BKNhb46ves14%2B3qxtaL3KO6U1RhcY9oteZOxug379yMNckDye0%2FBlfS8pWExAIMIifErqhLHrYQBpw0x68iulvzFFsYD4pJEcoZBvlU1ls%2BqQ1%2BXJXnJjxbJuTk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 83b4791c2e3b6ab8-FRA
alt-svc: h3=":443"; ma=86400
expires: Wed, 13 Dec 2023 09:16:49 GMT

GET
H3 200 cookie-frame.html Show response
ad4m.at/ Frame BC0E 2 KB
1 KB 35ms
34ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/cookie-frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0db16c25165bfd35ea9114187f3e97d7084a33135cb56fe276f6cdd2ab675647

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2227931
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=86400, stale-if-error=86400
cf-cache-status: HIT
cf-ray: 83b4791c5e6b6ab8-FRA
content-encoding: br
content-language: en
content-type: text/html
date: Mon, 25 Dec 2023 22:20:44 GMT
expires: Thu, 30 Nov 2023 03:29:52 GMT
last-modified: Tue, 28 Nov 2023 11:49:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x6J9BfjFoadCApkijQNiXhZ43zbi4PPtIBpNhq%2Bzh27Xk3elH1gEbiBa6BSg9OhrydVsdHz1xKE5t6syApXvmwKbvcRHFBI5zSAXMNvipX0LGyqFaWm7ODiz078LcJKPgFZUeQM%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
DATA 200
OK truncated
/ Frame 487F 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b982c40a025ecf28347040b2cc9a3898e5952332ea57a5166e6ef5aa10a7d28b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 9B19 350 B
920 B 32ms
32ms Image
image/png 2606:4700:20::681a:71b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:71b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d41dc07aed30cb54de661289691254b1288a52bcf4d121cec3acb89d4aa872a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 22:20:44 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2215465
alt-svc: h3=":443"; ma=86400
content-length: 350
last-modified: Mon, 20 Nov 2023 11:04:04 GMT
server: cloudflare
etag: "e7fc49b61cae983db8c3a1dccf923b93"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HWrVpLpjKU8tdFVfE1Ec1MxP3g9Nobie98Vpl%2BqMWhvl%2FNeZbt1xmi%2B9EJqoIIKo7VV5VS6D%2FxJYyE7CQI7OYxi3j16YOEPFpUrqAsaqI8EKbrN%2BYImax27%2Bm4%2BoxUL04Vsy%2FFPEN%2F7VhpPesnlS0uT7"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 83b4791c59478fca-FRA
expires: Fri, 29 Nov 2024 06:56:19 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 487F 0
19 B 65ms
65ms Image
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CWHhAOwCKZZahOJz3mLAP59itmA6Q4YGEXLaoworwAsCNtwEQASAAYJWCgICoB4IBF2NhLXB1Yi00NzY2NjU2MDc1MzUyODI0yAEJqQIRY4ZOUXiyPqgDAcgDAqoElwJP0PeFROxOycK6Lmg_9VNKzI37mkkFnPw5tkewQEqCTQB5-yOt_KniiqJUPQZQKHNkCw_xiMre7MYeDTVgTviyGvfhGj0GqeAWCJ5PhftflEDoaxIo4sK6wmUXsJb-HXxXSQw-ozGRHi-iE4MGgWg4BdZLsdAXvahCSA_EnUAL-LROdBSrU5pmNuev0Bq1NvnAtFTXX9Z1OirN_I_aNmAxYlmATtCXluw_SwLBr0_tfSnjyWxl5iZ5p-UU-7Cmtdw-NgaXHfjFtBk3PPPCQuQ6JSC6yx0DvIWfsbVUDqkmK0aWf7dYmTRZIwXZV3KE3DOARyVBlZnPmbAVLTYPuM9ZTpmfeoOVV4nCXJHskA6zCvS0acukq3WABvnEndus88zewwGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYwdXI0M-rgwOACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItNDc2NjY1NjA3NTM1MjgyNBgA&sigh=Qba4IlA4XxI&uach_m=%5BUACH%5D&cid=CAQSPAAvHhf_julhuBkrq1LokXS2LVlEl5wBbJneWFalR7mmqDbPA_anXYVjwb8H35zYITExvdPeshyN0DQlQBgB&cbvp=2&vis=1

Requested by

Host: www.paranaturismo.com.br
URL: https://www.paranaturismo.com.br/lunardelli/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 25 Dec 2023 22:20:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame 487F 0
39 B 33ms
33ms Image
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1jx64w0s0txgmcbz6akszhpzmk9zcyx0j0ezqf8cc2x5n23cy30a6346dr4a09vkvpq9q5h07c9zxwy2va36k8gdg26w1eksp81506ejp66adqm19xmz2c57nmwr26yp90z7gd5ktjqwsekz71w80cykwsqx89ktkmmjxgx265m6q6s54gdkmegsv87dhe1c6d9rdcs3kax74f9f7c126hj93zjtp149perahz1j3nng0tcn8330482yh6cv3nh0vpvdwj4xgs456d60be2yrz14fnyn7nb6yr3gz7jc73fqgcr7n83nyjs311svss6stj88ek8qgn0tf0t4bdkknbkc94dzpmdt8kr25wyshm0bdgcqc5wwnfn6nrgzsseet2mrts14fw8nsag&b=ZYoAOwAOEJYABjucAAtsZ2Zw30rSDCLLxskCSg&cbvp=2
Requested by: Host: www.paranaturismo.com.br
URL: https://www.paranaturismo.com.br/lunardelli/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 25 Dec 2023 22:20:44 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H3 200 cookie-frame.html Show response
ad4m.at/ Frame B691 2 KB
1 KB 33ms
33ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/cookie-frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0db16c25165bfd35ea9114187f3e97d7084a33135cb56fe276f6cdd2ab675647

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2227931
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=86400, stale-if-error=86400
cf-cache-status: HIT
cf-ray: 83b4791c8e986ab8-FRA
content-encoding: br
content-language: en
content-type: text/html
date: Mon, 25 Dec 2023 22:20:44 GMT
expires: Thu, 30 Nov 2023 03:29:52 GMT
last-modified: Tue, 28 Nov 2023 11:49:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6BDlr7zw0gIQVXwaI8h7NYBwfS03zf%2FtdDozv0Q62KPwGMUb6SLZ5CvfivuekYMOXFEyN9KkH08OBsHzebGZLBX6lbEZjoANA9G2q5M%2B0bEZFzgxkyXqKSeyKmYjIcT69IgZ%2FTQ%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
DATA 200
OK truncated
/ Frame 6C9B 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 16ee41a73f4ff0d1318b2e9ae929b4d52d67b0affbe85759bab7e3f8d3a37f9f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 71C5 350 B
879 B 32ms
31ms Image
image/png 2606:4700:20::681a:71b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:71b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d41dc07aed30cb54de661289691254b1288a52bcf4d121cec3acb89d4aa872a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 22:20:44 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2215465
alt-svc: h3=":443"; ma=86400
content-length: 350
last-modified: Mon, 20 Nov 2023 11:04:04 GMT
server: cloudflare
etag: "e7fc49b61cae983db8c3a1dccf923b93"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XVhf7exJiyU7QY%2B5RJEzxMz1w8K6CsvChw9hbzhgvjY96YdKb%2FKUVH7Lc%2FRL6xYMPnYMLhhGS7JxzFL0Ns63jlTT608JLuedfTvwLDEgtXkr3uWPCLd7eOS%2FqSRitDi3aK8gKs0KCZxEsklIopqbLUxQ"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 83b4791c89678fca-FRA
expires: Fri, 29 Nov 2024 06:56:19 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 6C9B 0
19 B 68ms
65ms Image
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CsgkmOwCKZZehOJz3mLAP59itmA6Q4YGEXLaoworwAsCNtwEQASAAYJWCgICoB4IBF2NhLXB1Yi00NzY2NjU2MDc1MzUyODI0yAEJqQIRY4ZOUXiyPqgDAcgDAqoElwJP0FvycjXe_1kHWtTjnYzqJVCrL7kx4yJ1nz6rFPReUkBkYz2zeBkzLjJsWJZ5Alcq3gOhWHpRFnpBnjLbSUI_n6puaG8zbdqUwFdx6u5okiXjrpFKatyooi9ZzEBaPEYmBgxw8dAvoWl2uqmNPfDyXbswgNfDNe_qZOWW9jJbzDoNY7-FHLNAGjz3E2Zp9zB3b0u4GvxGZFQnuonsUdnL5cCs1oWGnKFuljvPUkUFSPD-qZKriQEcsJzTCOzTSutUGMadUJNSmM1qNC8N4TopYV4abgAc-u7QmqGj_R_DzkWQtg_TTLMBEbuTLJ8qAdjGh9x3f7KHFk9YcKeJXcLWcNCgdBJh_nlkRcfitApm-6MsVaonToGABujT1d-Jy93T1gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYwdXI0M-rgwOACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItNDc2NjY1NjA3NTM1MjgyNBgA&sigh=yawFOUU87qY&uach_m=%5BUACH%5D&cid=CAQSPAAvHhf_julhuBkrq1LokXS2LVlEl5wBbJneWFalR7mmqDbPA_anXYVjwb8H35zYITExvdPeshyN0DQlQBgB&cbvp=2&vis=1

Requested by

Host: www.paranaturismo.com.br
URL: https://www.paranaturismo.com.br/lunardelli/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 25 Dec 2023 22:20:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame 6C9B 0
39 B 36ms
33ms Image
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1hhxa3nwgam4x1f76sa8a2yf1eh7tcbkj9y5d590ypv26y8h4aqst5h28mg7x5pepaw7rvqyb0g2c8h95ra4jsgfgg4d3ksjr8kd1akkdbjawa97w1hb2ms96dkqg8xpb4znav23x224001a906a64q8n1wv78mqvqa3btkqvyk2n1w9xzhcd9r768cr3mq27j9yft3ysbmk7n7mh4max9x3qb1q2b2h311gqjtb0gk33brevvpc1989q5r9krg0p9saypkwyq0ka99tv6j4njy52xf1a971j913yswbst5z01y0vs4amp0wn7pakb33mdd0zyjxyjzh7whz3cst9mxrby6v9xy75c57wr936xq5gpyeq1y15je9682tqefqxb1qk00k5w&b=ZYoAOwAOEJcABjucAAtsZ3UL42ZY3TBS6aASvw&cbvp=2
Requested by: Host: www.paranaturismo.com.br
URL: https://www.paranaturismo.com.br/lunardelli/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 25 Dec 2023 22:20:44 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 49ms
49ms Preflight
text/plain 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 83b4791cafce1b93-FRA
content-length: 24
content-type: text/plain
date: Mon, 25 Dec 2023 22:20:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AujFAzs92%2FZdGL0WdFavSfuN90fd87bXgC7UOPqAPHBQV7f0H9P8OoiLqC3B%2FIfTf%2BWL8rx6DiDH9xKtAyuAte4UENbcDVnyQoGxEm6U5rJVhYzVhBGao1XXcS9hSDTs5aadIbc%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-8f05

POST
H3 200 rs Show response
ad4m.at/ Frame 9B19 2 KB
2 KB 60ms
59ms XHR
text/plain 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 63a67a320a8fbc668f495c3fc1e78db9fd8c3c8f595671f8dfd1cd77d7e9301c

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 25 Dec 2023 22:20:44 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hP5h5Vc7ihSaV623uEWCidW%2Fc%2B5CP51PhrkSKV4fbXXwI90Km4XimnvR1BJ%2FbXQIYV60Yp%2BcHYMI80VYtv09vNjeDbVq%2FVXHOFWPOG1q9Ge1AWAB7yuNl1j%2B4yjQGvDRUh4D8dQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
cf-ray: 83b4791cf81f1b93-FRA
x-backend-server: aa-reachservice-group-europe-west1-8f05
alt-svc: h3=":443"; ma=86400

POST
H3 200 rs Show response
ad4m.at/ Frame 71C5 2 KB
2 KB 52ms
52ms XHR
text/plain 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a563273d0f82d894386af17aae8124f2e3131c9bae528eb62d7e287099b70451

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 25 Dec 2023 22:20:44 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GjzksJUF%2BzmgCrqU6FcjWUxVdDbSKfuTgdfSwE9RNq0UihHzanIlNx1%2FYGrs3rdAFzU1XP2sgQ%2B3h2i9q1ciMYVGAHS5Lhb1H2lBHEZXBa5Y7%2FSw62c2H83lCOovdhJE4ziKQsw%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
cf-ray: 83b4791d08301b93-FRA
x-backend-server: aa-reachservice-group-europe-west1-8f05
alt-svc: h3=":443"; ma=86400

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 43ms
43ms Preflight
text/plain 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 83b4791ccff71b93-FRA
content-length: 24
content-type: text/plain
date: Mon, 25 Dec 2023 22:20:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OsTrzFzIiaAjL2yZFjjGgjnajNjVUuiI28GWD0JSk%2Frs0Et%2B2zugwt2XTrdmP%2BzP9Hbr1qACJTBEQUHUxJyv5E0AyLE0sI9TDBJJeQ7MdbMyVG7rDZuz%2F1j0trQTlrGa7e1MwwA%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-8f05

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame 0B2F 9 KB
4 KB 50ms
50ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=29002%2C12798%2C685&b=ZxqHwfBfMzDtmHDHDt3t6R4T6SXTQRBuY51p%2C13mUbfKf2Ama9HdH9tAt2zmS2SKTGRWHx7dr%2CYxRHrf3fkXaVH9HetQteg5ukS1Td9rF1Z6q&f=9jbSMfmfGdBtKHBH2tzCVWAc9SmTzPMfrbJW%2CwAjudfjfZk3SEHRH2tEC4m9hzSATmrZTKJQ1%2Cq42umfWfAzSZHgHDtRCwrdHeSgTJD5sq4xM&c=160&d=600&e=&g=ad49ec425c77567d218294f6c6deb45b%2F12333126316468682968&i=25052%2C20363%2C17908&j=16%2C24%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1703542844967&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kpy3qjbwa1c9saak788yr6zxv5htqmja5m60wdjwpb35karbkm59dsj3g5q8vm596xxhr59zbyt937basgbwrvb3fgrvgnmxe0s6p4b6rasn7hxcng76q97pyqezbvdasas5kck4xjjjzt70jg74441d3yzwnpkrjxdvr115wbwry9brcwya94mctjyzspreq27tpp02vw4hpzrb54395v9ce5ekm8zm44yghpjaxg7r5rb5ph5g7fp1mkep4jtwkk5ed3ckncd54nasn2xx8vk%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCJfYPOwCKZZahOJz3mLAP59itmA6Q4YGEXLaoworwAsCNtwEQASAAYJWCgICoB4IBF2NhLXB1Yi00NzY2NjU2MDc1MzUyODI0yAEJqQIRY4ZOUXiyPqgDAcgDAqoEmgJP0PeFROxOycK6Lmg_9VNKzI37mkkFnPw5tkewQEqCTQB5-yOt_KniiqJUPQZQKHNkCw_xiMre7MYeDTVgTviyGvfhGj0GqeAWCJ5PhftflEDoaxIo4sK6wmUXsJb-HXxXSQw-ozGRHi-iE4MGgWg4BdZLsdAXvahCSA_EnUAL-LROdBSrU5pmNuev0Bq1NvnAtFTXX9Z1OirN_I_aNmAxYlmATtCXluw_SwLBr0_tfSnjyWxl5iZ5p-UU-7Cmtdw-NgaXHfjFtBk3PPPCQuQ6JSC6yx0DvIWfsbVUDqkmK0aWf7dYmTRZIwXZV3KE3DOABSdgB042HvDdqn6ZYobLvKCLcC6feZEf3FOlAvYnFNisvBc7670RbY2ABvnEndus88zewwGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYwdXI0M-rgwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3O8J_IwTbI3GueqlCiVCuHUfW8aQ%2526client%253Dca-pub-4766656075352824%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a07e75d0df05fe29a0dc5f66f44336dac210789b6d94593f2f6e20b62e7e3119

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src ;connect-src https:;default-src 'self';font-src ;form-action 'none';frame-src ;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src 'unsafe-inline'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1gwcr6yx0q1xerbgnsyp1twbe0kjg5p7519jnx12j06frmmkhcm27ewy854xnqp4x3eaykhzgggcnyja02wxtp0gcdedh1w836cpe6pqx3x5q72wqd15fthksz5ks383na938x6wz03bbm6mvr956vtjgcp24rd461q9rf721d8kkp1a6xr5622b0ws32qw5a2x7kpeaadz91s043ae3c373xj1ypgw90cyfnnp67496z5nk3r8ske5d1c8bhhqd17fjgdty98mdkn09hn0k783ka28414n9rwf8d30w5t07em4c8x3gm1x2sk8vdmj9x6s970pbazrqa5qqm5nx6tsta9sfrzpnt2dh9rq13kh99hk8g3m33sjtx9wxc7pban2gkdkbs5mwxvvm94wscj196dm0e7awwezh9c73g9vk9q9jjvd8sz4hp2fmcj22cdr3k0e9wg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCJfYPOwCKZZahOJz3mLAP59itmA6Q4YGEXLaoworwAsCNtwEQASAAYJWCgICoB4IBF2NhLXB1Yi00NzY2NjU2MDc1MzUyODI0yAEJqQIRY4ZOUXiyPqgDAcgDAqoEmgJP0PeFROxOycK6Lmg_9VNKzI37mkkFnPw5tkewQEqCTQB5-yOt_KniiqJUPQZQKHNkCw_xiMre7MYeDTVgTviyGvfhGj0GqeAWCJ5PhftflEDoaxIo4sK6wmUXsJb-HXxXSQw-ozGRHi-iE4MGgWg4BdZLsdAXvahCSA_EnUAL-LROdBSrU5pmNuev0Bq1NvnAtFTXX9Z1OirN_I_aNmAxYlmATtCXluw_SwLBr0_tfSnjyWxl5iZ5p-UU-7Cmtdw-NgaXHfjFtBk3PPPCQuQ6JSC6yx0DvIWfsbVUDqkmK0aWf7dYmTRZIwXZV3KE3DOABSdgB042HvDdqn6ZYobLvKCLcC6feZEf3FOlAvYnFNisvBc7670RbY2ABvnEndus88zewwGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYwdXI0M-rgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3O8J_IwTbI3GueqlCiVCuHUfW8aQ%26client%3Dca-pub-4766656075352824%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 83b4791d5f736ab8-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Mon, 25 Dec 2023 22:20:45 GMT
expires: 0
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy: accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame 463E 9 KB
4 KB 50ms
50ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=23576%2C19769%2C117569&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C2xqt6fRQfDrbSVHWHkt8txZPcWT7TEYcg%2CApEhYf9mueRQdhAHRH4tkt3D6c7T4T1Ec9&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2C4BxHEf1Ks2P6fGH9HdtzCmwPFZTpTjRHK%2CMYrCzfjQsGkwrSWHEHGtQCDkPF9T4T2gu3&c=160&d=600&e=&g=fd6a778f4513854fe340d159e26cabb6%2F3458388430406827594&i=20774%2C21630%2C29981&j=14%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1703542844976&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jhd3rxctb8rajr4zmw4ag16y2eymeyqhvgyhcc2jtnhpnc216901vyvh4sr3wrdjmr89s9bj2024nbk7jtfeemt1bz2k5t9y3mbnq25zczf42gv10c6ef6709mraby08hbkst6hyec3eemmnpnt8bkv14cgfkaxm4dw7z450j1pqh72bg1verg3pw87nzt3a808vjs76sfmeq44497vacyrg5ytn3qcx2csbgve847264hbvqb8nc0zyvzkvnz70n59cmrj8xc019k2angg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCiU42OwCKZZehOJz3mLAP59itmA6Q4YGEXLaoworwAsCNtwEQASAAYJWCgICoB4IBF2NhLXB1Yi00NzY2NjU2MDc1MzUyODI0yAEJqQIRY4ZOUXiyPqgDAcgDAqoEmgJP0FvycjXe_1kHWtTjnYzqJVCrL7kx4yJ1nz6rFPReUkBkYz2zeBkzLjJsWJZ5Alcq3gOhWHpRFnpBnjLbSUI_n6puaG8zbdqUwFdx6u5okiXjrpFKatyooi9ZzEBaPEYmBgxw8dAvoWl2uqmNPfDyXbswgNfDNe_qZOWW9jJbzDoNY7-FHLNAGjz3E2Zp9zB3b0u4GvxGZFQnuonsUdnL5cCs1oWGnKFuljvPUkUFSPD-qZKriQEcsJzTCOzTSutUGMadUJNSmM1qNC8N4TopYV4abgAc-u7QmqGj_R_DzkWQtg_TTLMBEbuTLJ8qAdjGxd5W7WV-kQ-Q9-8fh4tEgum0fr9r0GG5xQWrJvLy5Y80gHa4DklJhlSABujT1d-Jy93T1gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYwdXI0M-rgwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_15sxHpokwjHNY7Qy8d3lcCdRcVUA%2526client%253Dca-pub-4766656075352824%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

964c7e045b37a35d13a756fc8cb33f07083738d1487b637e6af39681b232f17e

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src ;connect-src https:;default-src 'self';font-src ;form-action 'none';frame-src ;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src 'unsafe-inline'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1g4r0eb7vebnwvddsfz11p6mdym2wfnyw5pvwd6wb2x8jj18d66edn134k5ay006gcsx2yvnzwt8y3p6g2c0aw98p3h9aw17hqz30k9q5nt995ds8aj0xqvwbnx4s34bqvgwxgkc1tym2fag57yjczsbys4cqwsen63pfm2dn85bwp623exgm2rt6em2dpz1rj4j0633ntdckbvpsf4zqsje66bthsvbtrfa3gd7m4aqhx3ptwem71e1tv3a1ntgsx1t6jv8b22eh2853rmvd6ycqcstcp89wytmc34jbdm8h6c47bwc464fnxjc4fprfhyhcfnpg7tqnj0krsj4qpg3zd55z57dhnpwsv7gva181z6s9j49ds430546srdc1c4cesezkhv9ff2ahqbw0x5serrqagr5403gjsvt2zsk80s1hxtk2&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCiU42OwCKZZehOJz3mLAP59itmA6Q4YGEXLaoworwAsCNtwEQASAAYJWCgICoB4IBF2NhLXB1Yi00NzY2NjU2MDc1MzUyODI0yAEJqQIRY4ZOUXiyPqgDAcgDAqoEmgJP0FvycjXe_1kHWtTjnYzqJVCrL7kx4yJ1nz6rFPReUkBkYz2zeBkzLjJsWJZ5Alcq3gOhWHpRFnpBnjLbSUI_n6puaG8zbdqUwFdx6u5okiXjrpFKatyooi9ZzEBaPEYmBgxw8dAvoWl2uqmNPfDyXbswgNfDNe_qZOWW9jJbzDoNY7-FHLNAGjz3E2Zp9zB3b0u4GvxGZFQnuonsUdnL5cCs1oWGnKFuljvPUkUFSPD-qZKriQEcsJzTCOzTSutUGMadUJNSmM1qNC8N4TopYV4abgAc-u7QmqGj_R_DzkWQtg_TTLMBEbuTLJ8qAdjGxd5W7WV-kQ-Q9-8fh4tEgum0fr9r0GG5xQWrJvLy5Y80gHa4DklJhlSABujT1d-Jy93T1gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYwdXI0M-rgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_15sxHpokwjHNY7Qy8d3lcCdRcVUA%26client%3Dca-pub-4766656075352824%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 83b4791d6f7d6ab8-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Mon, 25 Dec 2023 22:20:45 GMT
expires: 0
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy: accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.50/one-ad/ Frame 0B2F 115 KB
14 KB 37ms
37ms Stylesheet
text/css 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=29002%2C12798%2C685&b=ZxqHwfBfMzDtmHDHDt3t6R4T6SXTQRBuY51p%2C13mUbfKf2Ama9HdH9tAt2zmS2SKTGRWHx7dr%2CYxRHrf3fkXaVH9HetQteg5ukS1Td9rF1Z6q&f=9jbSMfmfGdBtKHBH2tzCVWAc9SmTzPMfrbJW%2CwAjudfjfZk3SEHRH2tEC4m9hzSATmrZTKJQ1%2Cq42umfWfAzSZHgHDtRCwrdHeSgTJD5sq4xM&c=160&d=600&e=&g=ad49ec425c77567d218294f6c6deb45b%2F12333126316468682968&i=25052%2C20363%2C17908&j=16%2C24%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1703542844967&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kpy3qjbwa1c9saak788yr6zxv5htqmja5m60wdjwpb35karbkm59dsj3g5q8vm596xxhr59zbyt937basgbwrvb3fgrvgnmxe0s6p4b6rasn7hxcng76q97pyqezbvdasas5kck4xjjjzt70jg74441d3yzwnpkrjxdvr115wbwry9brcwya94mctjyzspreq27tpp02vw4hpzrb54395v9ce5ekm8zm44yghpjaxg7r5rb5ph5g7fp1mkep4jtwkk5ed3ckncd54nasn2xx8vk%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCJfYPOwCKZZahOJz3mLAP59itmA6Q4YGEXLaoworwAsCNtwEQASAAYJWCgICoB4IBF2NhLXB1Yi00NzY2NjU2MDc1MzUyODI0yAEJqQIRY4ZOUXiyPqgDAcgDAqoEmgJP0PeFROxOycK6Lmg_9VNKzI37mkkFnPw5tkewQEqCTQB5-yOt_KniiqJUPQZQKHNkCw_xiMre7MYeDTVgTviyGvfhGj0GqeAWCJ5PhftflEDoaxIo4sK6wmUXsJb-HXxXSQw-ozGRHi-iE4MGgWg4BdZLsdAXvahCSA_EnUAL-LROdBSrU5pmNuev0Bq1NvnAtFTXX9Z1OirN_I_aNmAxYlmATtCXluw_SwLBr0_tfSnjyWxl5iZ5p-UU-7Cmtdw-NgaXHfjFtBk3PPPCQuQ6JSC6yx0DvIWfsbVUDqkmK0aWf7dYmTRZIwXZV3KE3DOABSdgB042HvDdqn6ZYobLvKCLcC6feZEf3FOlAvYnFNisvBc7670RbY2ABvnEndus88zewwGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYwdXI0M-rgwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3O8J_IwTbI3GueqlCiVCuHUfW8aQ%2526client%253Dca-pub-4766656075352824%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=29002%2C12798%2C685&b=ZxqHwfBfMzDtmHDHDt3t6R4T6SXTQRBuY51p%2C13mUbfKf2Ama9HdH9tAt2zmS2SKTGRWHx7dr%2CYxRHrf3fkXaVH9HetQteg5ukS1Td9rF1Z6q&f=9jbSMfmfGdBtKHBH2tzCVWAc9SmTzPMfrbJW%2CwAjudfjfZk3SEHRH2tEC4m9hzSATmrZTKJQ1%2Cq42umfWfAzSZHgHDtRCwrdHeSgTJD5sq4xM&c=160&d=600&e=&g=ad49ec425c77567d218294f6c6deb45b%2F12333126316468682968&i=25052%2C20363%2C17908&j=16%2C24%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1703542844967&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kpy3qjbwa1c9saak788yr6zxv5htqmja5m60wdjwpb35karbkm59dsj3g5q8vm596xxhr59zbyt937basgbwrvb3fgrvgnmxe0s6p4b6rasn7hxcng76q97pyqezbvdasas5kck4xjjjzt70jg74441d3yzwnpkrjxdvr115wbwry9brcwya94mctjyzspreq27tpp02vw4hpzrb54395v9ce5ekm8zm44yghpjaxg7r5rb5ph5g7fp1mkep4jtwkk5ed3ckncd54nasn2xx8vk%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCJfYPOwCKZZahOJz3mLAP59itmA6Q4YGEXLaoworwAsCNtwEQASAAYJWCgICoB4IBF2NhLXB1Yi00NzY2NjU2MDc1MzUyODI0yAEJqQIRY4ZOUXiyPqgDAcgDAqoEmgJP0PeFROxOycK6Lmg_9VNKzI37mkkFnPw5tkewQEqCTQB5-yOt_KniiqJUPQZQKHNkCw_xiMre7MYeDTVgTviyGvfhGj0GqeAWCJ5PhftflEDoaxIo4sK6wmUXsJb-HXxXSQw-ozGRHi-iE4MGgWg4BdZLsdAXvahCSA_EnUAL-LROdBSrU5pmNuev0Bq1NvnAtFTXX9Z1OirN_I_aNmAxYlmATtCXluw_SwLBr0_tfSnjyWxl5iZ5p-UU-7Cmtdw-NgaXHfjFtBk3PPPCQuQ6JSC6yx0DvIWfsbVUDqkmK0aWf7dYmTRZIwXZV3KE3DOABSdgB042HvDdqn6ZYobLvKCLcC6feZEf3FOlAvYnFNisvBc7670RbY2ABvnEndus88zewwGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYwdXI0M-rgwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3O8J_IwTbI3GueqlCiVCuHUfW8aQ%2526client%253Dca-pub-4766656075352824%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 22:20:45 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2313043
cf-polished: origSize=118430
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 02 Nov 2023 10:26:17 GMT
server: cloudflare
etag: W/"486507ccce9ac587d11c0ef3f32a109a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V4%2FtBd0AluGAfeXqWOPTwgOsoZIIgaN5mYPmpnJZhuT8WOcZ7aBRvuz6XMCxFqdV6CkHo7Ft1MDNOJ%2FIz28eQJYslLFuo4dlu0bA9TNiwLMoFPkx5WtbL32UoPQORrO1wPJ6GuvTNA8%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=86400
cf-ray: 83b4791dafba6ab8-FRA
expires: Tue, 26 Dec 2023 22:20:45 GMT

GET
H3 200 7DC86BB3A0677D1A111CF2F02BF20FC822723E084233C66D05A3D22F9BFF9CBFABB3E42ACE676F78BB64730FEC16E4997CC372D96DF4EFE43050DA28B276D6EA
assets.ad4m.at/logo/ Frame 0B2F 7 KB
7 KB 59ms
59ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/7DC86BB3A0677D1A111CF2F02BF20FC822723E084233C66D05A3D22F9BFF9CBFABB3E42ACE676F78BB64730FEC16E4997CC372D96DF4EFE43050DA28B276D6EA
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=29002%2C12798%2C685&b=ZxqHwfBfMzDtmHDHDt3t6R4T6SXTQRBuY51p%2C13mUbfKf2Ama9HdH9tAt2zmS2SKTGRWHx7dr%2CYxRHrf3fkXaVH9HetQteg5ukS1Td9rF1Z6q&f=9jbSMfmfGdBtKHBH2tzCVWAc9SmTzPMfrbJW%2CwAjudfjfZk3SEHRH2tEC4m9hzSATmrZTKJQ1%2Cq42umfWfAzSZHgHDtRCwrdHeSgTJD5sq4xM&c=160&d=600&e=&g=ad49ec425c77567d218294f6c6deb45b%2F12333126316468682968&i=25052%2C20363%2C17908&j=16%2C24%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1703542844967&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kpy3qjbwa1c9saak788yr6zxv5htqmja5m60wdjwpb35karbkm59dsj3g5q8vm596xxhr59zbyt937basgbwrvb3fgrvgnmxe0s6p4b6rasn7hxcng76q97pyqezbvdasas5kck4xjjjzt70jg74441d3yzwnpkrjxdvr115wbwry9brcwya94mctjyzspreq27tpp02vw4hpzrb54395v9ce5ekm8zm44yghpjaxg7r5rb5ph5g7fp1mkep4jtwkk5ed3ckncd54nasn2xx8vk%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCJfYPOwCKZZahOJz3mLAP59itmA6Q4YGEXLaoworwAsCNtwEQASAAYJWCgICoB4IBF2NhLXB1Yi00NzY2NjU2MDc1MzUyODI0yAEJqQIRY4ZOUXiyPqgDAcgDAqoEmgJP0PeFROxOycK6Lmg_9VNKzI37mkkFnPw5tkewQEqCTQB5-yOt_KniiqJUPQZQKHNkCw_xiMre7MYeDTVgTviyGvfhGj0GqeAWCJ5PhftflEDoaxIo4sK6wmUXsJb-HXxXSQw-ozGRHi-iE4MGgWg4BdZLsdAXvahCSA_EnUAL-LROdBSrU5pmNuev0Bq1NvnAtFTXX9Z1OirN_I_aNmAxYlmATtCXluw_SwLBr0_tfSnjyWxl5iZ5p-UU-7Cmtdw-NgaXHfjFtBk3PPPCQuQ6JSC6yx0DvIWfsbVUDqkmK0aWf7dYmTRZIwXZV3KE3DOABSdgB042HvDdqn6ZYobLvKCLcC6feZEf3FOlAvYnFNisvBc7670RbY2ABvnEndus88zewwGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYwdXI0M-rgwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3O8J_IwTbI3GueqlCiVCuHUfW8aQ%2526client%253Dca-pub-4766656075352824%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 80e7bfe2aaa1b8be1ff5792cf190eb4b9e7d922240eea9ccc0a835b2bbde9f56

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 22:20:45 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 437391
cf-polished: qual=85, origFmt=jpeg, origSize=20298
alt-svc: h3=":443"; ma=86400
content-length: 6740
cf-bgj: imgq:85,h2pri
last-modified: Thu, 12 Oct 2023 15:49:29 GMT
server: cloudflare
etag: "dcdbfc63ef930c205a6c8ec70a6f5e71"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sFK1GdvfKoeCvkEkckW0KBpWsser7NQqyVW3H1t%2BNfyFHqdb3UgpyuYvX2iifa6SJnqYsVkKTSuCvtqZ9Y4aKiBZocnFlh2XQ9gXB3whcxs96IUaYEKwDwaQ8RuBp4%2Bo9MOMfbPRVhFnkCKw"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 83b4791dafbb6ab8-FRA

GET
H3 200 EEACCF1387D6770984DA8E61AC19B9B106EFAB433C9BC99F272CCDE7F6C5F6963A2BD7EDCA944083C5D1FA54EA7EB69DFB75D9EFC064FB7CC124FCCC8412C2AC
assets.ad4m.at/product_image/ Frame 0B2F 26 KB
27 KB 40ms
40ms Image
image/jpeg 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/EEACCF1387D6770984DA8E61AC19B9B106EFAB433C9BC99F272CCDE7F6C5F6963A2BD7EDCA944083C5D1FA54EA7EB69DFB75D9EFC064FB7CC124FCCC8412C2AC
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=29002%2C12798%2C685&b=ZxqHwfBfMzDtmHDHDt3t6R4T6SXTQRBuY51p%2C13mUbfKf2Ama9HdH9tAt2zmS2SKTGRWHx7dr%2CYxRHrf3fkXaVH9HetQteg5ukS1Td9rF1Z6q&f=9jbSMfmfGdBtKHBH2tzCVWAc9SmTzPMfrbJW%2CwAjudfjfZk3SEHRH2tEC4m9hzSATmrZTKJQ1%2Cq42umfWfAzSZHgHDtRCwrdHeSgTJD5sq4xM&c=160&d=600&e=&g=ad49ec425c77567d218294f6c6deb45b%2F12333126316468682968&i=25052%2C20363%2C17908&j=16%2C24%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1703542844967&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kpy3qjbwa1c9saak788yr6zxv5htqmja5m60wdjwpb35karbkm59dsj3g5q8vm596xxhr59zbyt937basgbwrvb3fgrvgnmxe0s6p4b6rasn7hxcng76q97pyqezbvdasas5kck4xjjjzt70jg74441d3yzwnpkrjxdvr115wbwry9brcwya94mctjyzspreq27tpp02vw4hpzrb54395v9ce5ekm8zm44yghpjaxg7r5rb5ph5g7fp1mkep4jtwkk5ed3ckncd54nasn2xx8vk%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCJfYPOwCKZZahOJz3mLAP59itmA6Q4YGEXLaoworwAsCNtwEQASAAYJWCgICoB4IBF2NhLXB1Yi00NzY2NjU2MDc1MzUyODI0yAEJqQIRY4ZOUXiyPqgDAcgDAqoEmgJP0PeFROxOycK6Lmg_9VNKzI37mkkFnPw5tkewQEqCTQB5-yOt_KniiqJUPQZQKHNkCw_xiMre7MYeDTVgTviyGvfhGj0GqeAWCJ5PhftflEDoaxIo4sK6wmUXsJb-HXxXSQw-ozGRHi-iE4MGgWg4BdZLsdAXvahCSA_EnUAL-LROdBSrU5pmNuev0Bq1NvnAtFTXX9Z1OirN_I_aNmAxYlmATtCXluw_SwLBr0_tfSnjyWxl5iZ5p-UU-7Cmtdw-NgaXHfjFtBk3PPPCQuQ6JSC6yx0DvIWfsbVUDqkmK0aWf7dYmTRZIwXZV3KE3DOABSdgB042HvDdqn6ZYobLvKCLcC6feZEf3FOlAvYnFNisvBc7670RbY2ABvnEndus88zewwGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYwdXI0M-rgwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3O8J_IwTbI3GueqlCiVCuHUfW8aQ%2526client%253Dca-pub-4766656075352824%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c50cef0534fcc9f901046ad6c0dffe00209ffbe4319e019fb960a262a6b2ec71

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 22:20:45 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2389127
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400
content-length: 26621
cf-bgj: imgq:85,h2pri
last-modified: Thu, 09 Nov 2023 09:09:50 GMT
server: cloudflare
etag: "0a62ebe3b3faad549be8ad7d4386119f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yZkaWtOZ9hApm7r6Sv6dVjjm83rh8exxO9y9ctkF6%2BkNhQ9NWaBP2I%2FK0FYWcLq0FJji9iWZpCW5yfwjUFmAewwlkQTHwjjJFbBfvFZKYecQ6lYzJZhrR8ujsXKuGCvu3bl5a6zztzQLvlT2"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 83b4791dafbd6ab8-FRA

GET
H2

200

/
pvx.freenet-mobilfunk.de/ Frame 0B2F
Redirect Chain

https://www.awin1.com/cshow.php?s=2524318&v=11420&q=392147&r=412871&pv=1&pref3=oneidZxqHwfBfMzDtmHDHDt3t6R4T6SXTQRBuY51poneid__suite_Netmix_Reach118_EXTRAPUSH&gdpr_consent=&gdpr=0&gdpr_pd=0
https://pvx.freenet-mobilfunk.de/?vp_nummer=41006061&subvpid=412871&eventid=11420_412871_1703542845_d8eecfc0-a373-11ee-bd07-2236e1f32b64

43 B
1 KB

112ms
42ms

Image
image/gif

2606:4700:4400::6812:20ce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pvx.freenet-mobilfunk.de/?vp_nummer=41006061&subvpid=412871&eventid=11420_412871_1703542845_d8eecfc0-a373-11ee-bd07-2236e1f32b64

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=29002%2C12798%2C685&b=ZxqHwfBfMzDtmHDHDt3t6R4T6SXTQRBuY51p%2C13mUbfKf2Ama9HdH9tAt2zmS2SKTGRWHx7dr%2CYxRHrf3fkXaVH9HetQteg5ukS1Td9rF1Z6q&f=9jbSMfmfGdBtKHBH2tzCVWAc9SmTzPMfrbJW%2CwAjudfjfZk3SEHRH2tEC4m9hzSATmrZTKJQ1%2Cq42umfWfAzSZHgHDtRCwrdHeSgTJD5sq4xM&c=160&d=600&e=&g=ad49ec425c77567d218294f6c6deb45b%2F12333126316468682968&i=25052%2C20363%2C17908&j=16%2C24%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1703542844967&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kpy3qjbwa1c9saak788yr6zxv5htqmja5m60wdjwpb35karbkm59dsj3g5q8vm596xxhr59zbyt937basgbwrvb3fgrvgnmxe0s6p4b6rasn7hxcng76q97pyqezbvdasas5kck4xjjjzt70jg74441d3yzwnpkrjxdvr115wbwry9brcwya94mctjyzspreq27tpp02vw4hpzrb54395v9ce5ekm8zm44yghpjaxg7r5rb5ph5g7fp1mkep4jtwkk5ed3ckncd54nasn2xx8vk%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCJfYPOwCKZZahOJz3mLAP59itmA6Q4YGEXLaoworwAsCNtwEQASAAYJWCgICoB4IBF2NhLXB1Yi00NzY2NjU2MDc1MzUyODI0yAEJqQIRY4ZOUXiyPqgDAcgDAqoEmgJP0PeFROxOycK6Lmg_9VNKzI37mkkFnPw5tkewQEqCTQB5-yOt_KniiqJUPQZQKHNkCw_xiMre7MYeDTVgTviyGvfhGj0GqeAWCJ5PhftflEDoaxIo4sK6wmUXsJb-HXxXSQw-ozGRHi-iE4MGgWg4BdZLsdAXvahCSA_EnUAL-LROdBSrU5pmNuev0Bq1NvnAtFTXX9Z1OirN_I_aNmAxYlmATtCXluw_SwLBr0_tfSnjyWxl5iZ5p-UU-7Cmtdw-NgaXHfjFtBk3PPPCQuQ6JSC6yx0DvIWfsbVUDqkmK0aWf7dYmTRZIwXZV3KE3DOABSdgB042HvDdqn6ZYobLvKCLcC6feZEf3FOlAvYnFNisvBc7670RbY2ABvnEndus88zewwGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYwdXI0M-rgwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3O8J_IwTbI3GueqlCiVCuHUfW8aQ%2526client%253Dca-pub-4766656075352824%2526adurl%253D&y=1&s=&z=0

Protocol

Server

2606:4700:4400::6812:20ce , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3331a0486cb3e8a75c8c2fdf02bf80fd8fe2b811dfe5c7b4aa892d38bfcf604a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' http: https: data: blob: 'unsafe-inline'
Strict-Transport-Security	max-age=31536001; includeSubDomains; preload;, max-age=31536000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 22:20:45 GMT
content-security-policy: default-src 'self' http: https: data: blob: 'unsafe-inline'
strict-transport-security: max-age=31536001; includeSubDomains; preload;, max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
x-frame-options: SAMEORIGIN
content-type: image/gif
p3p: CP="ALL CUR DEV PSA OUR IND STA"
cf-ray: 83b4791ec87d3605-FRA
x-xss-protection: 1; mode=block

Redirect headers

Date: Mon, 25 Dec 2023 22:20:45 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location: https://pvx.freenet-mobilfunk.de/?vp_nummer=41006061&subvpid=412871&eventid=11420_412871_1703542845_d8eecfc0-a373-11ee-bd07-2236e1f32b64
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 0

GET
H3 200 CE6834AD498963D86DCF81CEFC3C8B2F207262F71B4D750782ACC1A1406885822D68122DFB2A560E5E701C233F87E8D5DDF70708DEEF423D7ACE0B4A3456D62C
assets.ad4m.at/logo/ Frame 0B2F 19 KB
20 KB 34ms
33ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/CE6834AD498963D86DCF81CEFC3C8B2F207262F71B4D750782ACC1A1406885822D68122DFB2A560E5E701C233F87E8D5DDF70708DEEF423D7ACE0B4A3456D62C
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=29002%2C12798%2C685&b=ZxqHwfBfMzDtmHDHDt3t6R4T6SXTQRBuY51p%2C13mUbfKf2Ama9HdH9tAt2zmS2SKTGRWHx7dr%2CYxRHrf3fkXaVH9HetQteg5ukS1Td9rF1Z6q&f=9jbSMfmfGdBtKHBH2tzCVWAc9SmTzPMfrbJW%2CwAjudfjfZk3SEHRH2tEC4m9hzSATmrZTKJQ1%2Cq42umfWfAzSZHgHDtRCwrdHeSgTJD5sq4xM&c=160&d=600&e=&g=ad49ec425c77567d218294f6c6deb45b%2F12333126316468682968&i=25052%2C20363%2C17908&j=16%2C24%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1703542844967&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kpy3qjbwa1c9saak788yr6zxv5htqmja5m60wdjwpb35karbkm59dsj3g5q8vm596xxhr59zbyt937basgbwrvb3fgrvgnmxe0s6p4b6rasn7hxcng76q97pyqezbvdasas5kck4xjjjzt70jg74441d3yzwnpkrjxdvr115wbwry9brcwya94mctjyzspreq27tpp02vw4hpzrb54395v9ce5ekm8zm44yghpjaxg7r5rb5ph5g7fp1mkep4jtwkk5ed3ckncd54nasn2xx8vk%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCJfYPOwCKZZahOJz3mLAP59itmA6Q4YGEXLaoworwAsCNtwEQASAAYJWCgICoB4IBF2NhLXB1Yi00NzY2NjU2MDc1MzUyODI0yAEJqQIRY4ZOUXiyPqgDAcgDAqoEmgJP0PeFROxOycK6Lmg_9VNKzI37mkkFnPw5tkewQEqCTQB5-yOt_KniiqJUPQZQKHNkCw_xiMre7MYeDTVgTviyGvfhGj0GqeAWCJ5PhftflEDoaxIo4sK6wmUXsJb-HXxXSQw-ozGRHi-iE4MGgWg4BdZLsdAXvahCSA_EnUAL-LROdBSrU5pmNuev0Bq1NvnAtFTXX9Z1OirN_I_aNmAxYlmATtCXluw_SwLBr0_tfSnjyWxl5iZ5p-UU-7Cmtdw-NgaXHfjFtBk3PPPCQuQ6JSC6yx0DvIWfsbVUDqkmK0aWf7dYmTRZIwXZV3KE3DOABSdgB042HvDdqn6ZYobLvKCLcC6feZEf3FOlAvYnFNisvBc7670RbY2ABvnEndus88zewwGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYwdXI0M-rgwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3O8J_IwTbI3GueqlCiVCuHUfW8aQ%2526client%253Dca-pub-4766656075352824%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0608f1a7ef6606a2cfffc069a4dbfac115530a028c34f41fdee74025a8e041ee

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 22:20:45 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 440900
cf-polished: origFmt=png, origSize=22787
alt-svc: h3=":443"; ma=86400
content-length: 19466
cf-bgj: imgq:85,h2pri
last-modified: Fri, 03 Nov 2023 22:10:05 GMT
server: cloudflare
etag: "4b9704be0737f6ef5c79d5399f862263"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oQGHD0%2FxVXRDQkVB%2FyjSea3iv%2FiINPk9qOWEcimc9im8tzhf%2F6jSvRgLON6b7gmbMGzrTLBM3T2cfW26xYsoY9kHYJBaQBn7uiiVSPFWR%2BnATCh8Npcb0gIihJTiMrIkRvTbZAGQfg0AKOsD"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 83b4791dafbf6ab8-FRA

GET
H3 200 4B927AAF30F443F7A88AA5F69050293EE8D5C60E263C40829E029C16040D20F6AE81092D665019CBC0DD839F6AFB90D93F94F73A47C1002601D444B61B1C7967
assets.ad4m.at/ Frame 0B2F 26 KB
26 KB 35ms
34ms Image
image/jpeg 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/4B927AAF30F443F7A88AA5F69050293EE8D5C60E263C40829E029C16040D20F6AE81092D665019CBC0DD839F6AFB90D93F94F73A47C1002601D444B61B1C7967
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=29002%2C12798%2C685&b=ZxqHwfBfMzDtmHDHDt3t6R4T6SXTQRBuY51p%2C13mUbfKf2Ama9HdH9tAt2zmS2SKTGRWHx7dr%2CYxRHrf3fkXaVH9HetQteg5ukS1Td9rF1Z6q&f=9jbSMfmfGdBtKHBH2tzCVWAc9SmTzPMfrbJW%2CwAjudfjfZk3SEHRH2tEC4m9hzSATmrZTKJQ1%2Cq42umfWfAzSZHgHDtRCwrdHeSgTJD5sq4xM&c=160&d=600&e=&g=ad49ec425c77567d218294f6c6deb45b%2F12333126316468682968&i=25052%2C20363%2C17908&j=16%2C24%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1703542844967&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kpy3qjbwa1c9saak788yr6zxv5htqmja5m60wdjwpb35karbkm59dsj3g5q8vm596xxhr59zbyt937basgbwrvb3fgrvgnmxe0s6p4b6rasn7hxcng76q97pyqezbvdasas5kck4xjjjzt70jg74441d3yzwnpkrjxdvr115wbwry9brcwya94mctjyzspreq27tpp02vw4hpzrb54395v9ce5ekm8zm44yghpjaxg7r5rb5ph5g7fp1mkep4jtwkk5ed3ckncd54nasn2xx8vk%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCJfYPOwCKZZahOJz3mLAP59itmA6Q4YGEXLaoworwAsCNtwEQASAAYJWCgICoB4IBF2NhLXB1Yi00NzY2NjU2MDc1MzUyODI0yAEJqQIRY4ZOUXiyPqgDAcgDAqoEmgJP0PeFROxOycK6Lmg_9VNKzI37mkkFnPw5tkewQEqCTQB5-yOt_KniiqJUPQZQKHNkCw_xiMre7MYeDTVgTviyGvfhGj0GqeAWCJ5PhftflEDoaxIo4sK6wmUXsJb-HXxXSQw-ozGRHi-iE4MGgWg4BdZLsdAXvahCSA_EnUAL-LROdBSrU5pmNuev0Bq1NvnAtFTXX9Z1OirN_I_aNmAxYlmATtCXluw_SwLBr0_tfSnjyWxl5iZ5p-UU-7Cmtdw-NgaXHfjFtBk3PPPCQuQ6JSC6yx0DvIWfsbVUDqkmK0aWf7dYmTRZIwXZV3KE3DOABSdgB042HvDdqn6ZYobLvKCLcC6feZEf3FOlAvYnFNisvBc7670RbY2ABvnEndus88zewwGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYwdXI0M-rgwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3O8J_IwTbI3GueqlCiVCuHUfW8aQ%2526client%253Dca-pub-4766656075352824%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6d71589839a8c599416df8aebc6c0f34d4d6e96a960731676b1e5cd5eef54fe5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 22:20:45 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2320583
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400
content-length: 26522
cf-bgj: imgq:85,h2pri
last-modified: Wed, 08 Nov 2023 10:28:58 GMT
server: cloudflare
etag: "bef78ad6301c326a978288acaa808a05"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G7vuKjvqMFyM8DtlovKX3Z5jgmlkjXVXgyRvXQjYABYxygAPztKWk3YjOL3hI4IQJxXIOKkoynFG1Sl9fTOLSK9l4s9JuR%2F5DwmQhYPznvxqpkdov%2BQ0xIMkSiIK5k%2BqWXLhmMc4MHfYx%2FZS"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 83b4791dafc06ab8-FRA

GET
H/1.1 200
OK af4ff75e9ff0f691fd8dd53e639ddaad Show response
netzwerk.uppr.de/trck/epv/ Frame 0B2F 542 B
1 KB 300ms
212ms Script
application/javascript 147.135.143.66
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://netzwerk.uppr.de/trck/epv/af4ff75e9ff0f691fd8dd53e639ddaad?subid=oneid13mUbfKf2Ama9HdH9tAt2zmS2SKTGRWHx7droneid__suite_Netmix_Reach118_EXTRAPUSH&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=29002%2C12798%2C685&b=ZxqHwfBfMzDtmHDHDt3t6R4T6SXTQRBuY51p%2C13mUbfKf2Ama9HdH9tAt2zmS2SKTGRWHx7dr%2CYxRHrf3fkXaVH9HetQteg5ukS1Td9rF1Z6q&f=9jbSMfmfGdBtKHBH2tzCVWAc9SmTzPMfrbJW%2CwAjudfjfZk3SEHRH2tEC4m9hzSATmrZTKJQ1%2Cq42umfWfAzSZHgHDtRCwrdHeSgTJD5sq4xM&c=160&d=600&e=&g=ad49ec425c77567d218294f6c6deb45b%2F12333126316468682968&i=25052%2C20363%2C17908&j=16%2C24%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1703542844967&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kpy3qjbwa1c9saak788yr6zxv5htqmja5m60wdjwpb35karbkm59dsj3g5q8vm596xxhr59zbyt937basgbwrvb3fgrvgnmxe0s6p4b6rasn7hxcng76q97pyqezbvdasas5kck4xjjjzt70jg74441d3yzwnpkrjxdvr115wbwry9brcwya94mctjyzspreq27tpp02vw4hpzrb54395v9ce5ekm8zm44yghpjaxg7r5rb5ph5g7fp1mkep4jtwkk5ed3ckncd54nasn2xx8vk%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCJfYPOwCKZZahOJz3mLAP59itmA6Q4YGEXLaoworwAsCNtwEQASAAYJWCgICoB4IBF2NhLXB1Yi00NzY2NjU2MDc1MzUyODI0yAEJqQIRY4ZOUXiyPqgDAcgDAqoEmgJP0PeFROxOycK6Lmg_9VNKzI37mkkFnPw5tkewQEqCTQB5-yOt_KniiqJUPQZQKHNkCw_xiMre7MYeDTVgTviyGvfhGj0GqeAWCJ5PhftflEDoaxIo4sK6wmUXsJb-HXxXSQw-ozGRHi-iE4MGgWg4BdZLsdAXvahCSA_EnUAL-LROdBSrU5pmNuev0Bq1NvnAtFTXX9Z1OirN_I_aNmAxYlmATtCXluw_SwLBr0_tfSnjyWxl5iZ5p-UU-7Cmtdw-NgaXHfjFtBk3PPPCQuQ6JSC6yx0DvIWfsbVUDqkmK0aWf7dYmTRZIwXZV3KE3DOABSdgB042HvDdqn6ZYobLvKCLcC6feZEf3FOlAvYnFNisvBc7670RbY2ABvnEndus88zewwGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYwdXI0M-rgwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3O8J_IwTbI3GueqlCiVCuHUfW8aQ%2526client%253Dca-pub-4766656075352824%2526adurl%253D&y=1&s=&z=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 147.135.143.66 Montpellier, France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: b1d5b7211274e16d866cfb3b9bbeba89585e26a7ca57e91646458f2b46cb7d23

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 22:20:45 GMT
attribution-reporting-register-source: {"source_event_id":"12200505250107494","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
server: nginx
x-iplb-request-id: D972D783:E580_93878F42:01BB_658A003D_33E277:0D2E
x-iplb-instance: 54144
vary: Origin
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: X-Request-ID
access-control-allow-credentials: true
x-https-header: 1
content-length: 542

GET
H3 200 79FC682F1964A9878E60B32706C7794D93D692CA8BFD59E3B082D848C1AEEE8C94EBD4285B7A9DB6401B80DA69AA3B610BDCA688C20A46BC7F7BB6E193F8BAC5
assets.ad4m.at/logo/ Frame 0B2F 40 KB
41 KB 37ms
36ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/79FC682F1964A9878E60B32706C7794D93D692CA8BFD59E3B082D848C1AEEE8C94EBD4285B7A9DB6401B80DA69AA3B610BDCA688C20A46BC7F7BB6E193F8BAC5
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=29002%2C12798%2C685&b=ZxqHwfBfMzDtmHDHDt3t6R4T6SXTQRBuY51p%2C13mUbfKf2Ama9HdH9tAt2zmS2SKTGRWHx7dr%2CYxRHrf3fkXaVH9HetQteg5ukS1Td9rF1Z6q&f=9jbSMfmfGdBtKHBH2tzCVWAc9SmTzPMfrbJW%2CwAjudfjfZk3SEHRH2tEC4m9hzSATmrZTKJQ1%2Cq42umfWfAzSZHgHDtRCwrdHeSgTJD5sq4xM&c=160&d=600&e=&g=ad49ec425c77567d218294f6c6deb45b%2F12333126316468682968&i=25052%2C20363%2C17908&j=16%2C24%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1703542844967&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kpy3qjbwa1c9saak788yr6zxv5htqmja5m60wdjwpb35karbkm59dsj3g5q8vm596xxhr59zbyt937basgbwrvb3fgrvgnmxe0s6p4b6rasn7hxcng76q97pyqezbvdasas5kck4xjjjzt70jg74441d3yzwnpkrjxdvr115wbwry9brcwya94mctjyzspreq27tpp02vw4hpzrb54395v9ce5ekm8zm44yghpjaxg7r5rb5ph5g7fp1mkep4jtwkk5ed3ckncd54nasn2xx8vk%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCJfYPOwCKZZahOJz3mLAP59itmA6Q4YGEXLaoworwAsCNtwEQASAAYJWCgICoB4IBF2NhLXB1Yi00NzY2NjU2MDc1MzUyODI0yAEJqQIRY4ZOUXiyPqgDAcgDAqoEmgJP0PeFROxOycK6Lmg_9VNKzI37mkkFnPw5tkewQEqCTQB5-yOt_KniiqJUPQZQKHNkCw_xiMre7MYeDTVgTviyGvfhGj0GqeAWCJ5PhftflEDoaxIo4sK6wmUXsJb-HXxXSQw-ozGRHi-iE4MGgWg4BdZLsdAXvahCSA_EnUAL-LROdBSrU5pmNuev0Bq1NvnAtFTXX9Z1OirN_I_aNmAxYlmATtCXluw_SwLBr0_tfSnjyWxl5iZ5p-UU-7Cmtdw-NgaXHfjFtBk3PPPCQuQ6JSC6yx0DvIWfsbVUDqkmK0aWf7dYmTRZIwXZV3KE3DOABSdgB042HvDdqn6ZYobLvKCLcC6feZEf3FOlAvYnFNisvBc7670RbY2ABvnEndus88zewwGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYwdXI0M-rgwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3O8J_IwTbI3GueqlCiVCuHUfW8aQ%2526client%253Dca-pub-4766656075352824%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b3222bfa95a46c6088aadf2d56df60205dc04d967114a8d3c0e530152bff291a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 22:20:45 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 435191
cf-polished: origFmt=png, origSize=64298
alt-svc: h3=":443"; ma=86400
content-length: 41368
cf-bgj: imgq:85,h2pri
last-modified: Thu, 12 Oct 2023 15:49:16 GMT
server: cloudflare
etag: "022fde674f8244bd6ea8e277931701d1"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FP6lORTNca9zt78iu9MpDxugBBNiV3ZRZqSkoRXG7IBPEALrzAgzccc6%2Fja5q8JgVajgquAW1BcBCOon%2FXAqfR4xTIwHhX95%2Bp95ZDp8pypwkDoLBDbPCiMQlU8q3cGb6qRaD%2FzsE9j6xusN"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 83b4791dafc26ab8-FRA

GET
H3 200 AA411373BF0C7F22839854CD988B15C5F40341A91B9FF5E43891BAA927BE7F66922DB3BBCB899C278DF5E0DDCD58C46383A7881875218F3A38735924199AF8CB
assets.ad4m.at/product_image/ Frame 0B2F 32 KB
32 KB 37ms
37ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/AA411373BF0C7F22839854CD988B15C5F40341A91B9FF5E43891BAA927BE7F66922DB3BBCB899C278DF5E0DDCD58C46383A7881875218F3A38735924199AF8CB
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=29002%2C12798%2C685&b=ZxqHwfBfMzDtmHDHDt3t6R4T6SXTQRBuY51p%2C13mUbfKf2Ama9HdH9tAt2zmS2SKTGRWHx7dr%2CYxRHrf3fkXaVH9HetQteg5ukS1Td9rF1Z6q&f=9jbSMfmfGdBtKHBH2tzCVWAc9SmTzPMfrbJW%2CwAjudfjfZk3SEHRH2tEC4m9hzSATmrZTKJQ1%2Cq42umfWfAzSZHgHDtRCwrdHeSgTJD5sq4xM&c=160&d=600&e=&g=ad49ec425c77567d218294f6c6deb45b%2F12333126316468682968&i=25052%2C20363%2C17908&j=16%2C24%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1703542844967&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kpy3qjbwa1c9saak788yr6zxv5htqmja5m60wdjwpb35karbkm59dsj3g5q8vm596xxhr59zbyt937basgbwrvb3fgrvgnmxe0s6p4b6rasn7hxcng76q97pyqezbvdasas5kck4xjjjzt70jg74441d3yzwnpkrjxdvr115wbwry9brcwya94mctjyzspreq27tpp02vw4hpzrb54395v9ce5ekm8zm44yghpjaxg7r5rb5ph5g7fp1mkep4jtwkk5ed3ckncd54nasn2xx8vk%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCJfYPOwCKZZahOJz3mLAP59itmA6Q4YGEXLaoworwAsCNtwEQASAAYJWCgICoB4IBF2NhLXB1Yi00NzY2NjU2MDc1MzUyODI0yAEJqQIRY4ZOUXiyPqgDAcgDAqoEmgJP0PeFROxOycK6Lmg_9VNKzI37mkkFnPw5tkewQEqCTQB5-yOt_KniiqJUPQZQKHNkCw_xiMre7MYeDTVgTviyGvfhGj0GqeAWCJ5PhftflEDoaxIo4sK6wmUXsJb-HXxXSQw-ozGRHi-iE4MGgWg4BdZLsdAXvahCSA_EnUAL-LROdBSrU5pmNuev0Bq1NvnAtFTXX9Z1OirN_I_aNmAxYlmATtCXluw_SwLBr0_tfSnjyWxl5iZ5p-UU-7Cmtdw-NgaXHfjFtBk3PPPCQuQ6JSC6yx0DvIWfsbVUDqkmK0aWf7dYmTRZIwXZV3KE3DOABSdgB042HvDdqn6ZYobLvKCLcC6feZEf3FOlAvYnFNisvBc7670RbY2ABvnEndus88zewwGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYwdXI0M-rgwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3O8J_IwTbI3GueqlCiVCuHUfW8aQ%2526client%253Dca-pub-4766656075352824%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4d458a5a8a0a9f0d5b5ac8020f47e4ede140c76b6237318b86a5c3afa38c9ab0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 22:20:45 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 434474
cf-polished: qual=85, origFmt=jpeg, origSize=33392
alt-svc: h3=":443"; ma=86400
content-length: 32534
cf-bgj: imgq:85,h2pri
last-modified: Wed, 08 Nov 2023 12:16:59 GMT
server: cloudflare
etag: "72806258abbb9105087a5fa8e0fc1009"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eqvQ14I0eHT8gMbG3KOTxglLBKXkj5UPHulvKxsZMqfhbYsAkK28yikYO6U2TjvZliM0knrkdo1yek3l5Io7Wkjjkile60PKX0PwAzwHXPtsTrJbygSLo4bfZ6xl4V2tD4LWQ9z39VM7HI1H"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 83b4791dafc36ab8-FRA

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 0B2F 43 B
703 B 104ms
104ms Image
image/gif 104.96.147.178
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2283025&v=11746&q=349594&r=412871&pv=1&pref3=oneidYxRHrf3fkXaVH9HetQteg5ukS1Td9rF1Z6qoneid__suite_Netmix_Reach118_EXTRAPUSH&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.96.147.178 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-96-147-178.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 25 Dec 2023 22:20:45 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.50/one-ad/ Frame 463E 115 KB
14 KB 54ms
53ms Stylesheet
text/css 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C19769%2C117569&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C2xqt6fRQfDrbSVHWHkt8txZPcWT7TEYcg%2CApEhYf9mueRQdhAHRH4tkt3D6c7T4T1Ec9&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2C4BxHEf1Ks2P6fGH9HdtzCmwPFZTpTjRHK%2CMYrCzfjQsGkwrSWHEHGtQCDkPF9T4T2gu3&c=160&d=600&e=&g=fd6a778f4513854fe340d159e26cabb6%2F3458388430406827594&i=20774%2C21630%2C29981&j=14%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1703542844976&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jhd3rxctb8rajr4zmw4ag16y2eymeyqhvgyhcc2jtnhpnc216901vyvh4sr3wrdjmr89s9bj2024nbk7jtfeemt1bz2k5t9y3mbnq25zczf42gv10c6ef6709mraby08hbkst6hyec3eemmnpnt8bkv14cgfkaxm4dw7z450j1pqh72bg1verg3pw87nzt3a808vjs76sfmeq44497vacyrg5ytn3qcx2csbgve847264hbvqb8nc0zyvzkvnz70n59cmrj8xc019k2angg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCiU42OwCKZZehOJz3mLAP59itmA6Q4YGEXLaoworwAsCNtwEQASAAYJWCgICoB4IBF2NhLXB1Yi00NzY2NjU2MDc1MzUyODI0yAEJqQIRY4ZOUXiyPqgDAcgDAqoEmgJP0FvycjXe_1kHWtTjnYzqJVCrL7kx4yJ1nz6rFPReUkBkYz2zeBkzLjJsWJZ5Alcq3gOhWHpRFnpBnjLbSUI_n6puaG8zbdqUwFdx6u5okiXjrpFKatyooi9ZzEBaPEYmBgxw8dAvoWl2uqmNPfDyXbswgNfDNe_qZOWW9jJbzDoNY7-FHLNAGjz3E2Zp9zB3b0u4GvxGZFQnuonsUdnL5cCs1oWGnKFuljvPUkUFSPD-qZKriQEcsJzTCOzTSutUGMadUJNSmM1qNC8N4TopYV4abgAc-u7QmqGj_R_DzkWQtg_TTLMBEbuTLJ8qAdjGxd5W7WV-kQ-Q9-8fh4tEgum0fr9r0GG5xQWrJvLy5Y80gHa4DklJhlSABujT1d-Jy93T1gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYwdXI0M-rgwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_15sxHpokwjHNY7Qy8d3lcCdRcVUA%2526client%253Dca-pub-4766656075352824%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=23576%2C19769%2C117569&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C2xqt6fRQfDrbSVHWHkt8txZPcWT7TEYcg%2CApEhYf9mueRQdhAHRH4tkt3D6c7T4T1Ec9&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2C4BxHEf1Ks2P6fGH9HdtzCmwPFZTpTjRHK%2CMYrCzfjQsGkwrSWHEHGtQCDkPF9T4T2gu3&c=160&d=600&e=&g=fd6a778f4513854fe340d159e26cabb6%2F3458388430406827594&i=20774%2C21630%2C29981&j=14%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1703542844976&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jhd3rxctb8rajr4zmw4ag16y2eymeyqhvgyhcc2jtnhpnc216901vyvh4sr3wrdjmr89s9bj2024nbk7jtfeemt1bz2k5t9y3mbnq25zczf42gv10c6ef6709mraby08hbkst6hyec3eemmnpnt8bkv14cgfkaxm4dw7z450j1pqh72bg1verg3pw87nzt3a808vjs76sfmeq44497vacyrg5ytn3qcx2csbgve847264hbvqb8nc0zyvzkvnz70n59cmrj8xc019k2angg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCiU42OwCKZZehOJz3mLAP59itmA6Q4YGEXLaoworwAsCNtwEQASAAYJWCgICoB4IBF2NhLXB1Yi00NzY2NjU2MDc1MzUyODI0yAEJqQIRY4ZOUXiyPqgDAcgDAqoEmgJP0FvycjXe_1kHWtTjnYzqJVCrL7kx4yJ1nz6rFPReUkBkYz2zeBkzLjJsWJZ5Alcq3gOhWHpRFnpBnjLbSUI_n6puaG8zbdqUwFdx6u5okiXjrpFKatyooi9ZzEBaPEYmBgxw8dAvoWl2uqmNPfDyXbswgNfDNe_qZOWW9jJbzDoNY7-FHLNAGjz3E2Zp9zB3b0u4GvxGZFQnuonsUdnL5cCs1oWGnKFuljvPUkUFSPD-qZKriQEcsJzTCOzTSutUGMadUJNSmM1qNC8N4TopYV4abgAc-u7QmqGj_R_DzkWQtg_TTLMBEbuTLJ8qAdjGxd5W7WV-kQ-Q9-8fh4tEgum0fr9r0GG5xQWrJvLy5Y80gHa4DklJhlSABujT1d-Jy93T1gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYwdXI0M-rgwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_15sxHpokwjHNY7Qy8d3lcCdRcVUA%2526client%253Dca-pub-4766656075352824%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 22:20:45 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2313043
cf-polished: origSize=118430
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 02 Nov 2023 10:26:17 GMT
server: cloudflare
etag: W/"486507ccce9ac587d11c0ef3f32a109a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6wRttXnoj%2Bo7ExzqB3V5LNS1FPCftTRaVr2i0PQeHtNrET9nY0xmA%2BY5%2BJn%2BMMWmmoyi4EU13x4QTAaLehDwtauiN%2BbuiCcnnto4Sv%2BZC09IPm4b9w%2B33ghzwdScEqeM3J5YRbE4CCg%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=86400
cf-ray: 83b4791dbfcb6ab8-FRA
expires: Tue, 26 Dec 2023 22:20:45 GMT

GET
H3 200 D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
assets.ad4m.at/logo/ Frame 463E 8 KB
8 KB 55ms
54ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C19769%2C117569&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C2xqt6fRQfDrbSVHWHkt8txZPcWT7TEYcg%2CApEhYf9mueRQdhAHRH4tkt3D6c7T4T1Ec9&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2C4BxHEf1Ks2P6fGH9HdtzCmwPFZTpTjRHK%2CMYrCzfjQsGkwrSWHEHGtQCDkPF9T4T2gu3&c=160&d=600&e=&g=fd6a778f4513854fe340d159e26cabb6%2F3458388430406827594&i=20774%2C21630%2C29981&j=14%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1703542844976&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jhd3rxctb8rajr4zmw4ag16y2eymeyqhvgyhcc2jtnhpnc216901vyvh4sr3wrdjmr89s9bj2024nbk7jtfeemt1bz2k5t9y3mbnq25zczf42gv10c6ef6709mraby08hbkst6hyec3eemmnpnt8bkv14cgfkaxm4dw7z450j1pqh72bg1verg3pw87nzt3a808vjs76sfmeq44497vacyrg5ytn3qcx2csbgve847264hbvqb8nc0zyvzkvnz70n59cmrj8xc019k2angg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCiU42OwCKZZehOJz3mLAP59itmA6Q4YGEXLaoworwAsCNtwEQASAAYJWCgICoB4IBF2NhLXB1Yi00NzY2NjU2MDc1MzUyODI0yAEJqQIRY4ZOUXiyPqgDAcgDAqoEmgJP0FvycjXe_1kHWtTjnYzqJVCrL7kx4yJ1nz6rFPReUkBkYz2zeBkzLjJsWJZ5Alcq3gOhWHpRFnpBnjLbSUI_n6puaG8zbdqUwFdx6u5okiXjrpFKatyooi9ZzEBaPEYmBgxw8dAvoWl2uqmNPfDyXbswgNfDNe_qZOWW9jJbzDoNY7-FHLNAGjz3E2Zp9zB3b0u4GvxGZFQnuonsUdnL5cCs1oWGnKFuljvPUkUFSPD-qZKriQEcsJzTCOzTSutUGMadUJNSmM1qNC8N4TopYV4abgAc-u7QmqGj_R_DzkWQtg_TTLMBEbuTLJ8qAdjGxd5W7WV-kQ-Q9-8fh4tEgum0fr9r0GG5xQWrJvLy5Y80gHa4DklJhlSABujT1d-Jy93T1gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYwdXI0M-rgwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_15sxHpokwjHNY7Qy8d3lcCdRcVUA%2526client%253Dca-pub-4766656075352824%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4275ee4b58a39dcbd59ebeb2c806cb7afc45bde82e90daf14808b64702ad40b7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 22:20:45 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 429192
cf-polished: qual=85, origFmt=jpeg, origSize=12951
alt-svc: h3=":443"; ma=86400
content-length: 7758
cf-bgj: imgq:85,h2pri
last-modified: Fri, 20 Oct 2023 22:22:01 GMT
server: cloudflare
etag: "12e3523b35b31c7ddfe7c77dcdb14a34"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CCtWK460tJgjRoyCpX5zQWkfTRL9taARR48MFUuqzfazIozsaLq6BoT6CgxdahnbLeUA4ETi8sp93fzqEpFaL3IyV0vG8wXipHIiEHqHJEValJVBlgx6AGlx0o3pEBIDDf5Rd%2F%2FugzG%2FyFoH"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 83b4791dbfcc6ab8-FRA

GET
H3 200 F62A1DE9558535D0FF655677BD09A3CC277ACE3637CF682E0D52C0F5BBA2668E34C6194AEF65CBBC1F6ECA33D1332A3C8BE1215EA4AB0FD0FBE5F5B485AF1875
assets.ad4m.at/product_image/ Frame 463E 20 KB
21 KB 55ms
55ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/F62A1DE9558535D0FF655677BD09A3CC277ACE3637CF682E0D52C0F5BBA2668E34C6194AEF65CBBC1F6ECA33D1332A3C8BE1215EA4AB0FD0FBE5F5B485AF1875
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C19769%2C117569&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C2xqt6fRQfDrbSVHWHkt8txZPcWT7TEYcg%2CApEhYf9mueRQdhAHRH4tkt3D6c7T4T1Ec9&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2C4BxHEf1Ks2P6fGH9HdtzCmwPFZTpTjRHK%2CMYrCzfjQsGkwrSWHEHGtQCDkPF9T4T2gu3&c=160&d=600&e=&g=fd6a778f4513854fe340d159e26cabb6%2F3458388430406827594&i=20774%2C21630%2C29981&j=14%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1703542844976&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jhd3rxctb8rajr4zmw4ag16y2eymeyqhvgyhcc2jtnhpnc216901vyvh4sr3wrdjmr89s9bj2024nbk7jtfeemt1bz2k5t9y3mbnq25zczf42gv10c6ef6709mraby08hbkst6hyec3eemmnpnt8bkv14cgfkaxm4dw7z450j1pqh72bg1verg3pw87nzt3a808vjs76sfmeq44497vacyrg5ytn3qcx2csbgve847264hbvqb8nc0zyvzkvnz70n59cmrj8xc019k2angg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCiU42OwCKZZehOJz3mLAP59itmA6Q4YGEXLaoworwAsCNtwEQASAAYJWCgICoB4IBF2NhLXB1Yi00NzY2NjU2MDc1MzUyODI0yAEJqQIRY4ZOUXiyPqgDAcgDAqoEmgJP0FvycjXe_1kHWtTjnYzqJVCrL7kx4yJ1nz6rFPReUkBkYz2zeBkzLjJsWJZ5Alcq3gOhWHpRFnpBnjLbSUI_n6puaG8zbdqUwFdx6u5okiXjrpFKatyooi9ZzEBaPEYmBgxw8dAvoWl2uqmNPfDyXbswgNfDNe_qZOWW9jJbzDoNY7-FHLNAGjz3E2Zp9zB3b0u4GvxGZFQnuonsUdnL5cCs1oWGnKFuljvPUkUFSPD-qZKriQEcsJzTCOzTSutUGMadUJNSmM1qNC8N4TopYV4abgAc-u7QmqGj_R_DzkWQtg_TTLMBEbuTLJ8qAdjGxd5W7WV-kQ-Q9-8fh4tEgum0fr9r0GG5xQWrJvLy5Y80gHa4DklJhlSABujT1d-Jy93T1gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYwdXI0M-rgwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_15sxHpokwjHNY7Qy8d3lcCdRcVUA%2526client%253Dca-pub-4766656075352824%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8be82f349b2994d7f0ed7fcba5e50ffb8a960f135e513b34730af4578cab9883

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 22:20:45 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 440852
cf-polished: qual=85, origFmt=jpeg, origSize=23329
alt-svc: h3=":443"; ma=86400
content-length: 20802
cf-bgj: imgq:85,h2pri
last-modified: Tue, 31 Oct 2023 16:54:32 GMT
server: cloudflare
etag: "e320c43993ae8577c544483e96756c59"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uY1u1IUhSJFEGCShbkkikuXwYsAXfNZYHQm28hRsKDAl9VaqzJpHpur4H75ZKunT5OvHI3AaNrtVum%2Bg9GtexkJxAKpbyoIum4G2DPvSgogLHcBfLRcib%2FhFqAjzZbUN1Cp53ut3z9ZhkA1S"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 83b4791dbfcd6ab8-FRA

GET
H/1.1

200
OK

/
partner.o2online.de/a/ Frame 463E
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_t...
https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CPr_j9HPq4MDFS-cgwcdFJwHxw;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=...
https://www.telefonica-partner.de/tpv.php?t=120211V1226132702M&subid=viewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0
https://www.lead-alliance.net/tpv.php?t=120211V1226132702M&subid=viewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=120211&s_id=2023122523204591637156207X120211V1226132702MSviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Ne...

49 B
1 KB

45ms
45ms

Image
image/gif

167.233.13.224
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=120211&s_id=2023122523204591637156207X120211V1226132702MSviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&cons=0&spid=2023122523204591637156207X120211V1226132702MSviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&wfid=120211&partnerid=12218
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C19769%2C117569&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C2xqt6fRQfDrbSVHWHkt8txZPcWT7TEYcg%2CApEhYf9mueRQdhAHRH4tkt3D6c7T4T1Ec9&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2C4BxHEf1Ks2P6fGH9HdtzCmwPFZTpTjRHK%2CMYrCzfjQsGkwrSWHEHGtQCDkPF9T4T2gu3&c=160&d=600&e=&g=fd6a778f4513854fe340d159e26cabb6%2F3458388430406827594&i=20774%2C21630%2C29981&j=14%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1703542844976&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jhd3rxctb8rajr4zmw4ag16y2eymeyqhvgyhcc2jtnhpnc216901vyvh4sr3wrdjmr89s9bj2024nbk7jtfeemt1bz2k5t9y3mbnq25zczf42gv10c6ef6709mraby08hbkst6hyec3eemmnpnt8bkv14cgfkaxm4dw7z450j1pqh72bg1verg3pw87nzt3a808vjs76sfmeq44497vacyrg5ytn3qcx2csbgve847264hbvqb8nc0zyvzkvnz70n59cmrj8xc019k2angg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCiU42OwCKZZehOJz3mLAP59itmA6Q4YGEXLaoworwAsCNtwEQASAAYJWCgICoB4IBF2NhLXB1Yi00NzY2NjU2MDc1MzUyODI0yAEJqQIRY4ZOUXiyPqgDAcgDAqoEmgJP0FvycjXe_1kHWtTjnYzqJVCrL7kx4yJ1nz6rFPReUkBkYz2zeBkzLjJsWJZ5Alcq3gOhWHpRFnpBnjLbSUI_n6puaG8zbdqUwFdx6u5okiXjrpFKatyooi9ZzEBaPEYmBgxw8dAvoWl2uqmNPfDyXbswgNfDNe_qZOWW9jJbzDoNY7-FHLNAGjz3E2Zp9zB3b0u4GvxGZFQnuonsUdnL5cCs1oWGnKFuljvPUkUFSPD-qZKriQEcsJzTCOzTSutUGMadUJNSmM1qNC8N4TopYV4abgAc-u7QmqGj_R_DzkWQtg_TTLMBEbuTLJ8qAdjGxd5W7WV-kQ-Q9-8fh4tEgum0fr9r0GG5xQWrJvLy5Y80gHa4DklJhlSABujT1d-Jy93T1gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYwdXI0M-rgwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_15sxHpokwjHNY7Qy8d3lcCdRcVUA%2526client%253Dca-pub-4766656075352824%2526adurl%253D&y=1&s=&z=0
Protocol: HTTP/1.1
Server: 167.233.13.224 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.224.13.233.167.clients.your-server.de
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Mon, 25 Dec 2023 22:20:45 GMT
X-NODEIP: 46.4.41.145
Server: nginx/1.14.0 (Ubuntu)
RM-PrivacyPolicy: https://www.nonstoppartner.net/
Content-Type: image/gif
P3P: policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection: keep-alive
Keep-Alive: timeout=10
Content-Length: 49

Redirect headers

location: https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=120211&s_id=2023122523204591637156207X120211V1226132702MSviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&cons=0&spid=2023122523204591637156207X120211V1226132702MSviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&wfid=120211&partnerid=12218
date: Mon, 25 Dec 2023 22:20:45 GMT
x-content-type-options: nosniff
server: nginx
x-xss-protection: 1; mode=block
content-type: text/html; charset=UTF-8

GET
H3 200 90E11D2E4CFB32857DB7C2E1317DD53401EA4F6F6F9CD68E6E871CA9D0C876402E8B3C561F20D09E5FFCF6D6F6634B28F60F47276020F60158747BE09B58F826
assets.ad4m.at/logo/ Frame 463E 4 KB
5 KB 54ms
54ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/90E11D2E4CFB32857DB7C2E1317DD53401EA4F6F6F9CD68E6E871CA9D0C876402E8B3C561F20D09E5FFCF6D6F6634B28F60F47276020F60158747BE09B58F826
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C19769%2C117569&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C2xqt6fRQfDrbSVHWHkt8txZPcWT7TEYcg%2CApEhYf9mueRQdhAHRH4tkt3D6c7T4T1Ec9&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2C4BxHEf1Ks2P6fGH9HdtzCmwPFZTpTjRHK%2CMYrCzfjQsGkwrSWHEHGtQCDkPF9T4T2gu3&c=160&d=600&e=&g=fd6a778f4513854fe340d159e26cabb6%2F3458388430406827594&i=20774%2C21630%2C29981&j=14%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1703542844976&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jhd3rxctb8rajr4zmw4ag16y2eymeyqhvgyhcc2jtnhpnc216901vyvh4sr3wrdjmr89s9bj2024nbk7jtfeemt1bz2k5t9y3mbnq25zczf42gv10c6ef6709mraby08hbkst6hyec3eemmnpnt8bkv14cgfkaxm4dw7z450j1pqh72bg1verg3pw87nzt3a808vjs76sfmeq44497vacyrg5ytn3qcx2csbgve847264hbvqb8nc0zyvzkvnz70n59cmrj8xc019k2angg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCiU42OwCKZZehOJz3mLAP59itmA6Q4YGEXLaoworwAsCNtwEQASAAYJWCgICoB4IBF2NhLXB1Yi00NzY2NjU2MDc1MzUyODI0yAEJqQIRY4ZOUXiyPqgDAcgDAqoEmgJP0FvycjXe_1kHWtTjnYzqJVCrL7kx4yJ1nz6rFPReUkBkYz2zeBkzLjJsWJZ5Alcq3gOhWHpRFnpBnjLbSUI_n6puaG8zbdqUwFdx6u5okiXjrpFKatyooi9ZzEBaPEYmBgxw8dAvoWl2uqmNPfDyXbswgNfDNe_qZOWW9jJbzDoNY7-FHLNAGjz3E2Zp9zB3b0u4GvxGZFQnuonsUdnL5cCs1oWGnKFuljvPUkUFSPD-qZKriQEcsJzTCOzTSutUGMadUJNSmM1qNC8N4TopYV4abgAc-u7QmqGj_R_DzkWQtg_TTLMBEbuTLJ8qAdjGxd5W7WV-kQ-Q9-8fh4tEgum0fr9r0GG5xQWrJvLy5Y80gHa4DklJhlSABujT1d-Jy93T1gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYwdXI0M-rgwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_15sxHpokwjHNY7Qy8d3lcCdRcVUA%2526client%253Dca-pub-4766656075352824%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7df956c080a1bb3ed36decdc5b978505ddf07aa8d4b1b69e6ded3a9773464a2b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 22:20:45 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 438075
cf-polished: qual=85, origFmt=jpeg, origSize=7258
alt-svc: h3=":443"; ma=86400
content-length: 4294
cf-bgj: imgq:85,h2pri
last-modified: Wed, 01 Nov 2023 09:56:16 GMT
server: cloudflare
etag: "679602b08629bcaaabfcfad4e68fe53a"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6lklZFwVb72qtNUb7dTzsEWZSbznf7p5KvWYE2l0sCGkI4xc%2B1iKmc91p8kBNmPfgJqn2ege4xOgh4vjVITY8sPF2EddOKT1GPR5w1oQ7rxuZaTGOlKkaeT6Kll2iu2vwgPQQO2uSPhsEl9w"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 83b4791dbfcf6ab8-FRA

GET
H3 200 287435BEDBEF5210566F91ED2E6D57494D1CBA241E887A111712FB8ADF6747B3B44CBC7EE390AD74BB6985CDD69339A9B2EDEE7334ACD70F503D0812F8C7EBF1
assets.ad4m.at/ Frame 463E 15 KB
16 KB 55ms
54ms Image
image/jpeg 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/287435BEDBEF5210566F91ED2E6D57494D1CBA241E887A111712FB8ADF6747B3B44CBC7EE390AD74BB6985CDD69339A9B2EDEE7334ACD70F503D0812F8C7EBF1
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C19769%2C117569&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C2xqt6fRQfDrbSVHWHkt8txZPcWT7TEYcg%2CApEhYf9mueRQdhAHRH4tkt3D6c7T4T1Ec9&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2C4BxHEf1Ks2P6fGH9HdtzCmwPFZTpTjRHK%2CMYrCzfjQsGkwrSWHEHGtQCDkPF9T4T2gu3&c=160&d=600&e=&g=fd6a778f4513854fe340d159e26cabb6%2F3458388430406827594&i=20774%2C21630%2C29981&j=14%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1703542844976&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jhd3rxctb8rajr4zmw4ag16y2eymeyqhvgyhcc2jtnhpnc216901vyvh4sr3wrdjmr89s9bj2024nbk7jtfeemt1bz2k5t9y3mbnq25zczf42gv10c6ef6709mraby08hbkst6hyec3eemmnpnt8bkv14cgfkaxm4dw7z450j1pqh72bg1verg3pw87nzt3a808vjs76sfmeq44497vacyrg5ytn3qcx2csbgve847264hbvqb8nc0zyvzkvnz70n59cmrj8xc019k2angg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCiU42OwCKZZehOJz3mLAP59itmA6Q4YGEXLaoworwAsCNtwEQASAAYJWCgICoB4IBF2NhLXB1Yi00NzY2NjU2MDc1MzUyODI0yAEJqQIRY4ZOUXiyPqgDAcgDAqoEmgJP0FvycjXe_1kHWtTjnYzqJVCrL7kx4yJ1nz6rFPReUkBkYz2zeBkzLjJsWJZ5Alcq3gOhWHpRFnpBnjLbSUI_n6puaG8zbdqUwFdx6u5okiXjrpFKatyooi9ZzEBaPEYmBgxw8dAvoWl2uqmNPfDyXbswgNfDNe_qZOWW9jJbzDoNY7-FHLNAGjz3E2Zp9zB3b0u4GvxGZFQnuonsUdnL5cCs1oWGnKFuljvPUkUFSPD-qZKriQEcsJzTCOzTSutUGMadUJNSmM1qNC8N4TopYV4abgAc-u7QmqGj_R_DzkWQtg_TTLMBEbuTLJ8qAdjGxd5W7WV-kQ-Q9-8fh4tEgum0fr9r0GG5xQWrJvLy5Y80gHa4DklJhlSABujT1d-Jy93T1gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYwdXI0M-rgwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_15sxHpokwjHNY7Qy8d3lcCdRcVUA%2526client%253Dca-pub-4766656075352824%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5c8aaf3a0a4a9840eef8109904bf9d8ca3cf0933567fc63c82f239b7bd344ce3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 22:20:45 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2386503
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400
content-length: 15521
cf-bgj: imgq:85,h2pri
last-modified: Thu, 09 Nov 2023 08:09:52 GMT
server: cloudflare
etag: "269bd58060bc660c3aec98b388bae571"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UIRMCIjRBmgxi%2FuyUxQ2WwSb2jO%2BbKhSi9Y%2FIN634GYRfjnoWsXiaCy69MM6V4iBrwPhTxkUz299cNa80%2FGEilLxO4d0%2FIPcomKZ%2F841AWjCZwL80%2FUr4ZDKxiorCH0F7dpvFkElcwl8GDNy"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 83b4791dbfd16ab8-FRA

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 463E 43 B
705 B 99ms
98ms Image
image/gif 104.96.147.178
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2531885&v=14702&q=365825&r=412871&pv=1&pref3=oneid2xqt6fRQfDrbSVHWHkt8txZPcWT7TEYcgoneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C19769%2C117569&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C2xqt6fRQfDrbSVHWHkt8txZPcWT7TEYcg%2CApEhYf9mueRQdhAHRH4tkt3D6c7T4T1Ec9&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2C4BxHEf1Ks2P6fGH9HdtzCmwPFZTpTjRHK%2CMYrCzfjQsGkwrSWHEHGtQCDkPF9T4T2gu3&c=160&d=600&e=&g=fd6a778f4513854fe340d159e26cabb6%2F3458388430406827594&i=20774%2C21630%2C29981&j=14%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1703542844976&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jhd3rxctb8rajr4zmw4ag16y2eymeyqhvgyhcc2jtnhpnc216901vyvh4sr3wrdjmr89s9bj2024nbk7jtfeemt1bz2k5t9y3mbnq25zczf42gv10c6ef6709mraby08hbkst6hyec3eemmnpnt8bkv14cgfkaxm4dw7z450j1pqh72bg1verg3pw87nzt3a808vjs76sfmeq44497vacyrg5ytn3qcx2csbgve847264hbvqb8nc0zyvzkvnz70n59cmrj8xc019k2angg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCiU42OwCKZZehOJz3mLAP59itmA6Q4YGEXLaoworwAsCNtwEQASAAYJWCgICoB4IBF2NhLXB1Yi00NzY2NjU2MDc1MzUyODI0yAEJqQIRY4ZOUXiyPqgDAcgDAqoEmgJP0FvycjXe_1kHWtTjnYzqJVCrL7kx4yJ1nz6rFPReUkBkYz2zeBkzLjJsWJZ5Alcq3gOhWHpRFnpBnjLbSUI_n6puaG8zbdqUwFdx6u5okiXjrpFKatyooi9ZzEBaPEYmBgxw8dAvoWl2uqmNPfDyXbswgNfDNe_qZOWW9jJbzDoNY7-FHLNAGjz3E2Zp9zB3b0u4GvxGZFQnuonsUdnL5cCs1oWGnKFuljvPUkUFSPD-qZKriQEcsJzTCOzTSutUGMadUJNSmM1qNC8N4TopYV4abgAc-u7QmqGj_R_DzkWQtg_TTLMBEbuTLJ8qAdjGxd5W7WV-kQ-Q9-8fh4tEgum0fr9r0GG5xQWrJvLy5Y80gHa4DklJhlSABujT1d-Jy93T1gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYwdXI0M-rgwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_15sxHpokwjHNY7Qy8d3lcCdRcVUA%2526client%253Dca-pub-4766656075352824%2526adurl%253D&y=1&s=&z=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.96.147.178 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-96-147-178.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 25 Dec 2023 22:20:45 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
H3 200 A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266
assets.ad4m.at/logo/ Frame 463E 2 KB
2 KB 56ms
55ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C19769%2C117569&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C2xqt6fRQfDrbSVHWHkt8txZPcWT7TEYcg%2CApEhYf9mueRQdhAHRH4tkt3D6c7T4T1Ec9&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2C4BxHEf1Ks2P6fGH9HdtzCmwPFZTpTjRHK%2CMYrCzfjQsGkwrSWHEHGtQCDkPF9T4T2gu3&c=160&d=600&e=&g=fd6a778f4513854fe340d159e26cabb6%2F3458388430406827594&i=20774%2C21630%2C29981&j=14%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1703542844976&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jhd3rxctb8rajr4zmw4ag16y2eymeyqhvgyhcc2jtnhpnc216901vyvh4sr3wrdjmr89s9bj2024nbk7jtfeemt1bz2k5t9y3mbnq25zczf42gv10c6ef6709mraby08hbkst6hyec3eemmnpnt8bkv14cgfkaxm4dw7z450j1pqh72bg1verg3pw87nzt3a808vjs76sfmeq44497vacyrg5ytn3qcx2csbgve847264hbvqb8nc0zyvzkvnz70n59cmrj8xc019k2angg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCiU42OwCKZZehOJz3mLAP59itmA6Q4YGEXLaoworwAsCNtwEQASAAYJWCgICoB4IBF2NhLXB1Yi00NzY2NjU2MDc1MzUyODI0yAEJqQIRY4ZOUXiyPqgDAcgDAqoEmgJP0FvycjXe_1kHWtTjnYzqJVCrL7kx4yJ1nz6rFPReUkBkYz2zeBkzLjJsWJZ5Alcq3gOhWHpRFnpBnjLbSUI_n6puaG8zbdqUwFdx6u5okiXjrpFKatyooi9ZzEBaPEYmBgxw8dAvoWl2uqmNPfDyXbswgNfDNe_qZOWW9jJbzDoNY7-FHLNAGjz3E2Zp9zB3b0u4GvxGZFQnuonsUdnL5cCs1oWGnKFuljvPUkUFSPD-qZKriQEcsJzTCOzTSutUGMadUJNSmM1qNC8N4TopYV4abgAc-u7QmqGj_R_DzkWQtg_TTLMBEbuTLJ8qAdjGxd5W7WV-kQ-Q9-8fh4tEgum0fr9r0GG5xQWrJvLy5Y80gHa4DklJhlSABujT1d-Jy93T1gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYwdXI0M-rgwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_15sxHpokwjHNY7Qy8d3lcCdRcVUA%2526client%253Dca-pub-4766656075352824%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bfe58c3e4f67928f320950cb05524dc012abf7ab1096958560101be80f83d447

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 22:20:45 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 434744
cf-polished: origFmt=png, origSize=2170
alt-svc: h3=":443"; ma=86400
content-length: 1662
cf-bgj: imgq:85,h2pri
last-modified: Mon, 13 Nov 2023 08:38:25 GMT
server: cloudflare
etag: "4721aa7c2d5fa652c8092463f9a485bd"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GBTMPqhVLoTLWNj9%2BDZcYgMzlws6QhEO%2FlneNmLfIxrCZabE%2BBE92A4mJfmIasvJfAoMGk%2FvbfHQoJvJy6SxZjAeSeKxExzqAffD3Lhw%2BxygbpxtX6STy1NQqCX%2Fe%2Bu%2FNunlX6vpXfOnYKuM"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 83b4791dbfd26ab8-FRA

GET
H3 200 B4A4D4AE24A1FC5067FA06DB00E21DA5A143F663CF3153C1D2812B519806D793E1E07140C733352966C6C7C037FF39882FAEB141999BF28A93837E2C21DB35B1
assets.ad4m.at/ Frame 463E 23 KB
23 KB 56ms
56ms Image
image/jpeg 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/B4A4D4AE24A1FC5067FA06DB00E21DA5A143F663CF3153C1D2812B519806D793E1E07140C733352966C6C7C037FF39882FAEB141999BF28A93837E2C21DB35B1
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C19769%2C117569&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C2xqt6fRQfDrbSVHWHkt8txZPcWT7TEYcg%2CApEhYf9mueRQdhAHRH4tkt3D6c7T4T1Ec9&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2C4BxHEf1Ks2P6fGH9HdtzCmwPFZTpTjRHK%2CMYrCzfjQsGkwrSWHEHGtQCDkPF9T4T2gu3&c=160&d=600&e=&g=fd6a778f4513854fe340d159e26cabb6%2F3458388430406827594&i=20774%2C21630%2C29981&j=14%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1703542844976&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jhd3rxctb8rajr4zmw4ag16y2eymeyqhvgyhcc2jtnhpnc216901vyvh4sr3wrdjmr89s9bj2024nbk7jtfeemt1bz2k5t9y3mbnq25zczf42gv10c6ef6709mraby08hbkst6hyec3eemmnpnt8bkv14cgfkaxm4dw7z450j1pqh72bg1verg3pw87nzt3a808vjs76sfmeq44497vacyrg5ytn3qcx2csbgve847264hbvqb8nc0zyvzkvnz70n59cmrj8xc019k2angg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCiU42OwCKZZehOJz3mLAP59itmA6Q4YGEXLaoworwAsCNtwEQASAAYJWCgICoB4IBF2NhLXB1Yi00NzY2NjU2MDc1MzUyODI0yAEJqQIRY4ZOUXiyPqgDAcgDAqoEmgJP0FvycjXe_1kHWtTjnYzqJVCrL7kx4yJ1nz6rFPReUkBkYz2zeBkzLjJsWJZ5Alcq3gOhWHpRFnpBnjLbSUI_n6puaG8zbdqUwFdx6u5okiXjrpFKatyooi9ZzEBaPEYmBgxw8dAvoWl2uqmNPfDyXbswgNfDNe_qZOWW9jJbzDoNY7-FHLNAGjz3E2Zp9zB3b0u4GvxGZFQnuonsUdnL5cCs1oWGnKFuljvPUkUFSPD-qZKriQEcsJzTCOzTSutUGMadUJNSmM1qNC8N4TopYV4abgAc-u7QmqGj_R_DzkWQtg_TTLMBEbuTLJ8qAdjGxd5W7WV-kQ-Q9-8fh4tEgum0fr9r0GG5xQWrJvLy5Y80gHa4DklJhlSABujT1d-Jy93T1gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYwdXI0M-rgwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_15sxHpokwjHNY7Qy8d3lcCdRcVUA%2526client%253Dca-pub-4766656075352824%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 873e5c46cc8ce0b17fbe1f11dd95e9f15dbfa715e3e407d97f31611b5a460d8d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 22:20:45 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2320900
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400
content-length: 23392
cf-bgj: imgq:85,h2pri
last-modified: Thu, 09 Nov 2023 08:08:23 GMT
server: cloudflare
etag: "faa9f958d13ef03f911b71f117846705"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oguDD6fhRnvz8kdFDVEGQ0T0W6bUjhBLiBn5zCigKS0EaaadlNviP968LZq6j5e7ZMYUmRKvPj81YqarjLEAlOJyfQU88Y4%2FIYj%2FP2PI4U0mT5GqnZGx%2FDSG9HGnuxo7yRUjS9RfFbEFXKmq"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 83b4791dbfd36ab8-FRA

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 463E 43 B
705 B 136ms
72ms Image
image/gif 104.96.147.178
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2904924&v=20044&q=415363&r=412871&pv=1&pref3=oneidApEhYf9mueRQdhAHRH4tkt3D6c7T4T1Ec9oneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.96.147.178 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-96-147-178.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 25 Dec 2023 22:20:45 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame E23A 42 B
64 B 60ms
60ms Fetch
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstiLh3VUPxoy6ZtC8zjQ34fZGrZy_mmvZaDoiQF9YQCS6Jq_jCK23M2brXRCoFF8F-z4X-SIoPYFlUyuGcPcFkjQJdiwswsLPNHym_lY2uT1gSUZ6QgSA&sig=Cg0ArKJSzAwJ03ktzf29EAE&id=lidar2&mcvt=1000&p=0,0,50,320&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231213&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2977947412&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1703542844099&rpt=149&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Dec 2023 22:20:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 766B 42 B
64 B 58ms
58ms Fetch
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvVvdEV5f6UH-SnTWxvim_CYON0eBtu8CDJSqk8ocD3PQYr73sdWmDU03KWyo6TFFddfB4fWfU2wlhnLfKM5P2K9-SYS3KU2G3EuAHQGDYmJBJyI76aDg&sig=Cg0ArKJSzITJqgGboailEAE&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231213&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1721480579&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1703542843635&rpt=675&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Dec 2023 22:20:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 postview Show response
www.eprimo.de/ Frame 3C98 334 B
462 B 89ms
24ms Document
text/html 52.58.49.138
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.eprimo.de/postview?hp=8000001991&pvid=658a003db3766501af65afaf&gdpr=0&gdpr_consent=&gdpr_pd=0

Requested by

Host: netzwerk.uppr.de
URL: https://netzwerk.uppr.de/trck/epv/af4ff75e9ff0f691fd8dd53e639ddaad?subid=oneid13mUbfKf2Ama9HdH9tAt2zmS2SKTGRWHx7droneid__suite_Netmix_Reach118_EXTRAPUSH&gdpr_consent=&gdpr=0&gdpr_pd=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.58.49.138 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-58-49-138.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

4803fb9ad425e3d59451441ac6a7c901a4392f78f7732f07aa2a5292503460bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html
date: Mon, 25 Dec 2023 22:20:45 GMT
etag: W/"658004d6-14e"
last-modified: Mon, 18 Dec 2023 08:37:42 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 88x31.png
ht.uppr.de/campaign_118_eprimo/20210714_Logos/ Frame 0B2F 4 KB
4 KB 81ms
23ms Image
image/png 54.37.204.178
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ht.uppr.de/campaign_118_eprimo/20210714_Logos/88x31.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=29002%2C12798%2C685&b=ZxqHwfBfMzDtmHDHDt3t6R4T6SXTQRBuY51p%2C13mUbfKf2Ama9HdH9tAt2zmS2SKTGRWHx7dr%2CYxRHrf3fkXaVH9HetQteg5ukS1Td9rF1Z6q&f=9jbSMfmfGdBtKHBH2tzCVWAc9SmTzPMfrbJW%2CwAjudfjfZk3SEHRH2tEC4m9hzSATmrZTKJQ1%2Cq42umfWfAzSZHgHDtRCwrdHeSgTJD5sq4xM&c=160&d=600&e=&g=ad49ec425c77567d218294f6c6deb45b%2F12333126316468682968&i=25052%2C20363%2C17908&j=16%2C24%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1703542844967&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kpy3qjbwa1c9saak788yr6zxv5htqmja5m60wdjwpb35karbkm59dsj3g5q8vm596xxhr59zbyt937basgbwrvb3fgrvgnmxe0s6p4b6rasn7hxcng76q97pyqezbvdasas5kck4xjjjzt70jg74441d3yzwnpkrjxdvr115wbwry9brcwya94mctjyzspreq27tpp02vw4hpzrb54395v9ce5ekm8zm44yghpjaxg7r5rb5ph5g7fp1mkep4jtwkk5ed3ckncd54nasn2xx8vk%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCJfYPOwCKZZahOJz3mLAP59itmA6Q4YGEXLaoworwAsCNtwEQASAAYJWCgICoB4IBF2NhLXB1Yi00NzY2NjU2MDc1MzUyODI0yAEJqQIRY4ZOUXiyPqgDAcgDAqoEmgJP0PeFROxOycK6Lmg_9VNKzI37mkkFnPw5tkewQEqCTQB5-yOt_KniiqJUPQZQKHNkCw_xiMre7MYeDTVgTviyGvfhGj0GqeAWCJ5PhftflEDoaxIo4sK6wmUXsJb-HXxXSQw-ozGRHi-iE4MGgWg4BdZLsdAXvahCSA_EnUAL-LROdBSrU5pmNuev0Bq1NvnAtFTXX9Z1OirN_I_aNmAxYlmATtCXluw_SwLBr0_tfSnjyWxl5iZ5p-UU-7Cmtdw-NgaXHfjFtBk3PPPCQuQ6JSC6yx0DvIWfsbVUDqkmK0aWf7dYmTRZIwXZV3KE3DOABSdgB042HvDdqn6ZYobLvKCLcC6feZEf3FOlAvYnFNisvBc7670RbY2ABvnEndus88zewwGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYwdXI0M-rgwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3O8J_IwTbI3GueqlCiVCuHUfW8aQ%2526client%253Dca-pub-4766656075352824%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.37.204.178 , France, ASN16276 (OVH, FR),
Reverse DNS: 178.ip-54-37-204.eu
Software: nginx/1.24.0 /
Resource Hash: b5cbed9147f88e081848cdd63a0791004ad19c85d075033508db726df783c558

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 22:20:45 GMT
last-modified: Wed, 14 Jul 2021 10:35:04 GMT
server: nginx/1.24.0
accept-ranges: bytes
etag: "60eebdd8-116b"
content-length: 4459
content-type: image/png

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame A17C 42 B
64 B 59ms
59ms Fetch
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvCF0wSk2wZAPfoVzXr-9ezDwRL4NG2XDZnxhz96yoL9FPvnbj8jeALKMpIupEG69wj6rQ4CJYaZGSfZc5NB01bR8ullblYOpVlIs-6dcpkbtxspWcgsQ&sig=Cg0ArKJSzLzqTYzD19l0EAE&id=lidar2&mcvt=1000&p=0,0,600,160&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231213&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1564824845&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1703542844272&rpt=95&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Dec 2023 22:20:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookieFork.js Show response
www.eprimo.de/postview/ Frame 3C98 9 KB
3 KB 23ms
22ms Script
application/javascript 52.58.49.138
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.eprimo.de/postview/cookieFork.js

Requested by

Host: www.eprimo.de
URL: https://www.eprimo.de/postview?hp=8000001991&pvid=658a003db3766501af65afaf&gdpr=0&gdpr_consent=&gdpr_pd=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.58.49.138 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-58-49-138.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

48c851642ddc61a2093c2445e17251c1b7465d979185267312ddc5b496828813

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.eprimo.de/postview?hp=8000001991&pvid=658a003db3766501af65afaf&gdpr=0&gdpr_consent=&gdpr_pd=0
Origin: https://www.eprimo.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 22:20:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
last-modified: Mon, 18 Dec 2023 08:37:42 GMT
server: nginx
content-encoding: gzip
etag: W/"658004d6-24ea"
content-type: application/javascript
x-xss-protection: 1; mode=block

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame ED51 16 B
209 B 94ms
91ms Fetch
application/json 35.177.175.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.177.175.102 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-177-175-102.eu-west-2.compute.amazonaws.com

Software

nginx / PHP/8.1.14

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 25 Dec 2023 22:20:45 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/8.1.14
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 146ms
40ms Preflight 35.177.175.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.177.175.102 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-177-175-102.eu-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Mon, 25 Dec 2023 22:20:45 GMT
server: nginx

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame DD0A 16 B
209 B 87ms
85ms Fetch
application/json 35.177.175.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.177.175.102 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-177-175-102.eu-west-2.compute.amazonaws.com

Software

nginx / PHP/8.1.14

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 25 Dec 2023 22:20:45 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/8.1.14
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 137ms
41ms Preflight 35.177.175.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.177.175.102 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-177-175-102.eu-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Mon, 25 Dec 2023 22:20:45 GMT
server: nginx

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 71ms
70ms XHR
application/json 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231207&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0a6ad9d619f093f06c0a4e8d9a3836f16945bcaf847951f26880315b9613c3aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paranaturismo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 22:20:45 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12195
x-xss-protection: 0

GET
H2 200 comments.php
www.facebook.com/v2.5/plugins/ Frame 79C4 0
0 122ms
121ms Document
text/html 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v2.5/plugins/comments.php?app_id=417184695094507&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1b410b13a58d04%26domain%3Dwww.paranaturismo.com.br%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.paranaturismo.com.br%252Ff166352205174f8%26relation%3Dparent.parent&color_scheme=light&container_width=518&height=100&href=https%3A%2F%2Fwww.paranaturismo.com.br%2Flunardelli%2F&locale=pt_BR&numposts=5&sdk=joey&version=v2.5&width=

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/pt_BR/sdk.js?hash=e8e4966a035ed8e9158c41c5a11f61b3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.paranaturismo.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-length: 0
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html;charset=utf-8
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 25 Dec 2023 22:20:45 GMT
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
reporting-endpoints: default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
x-content-type-options: nosniff
x-fb-debug: EDQngOl87u3pYKHC588UdlQByr66HV8Wmc7mh8uwoEVd/4TgMcYFa+IBgAue++L4bguAxyAHvZO52ZRvkRfSAA==
x-frame-options: DENY
x-xss-protection: 0

GET
H3

200

/
www.facebook.com/login/ Frame 5DE7
Redirect Chain

https://www.facebook.com/v2.5/plugins/page.php?adapt_container_width=true&app_id=417184695094507&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df42d...
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D417184695094507%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook....

0
0

190ms
190ms

Document
text/html

2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D417184695094507%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df42de6531cf4b8%2526domain%253Dwww.paranaturismo.com.br%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.paranaturismo.com.br%25252Ff166352205174f8%2526relation%253Dparent.parent%26container_width%3D320%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fparanaturismo%26locale%3Dpt_BR%26sdk%3Djoey%26show_facepile%3Dtrue%26show_posts%3Dfalse%26small_header%3Dfalse%26width%3D318

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/pt_BR/sdk.js?hash=e8e4966a035ed8e9158c41c5a11f61b3

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.paranaturismo.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 25 Dec 2023 22:20:45 GMT
expires: Sat, 01 Jan 2000 00:00:00 GMT
origin-agent-cluster: ?0
pragma: no-cache
priority: u=0,i
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
reporting-endpoints: default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: e71s4qVN0y38DQynLi/cqtReQMghQ9rpQ6Xl4735/srrtcixdkwh1siUv1PkIemQ6s/q0XwvREbopJ1Uy0fmhg==
x-frame-options: DENY
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-length: 0
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Mon, 25 Dec 2023 22:20:45 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version: v12.0
location: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D417184695094507%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df42de6531cf4b8%2526domain%253Dwww.paranaturismo.com.br%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.paranaturismo.com.br%25252Ff166352205174f8%2526relation%253Dparent.parent%26container_width%3D320%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fparanaturismo%26locale%3Dpt_BR%26sdk%3Djoey%26show_facepile%3Dtrue%26show_posts%3Dfalse%26small_header%3Dfalse%26width%3D318
origin-agent-cluster: ?0
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=()
permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), encrypted-media=(), fullscreen=(), keyboard-map=()
pragma: no-cache
reporting-endpoints
strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
x-fb-debug: lsTRk/bPKHU/8TWFfjZ8JwjoAr6zsupMht93B9H1TrR/U58W8355oviNHQdKqibWXszyHAA+74g16m4JfiOntg==
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 33ms
33ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paranaturismo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 22:20:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 25 Dec 2023 22:20:45 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 2758 13 KB
5 KB 22ms
21ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.paranaturismo.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 43524
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 25 Dec 2023 10:15:21 GMT
expires: Tue, 24 Dec 2024 10:15:21 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 80F1 829 B
561 B 32ms
31ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

dc8f52748be03eba628aaa299cae6942612babbc3f1431fff5c942fc54994ba3

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-xOyzEvuEPsRwUfOKQX8WKw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.paranaturismo.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-xOyzEvuEPsRwUfOKQX8WKw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 25 Dec 2023 22:20:45 GMT
expires: Mon, 25 Dec 2023 22:20:45 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 2758 39 KB
15 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 10:15:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 43523
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 24 Dec 2024 10:15:22 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 80F1 0
0 56ms
56ms Image
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231207&jk=3275849631077340&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 2758 0
10 B 21ms
21ms Image
text/plain 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?KcxJYQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 22:20:45 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 487F 42 B
64 B 59ms
59ms Fetch
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu15HuERKWJIHz5C67n_biVZDreVCl4nECrYwS1183gX86vcU6g9kweRybKWIQkYdKegvdEddI_dYCKOQOsHM6n7GDiUStpdjq_mRcQjEwrAr_Sw7YJsA&sig=Cg0ArKJSzN9kR8gRhFjvEAE&id=lidar2&mcvt=1000&p=0,0,600,160&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231213&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271803&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1703542844738&rpt=100&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Dec 2023 22:20:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 6C9B 42 B
64 B 59ms
58ms Fetch
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss0icrveg4aXk71GxWmQH581BXlyvfdQ6UzGQ232TCaBfuncvY7kTRsCnM0VxpygR5gkWpOA0o2xneW69r0tBJqXTY6RsrMOdM8foS1-vZYEeeErEaqsw&sig=Cg0ArKJSzN1V1L-BAUzxEAE&id=lidar2&mcvt=1000&p=0,0,600,160&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231213&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271804&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1703542844757&rpt=108&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Dec 2023 22:20:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 60ms
59ms Image
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231207&jk=3275849631077340&bg=!FhWlFVrNAAY3kmNgF5I7ADQBe5WfOM3Rjid4LwXUIZLl_XGRP-F7mXcGh_TvY3D_3ZT7m0_U11Y0kaCzDQVq8arGSPoCAgAAADBSAAAAAmgBBwoABZZdEn90mQL547hmJVJcBI-paU3-YzWjsiJePOmxaKQQ7OxuEeHY0zIdoBmP17j__rGuyBT9j1gdRtkZCBVFiHN5eo_EZ98sYF5daR6zVDdkl13FoDGi8In41Gta9l4KmL0PMQcBeH_MTHHki_ri-60WurlwoBp7qsAwB8jl8ecEuAMfsG6YqqXaGBQo3vp6e61-SVP5EoHHcG7xbqtAG_StvRRcI-DxTpBgPZyvgoMiZZuhHkU0msfC28DfM9a8b_dK-615aF-yDxygT3-uuYDqcHSBd0NhQ_V_JblLNOH7U-l9GmiPLBVPwZXvtuoiFhrz5xedF8etpQPQ23E3o72Durrzlx6v8Z_Uup3NKJgsJyVfsNf54511tafIZK0Ff5Jc3u0Xry6xGRKKM0wVAg4OngkCP1eUDAkgSMZmEZrpJ4uJr-dMXDm_WDWA96PgNjhM2m3jlx3AIiWD0w0KpPHG0mh9Fl4_HZVXMexwm_4GuSSaMCQKWEBwbT7f9quHHSr8CngVmmwXciLbmxmhf_-vRGxt3FLbuP6x_zb05AAGawHPSkP0E03Rgl6DYs5EkCDCHE6TL6YUT7kMRvfC6d1vC74E5VbRbxeXG7G7RF8mGP1-X7Y-4wH0UonF5Yhj6UtPRpzaNgmooytoZwvLVLh36BJfU93vNikKWke4MZuqVppS73-PsYSPHEs3p92UJUORAjyq8xfSCgUgZz2G9MyTtRjh1XQ7_EWzYoJ_1t4Q6FVB_z1BdP5hTgMmMg3slmS3ExMzDJ5el5yt6mGhmAKz5aXr_Pp4okX_1qhJ-1M-LaRgNiCM01_POECe5mj-BuAbmrV07YazWmXf5Zb_iwL8RPwb3vJN4qCozhdqBoiXXtgZDgbzzoh417RJC_-nRdOplxA3JlTRbUiUb4IJGcT4SgEOWN3rDYjQnC7EEbCSuz4yKCfB76LV7x987k5E-wZ8ArXp70UVQTcyTDBdLLJFLld1pZ7FAg8IShtvwYiIi_kaL_076h3pcCH946iOR0w
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paranaturismo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

233 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

71 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.ad4m.at/cookie-frame.html	1970-01-20 17:55:34	Name: userId Value: pkB9sC9vAv6AwO9JQi31pvjAVhxZn5TU
.paranaturismo.com.br/	1970-01-21 02:48:22	Name: __utma Value: 261471116.369014989.1703542844.1703542844.1703542844.1
.paranaturismo.com.br/	1969-12-31 23:59:59	Name: __utmc Value: 261471116
.paranaturismo.com.br/	1970-01-20 21:35:10	Name: __utmz Value: 261471116.1703542844.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
.paranaturismo.com.br/	1970-01-20 17:12:23	Name: __utmt Value: 1
.paranaturismo.com.br/	1970-01-20 17:12:24	Name: __utmb Value: 261471116.1.10.1703542844
www.paranaturismo.com.br/	1970-01-20 17:12:23	Name: sbfpPopup Value: paranaturismo
.paranaturismo.com.br/	1970-01-20 19:21:58	Name: _gcl_au Value: 1.1.824607880.1703542844
.paranaturismo.com.br/	1970-01-21 02:48:22	Name: _ga Value: GA1.3.369014989.1703542844
.paranaturismo.com.br/	1970-01-20 17:13:49	Name: _gid Value: GA1.3.1709108765.1703542844
.paranaturismo.com.br/	1970-01-20 17:12:22	Name: _gat_gtag_UA_11373939_21 Value: 1
.paranaturismo.com.br/	1970-01-21 02:33:58	Name: __gads Value: ID=35b7855789c55b5f:T=1703542843:RT=1703542843:S=ALNI_Ma3GGCiC3VoHLEnziJ6X8gyYPvy4Q
.paranaturismo.com.br/	1970-01-21 02:33:58	Name: __gpi Value: UID=00000d2b20f034dc:T=1703542843:RT=1703542843:S=ALNI_MZxjnff8XtJh8aYj0IZp6MNHrsbHg
.simpli.fi/	1970-01-21 01:59:25	Name: suid Value: 01F855ECA5EA4A1297B4233D9DAB710C
.adform.net/	1970-01-20 17:57:01	Name: C Value: 1
.adfarm1.adition.com/	1970-01-20 19:21:58	Name: UserID1 Value: 7316660802319677583
.adform.net/	1970-01-20 18:38:46	Name: uid Value: 3118117303342830565
.de17a.com/	1970-01-21 01:50:46	Name: guid Value: 1.7235988500474836182
.yahoo.com/	1970-01-21 01:58:20	Name: A3 Value: d=AQABBDwAimUCEDZ65hcspJMKdeyc4F19gd8FEgEBAQFRi2WTZQAAAAAA_eMAAA&S=AQAAAkKF2JnKAC5xhoWtGInS1H4
.quantserve.com/	1970-01-20 19:21:58	Name: d Value: EG0BCQHfKoEA
.quantserve.com/	1970-01-21 02:42:37	Name: mc Value: 658a003c-5ecb7-be84d-3456f
.ctnsnet.com/	1970-01-21 01:57:58	Name: cid_952a96e6e1cb49f389641c8efb0e9bba Value: 1
.ctnsnet.com/	1970-01-21 01:57:58	Name: gid_CAESEMUk16-b0JK0dFmkgDjGWl4 Value: 1
.travelaudience.com/	1970-01-21 02:44:03	Name: _tracker Value: %7B%22UUID%22%3A%22C039821D-9918-4D38-3D94-CB1029C9DEB1%22%7D
.e.dlx.addthis.com/	1970-01-21 02:42:37	Name: na_tc Value: Y
.agkn.com/	1970-01-21 01:57:58	Name: ab Value: 0001%3Aq5HO%2BqXOxqkbPxe0vykHklodKZK%2BFAg3
.everesttech.net/	1970-01-21 01:57:58	Name: everest_g_v2 Value: g_surferid~ZYoAPAAJqAJx7ABd
.doubleclick.net/	1970-01-21 02:33:58	Name: IDE Value: AHWqTUk3_NY_rbXsEohNQfoHoAEPxLfJEjXBEh-DLxJ7ZvIBDcW4F3UJqMC0qj8XK7E
.tribalfusion.com/	1970-01-20 19:21:58	Name: ANON_ID Value: aFntuJrZcAQ9BqEr72it9ZdJqerItPMUBPK02MPSN6eF2tuL6bEJ2bZb5TttNE0g7MGYpoZaEJJxFiVWgqZdcBHfJvEoE
.turn.com/	1970-01-20 21:31:34	Name: uid Value: 9109208927116753373
.addthis.com/	1970-01-21 02:42:37	Name: na_id Value: 2023122522204400029974113729
.addthis.com/	1970-01-21 02:42:37	Name: na_tc Value: Y
.addthis.com/	1970-01-21 02:42:37	Name: uid Value: 658a003c5131d5e0
.addthis.com/	1970-01-21 02:42:37	Name: ouid Value: 658a003c00019871a7388721c1fdf8672aa4a98394c862a0b5c7
.dlx.addthis.com/	1970-01-20 17:55:34	Name: na_rn Value: 0
.dlx.addthis.com/	1970-01-20 17:55:34	Name: na_sr Value: 20231225
.dlx.addthis.com/	1970-01-20 17:12:22	Name: na_srp Value: 3614
.dlx.addthis.com/	1970-01-20 17:55:34	Name: na_sc_e Value: 0
.doubleclick.net/	1970-01-20 21:31:34	Name: APC Value: AfxxVi51OflWftw4zdE4H_KuD8tdtTXMkh_AvcOUFe4_mDoX2sAlMw
.awin1.com/	1970-01-20 17:16:42	Name: awpv11354 Value: 412871\|1703542844\|d8adcf20-a373-11ee-b1a8-22396ad6a5ca
t.adcell.com/	1970-01-20 17:16:42	Name: ADCELLvpid2945 Value: 164800-46690-oneid7QWSqfzf38crHXHgtAtBGMc4S1TQ8Eu2k1joneid__suite_Netmix_Reach118_EXTRAPUSH%23%23%23%23%40%40%40%401703542844
.awin1.com/	1970-01-20 17:26:46	Name: awpv14063 Value: 412871\|1703542844\|d8b32650-a373-11ee-9488-2234841a3abe
.paranaturismo.com.br/	1970-01-21 02:48:22	Name: _ga_02GZQNG8YR Value: GS1.1.1703542843.1.0.1703542844.0.0.0
.agkn.com/	1970-01-21 01:57:58	Name: u Value: C\|0CEAtHLy8LRy8vAAAAAABAQ13AQEAAQpAAAAAAA
www.conrad.de/	1970-01-20 17:16:42	Name: HTLP_timestamp Value: 1703542844828
www.conrad.de/	1970-01-20 17:16:42	Name: CEAffHA Value: YD
.www.conrad.de/	1970-01-20 17:12:24	Name: __cf_bm Value: mQDIwlMywl._sz3FWLTQ4mjB1vJUVqRcE2S1kFT7KQo-1703542844-1-AZnh59d7c8ErPwX34XFA0fMpYN/SHzrqIWQ4D8vBXo/jv5mh/qBpgKczZGo16q3Nu8ORANxXINdip/MVpPfIhlk=
.awin1.com/	1970-01-20 17:22:27	Name: awpv11938 Value: 412871\|1703542844\|d8c41640-a373-11ee-bd07-2236e1f32b64
.blismedia.com/	1970-01-21 01:58:02	Name: b Value: 658A003C417E3640136731F5BLIS
.w55c.net/	1970-01-21 02:44:03	Name: wfivefivec Value: Kmbcnl8d1RhTju5
.w55c.net/	1970-01-20 17:55:34	Name: matchgoogle Value: 5
.congstar.de/	1970-01-20 17:22:31	Name: staticentry Value: %7B%22spfr%22%3A%22412871%22%2C%22awc%22%3A%2211938_412871_1703542844_d8c41640-a373-11ee-bd07-2236e1f32b64%22%2C%22sp%22%3A%22awin%22%7D
www.guenther.de/	1970-01-21 01:57:58	Name: awin_awc Value: 14063_412871_1703542844_d8b32650-a373-11ee-9488-2234841a3abe
www.guenther.de/	1969-12-31 23:59:59	Name: PHPSESSID Value: 1vgrnee0a9tk3rf7d51n0pdc5d
.blau.de/	1970-01-20 17:22:27	Name: nscT486 Value: v01MTQyMTExMzExMTExMTExMTEwMTQyMTI5MDAwMDAwMDA2MTcwMzU0Mjg0NXZsZWExZGUyMDIzMTIyNTIzMjA0NDkxNjM3MTU2MTQxWDExNzY2M1YxMjI1MTMxMTA2TVN2aWV3b25laWRBRFlhWWZxZjJWSlhzQUhSSDR0a3RNTUdzUlM0VFJyQUgzSk1tb25laWRfX3N1aXRlX05ldG1peF9SZWFjaDExOF9FWFRSQVBVU0gxMTc2NjM
.blau.de/	1970-01-20 17:22:27	Name: nscQ486 Value: V
.blau.de/	1970-01-20 17:22:27	Name: webShopPV Value: ?partnerId=BLU_AFF_POV_EXA_35008&mediacode=AFF_la_117663_-HTLP&utm_term=AFF_la_117663_-HTLP&utm_content=BLU_AFF_POV_EXA_35008&spid=2023122523204491637156141X117663V1225131106MSviewoneidADYaYfqf2VJXsAHRH4tktMMGsRS4TRrAH3JMmoneid__suite_Netmix_Reach118_EXTRAPUSH&wfid=117663&affiliateId=v01MTQyMTExMzExMTExMTExMTEwMTQyMTI5MDAwMDAwMDA2MTcwMzU0Mjg0NXZsZWExZGUyMDIzMTIyNTIzMjA0NDkxNjM3MTU2MTQxWDExNzY2M1YxMjI1MTMxMTA2T
.o2online.de/	1970-01-20 17:22:27	Name: nscQ485 Value: V
.awin1.com/	1970-01-20 17:13:27	Name: awpv11746 Value: 412871\|1703542845\|d8eea8b0-a373-11ee-9488-2234841a3abe
.awin1.com/	1970-01-20 17:22:27	Name: awpv11420 Value: 412871\|1703542845\|d8eecfc0-a373-11ee-bd07-2236e1f32b64
.awin1.com/	1970-01-20 17:15:15	Name: awpv14702 Value: 412871\|1703542845\|d8efe131-a373-11ee-bd07-2236e1f32b64
.awin1.com/	1970-01-20 17:15:15	Name: awpv20044 Value: 412871\|1703542845\|d8f7a960-a373-11ee-a9f2-22382f104756
.awin1.com/	1969-12-31 23:59:59	Name: AWSESS Value: 415363:2904924
.o2online.de/	1970-01-20 17:22:27	Name: nscT485 Value: v01MTQyMTExMzExMTExMTExMTEwMTQyMTMwMDAwMDAwMDA2MTcwMzU0Mjg0NXZsZWExZGUyMDIzMTIyNTIzMjA0NTkxNjM3MTU2MjA3WDEyMDIxMVYxMjI2MTMyNzAyTVN2aWV3b25laWRZWDFIcmYxNXNwQnBIVkg5SGV0UXRSUjhjQVQxVDZtSHJvbmVpZF9fc3VpdGVfTmV0bWl4X1JlYWNoMTNfQmxhY2tGcmlkYXlQdXNoMTIwMjEx
.o2online.de/	1970-01-20 17:22:27	Name: webShopPV Value: ?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_120211_-HTLP&utm_term=AFF_la_120211_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=2023122523204591637156207X120211V1226132702MSviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&wfid=120211&affiliateId=v01MTQyMTExMzExMTExMTExMTEwMTQyMTMwMDAwMDAwMDA2MTcwMzU0Mjg0NXZsZWExZGUyMDIzMTIyNTIzMjA0NTkxNjM3MTU2MjA3WDEyMDIxMVYxMjI2MTMyNzAyT
.freenet-mobilfunk.de/	1970-01-20 17:22:27	Name: VPCommission Value: 41006061
.freenet-mobilfunk.de/	1970-01-20 17:22:27	Name: eventid Value: 11420_412871_1703542845_d8eecfc0-a373-11ee-bd07-2236e1f32b64
.freenet-mobilfunk.de/	1970-01-20 17:22:27	Name: subvpid Value: 412871
.freenet-mobilfunk.de/	1970-01-20 17:12:24	Name: __cf_bm Value: BujGdbbq52d0csnlJXotjamw1muwt.CP5YCz82vYeEM-1703542845-1-AVCso3lfxNDKS18BKfBAaRXv5tkqKoTA0OyBldXVXStNRCyTOgbtNYa8MjzwIKpLByYCNaENIoBjweXz13B7gDI=
.freenet-mobilfunk.de/	1969-12-31 23:59:59	Name: _cfuvid Value: kYWg5HQtTQqHkKCj5NDoLuHS1ji4QaBuBy9lTJd.uD8-1703542845263-0-604800000
www.eprimo.de/	1970-01-20 17:16:42	Name: upprPostView Value: {"hp":"8000001991","em_source":null,"emid":null,"puid":null,"pvid":"658a003db3766501af65afaf","lifetime":"2023-12-28 23:20:45"}

19 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'bluetooth'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
network	error	URL: https://id.rlcdn.com/466606.gif?cparams=google_push%3DAXcoOmTkMpW7hUQFfuwfuQDPVauG6eBAQdozc1aWWRPqkNYpBnmVAfSqDw1Nav1Qpx8_3x1Aei8r17OKohaXov_hOzt6kNIwkeX0jg&google_gid=CAESEAj4WjpU9VE7VyQVsHTwz3Y&google_cver=1 Message: Failed to load resource: the server responded with a status of 451 ()
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
network	error	URL: https://track.webgains.com/link.html?wglinkid=2370525&wgcampaignid=1384975&wgprogramid=265645&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1jrcs2h8en2ymb7s4fdx9jxdxwt8ka7q60mv481s1k4zxh55wj2s0szjyyy46z31at9x8r7dp8ffv3rkv4xk6zt1gcag15pw6kwxamc37fxa371e7htewzh026pqmvt5jcewd01zyqh4vwnmj5e26aedm8s0th96etfa7bwt43w15thw04sj5m4bgxwvd86tn84yrxq3vjn4fgnzrzqr0rws4rmhhe8jzcp5cnt1qsd7q4k77baxnwmqgvvegs8zevkg%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1g9k4gy9s8say8kxpkefqswk01wasxs1e549r8zd3v4ejnv013h2aaqdfagxspemjsjhcmwp0cm690nha7cv0gpa7cdyh9k69309sc5shw6axrj1fvzxj1twfczfmbdapeb82ms4gt0r3bvdx2e1ygsa6t0wwv1xnhj5qfcg3tcfdm1mbs8abq5nc1s2bnh9hcmms8wp3kax8mz5t3enqbffjgkw3jp44gbkd64qsj2bzgcx7a812ncgb1njj5cvbffv2kx9m1dfczz31v8m1vmr%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCjabNOwCKZaHiN4vE9u8Pr7eS4AOQ4YGEXLaoworwAsCNtwEQASAAYJWipIKwB4IBF2NhLXB1Yi00NzY2NjU2MDc1MzUyODI0yAEJqQIRY4ZOUXiyPqgDAcgDAqoEmQJP0GDVPx2-HIFJ4_DO5-AZ_Usvc1Ew0hF0ShpGECcspFxlQ6y-VX-86iEBa9ifQJ_bCcqFSwqY10bA9bzv_qgSUmSUZVwo1e1eA8kOzu1IgssZ_t5HtJYmmpZW8ZHNsXW4xWWv1o1bKb96jH-zNs0Z0H98ldBKn2DViwdPEeeZcOh8UFKp-aninbmIQ8EbRhsDrZ2mbnftNvWDgjFtvTDtRZsP9z4X2xtHhsQrdzUVX7F7MEUBck3jRbAy7fq5rthigWu4cvjq4OCg6YbiKcu6N6G7Ib8DgzwjAky94ehuO6FV2z8dKrK2to9PQAh95leMaVZhJAlukTxUh1BJ6Eo5UQUXE-6bP7FbaheVhlmgPxlxi8X0aeibnYAGx5G4oZi-xt9soAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WPvFyNDPq4MD-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_3Sv86g3e0VJzP1tbgCWTF9HmFMcg%252526client%25253Dca-pub-4766656075352824%252526adurl%25253D&clickref=oneidDjBS3fwfGA3rF3HmH9twCZ3kTxSmTYEXhZMAzoneid__suite_Netmix_Reach118_EXTRAPUSH&viewref=oneide7mt3fVfrkRMajHZHet1t4jXTwSQTK3gsJxrjoneid__suite_Netmix_Reach118_EXTRAPUSH Message: Failed to load resource: the server responded with a status of 429 ()
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
other	warning	URL: https://netzwerk.uppr.de/trck/epv/af4ff75e9ff0f691fd8dd53e639ddaad?subid=oneid13mUbfKf2Ama9HdH9tAt2zmS2SKTGRWHx7droneid__suite_Netmix_Reach118_EXTRAPUSH&gdpr_consent=&gdpr=0&gdpr_pd=0 Message: Origin trial controlled feature not enabled: 'attribution-reporting'.
other	error	URL: chrome-error://chromewebdata/ Message: Refused to display 'https://www.facebook.com/' in a frame because it set 'X-Frame-Options' to 'deny'.
other	error	URL: chrome-error://chromewebdata/ Message: Refused to display 'https://www.facebook.com/' in a frame because it set 'X-Frame-Options' to 'deny'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
ad.doubleclick.net
ad.turn.com
ad4m.at
ads.travelaudience.com
analytics.webgains.io
api.webgains.io
as.ad4m.at
assets.ad4m.at
banner.congstar.de
c1.adform.net
cdn.track.production.webgains.team
cm.g.doubleclick.net
cms.quantserve.com
connect.facebook.net
d.agkn.com
d5p.de17a.com
dclk-match.dotomi.com
dis.criteo.com
dsp.adfarm1.adition.com
e.dlx.addthis.com
gcm.ctnsnet.com
googleads.g.doubleclick.net
ht.uppr.de
id.rlcdn.com
lunardelli.com.br
netzwerk.uppr.de
onetag-sys.com
pagead2.googlesyndication.com
partner.blau.de
partner.o2online.de
pixel-sync.sitescout.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prod-rtb.ad4mat.net
pvx.freenet-mobilfunk.de
r.turn.com
region1.google-analytics.com
s.tribalfusion.com
scontent.xx.fbcdn.net
ssl.google-analytics.com
static-de.ad4mat.net
static.xx.fbcdn.net
sync-tm.everesttech.net
sync.teads.tv
t.adcell.com
tpc.googlesyndication.com
tr.blismedia.com
track.webgains.com
um.simpli.fi
www.awin1.com
www.conrad.de
www.eprimo.de
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.guenther.de
www.lead-alliance.net
www.morretes.com
www.paranaturismo.com.br
www.telefonica-partner.de
x.bidswitch.net
104.96.147.178
13.41.26.165
142.250.185.98
147.135.143.66
151.101.194.49
167.233.13.224
172.217.16.134
178.250.1.9
18.66.147.41
2.19.245.101
2001:4860:4802:32::36
2001:678:cb4:bbbb::11
213.155.156.184
216.172.172.182
216.172.172.184
2600:1901:0:76b9::
2606:4700:20::681a:71b
2606:4700:20::681a:bd1
2606:4700:4400::6812:20ce
2606:4700::6812:19ad
2606:4700::6813:afbe
2620:116:800d:21:93ca:31d8:d86e:38f6
2a00:1450:4001:809::2002
2a00:1450:4001:80f::2008
2a00:1450:4001:811::2002
2a00:1450:4001:811::200e
2a00:1450:4001:813::2004
2a00:1450:4001:81c::2001
2a00:1450:4001:827::2002
2a00:1450:4001:827::2003
2a00:1450:4001:829::2008
2a02:cb40:200::242
2a02:fa8:8806:16::1400
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
2a05:d018:d29:3605:a06f:dd4:a27d:1cd9
3.120.47.246
3.121.34.204
3.122.189.67
34.96.105.8
35.177.175.102
35.186.193.173
35.190.0.66
35.204.74.118
35.244.174.68
37.157.5.84
37.208.110.235
51.89.9.253
52.58.49.138
52.84.45.100
54.37.204.178
72.246.169.24
84.200.5.215
85.114.159.93
87.118.116.9
98.98.134.242
013c46bb69056b44df46c3a4d22b3b4ec4eb52aa2d8253019988ffe1494caf7f
04c69cf48f9e2462887a37b89e42a680920e9ce0ab40567f48456011bdeea090
0608f1a7ef6606a2cfffc069a4dbfac115530a028c34f41fdee74025a8e041ee
08b7d7697a3c3b2b66c759b425664fbd9560b82ab91d2efe0002f42e62c9cbcf
0a6ad9d619f093f06c0a4e8d9a3836f16945bcaf847951f26880315b9613c3aa
0a9eac4776689033af8f397069686c5e7b47408e5ad55a7a8192db21b2334464
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0db16c25165bfd35ea9114187f3e97d7084a33135cb56fe276f6cdd2ab675647
0ec98adf593ebcc01bec60b1f494dacd47522abfef9038a714101d83f45e165d
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
0f0034f1986c4db855d26a0851eb857ad97416a2c2935055e78408ea8c77942f
1031785b9e539d353b96ec9020e9c3d9512b824aa3765340655dc61d6cc5ca1b
1126261762db36bce53560ac36f5ede1954662d33a6d6eeb62d84b715070e7bc
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
13e64e2153618f475e94e0e85fa68c9ce910cfc9b24ca9d44fa546a7d2020a24
1511fef487a5a04cf2a5c0440b5b47b0d3453f99d93b3663f226e5d254a2c0ba
16ee41a73f4ff0d1318b2e9ae929b4d52d67b0affbe85759bab7e3f8d3a37f9f
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
1e704498fafbc8f5692e0f15cc6272b931af4cdd714b7d4128cd1b1fa3cb08ea
1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea
22bce8b282803549082d9ea32d67eb65850337da175c8d3311fedc72e743dcd5
27177fdd44784104db7b205bbb8d93235c59f28695cb17c2b191f0eed2da4b29
2b0c682ed62c86aec4d2d53dbd2dbd83112583ea5a8a6c9f2b1540c79c413301
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2eff7c710864ad360870c7a95e0636df7ce87018cc51dffadf6474d5ebf05677
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3331a0486cb3e8a75c8c2fdf02bf80fd8fe2b811dfe5c7b4aa892d38bfcf604a
335f5199689533613f48f8b9cdbdcf86ae2d804bb2848df70e2a8f4d599e0b5d
36142ead6301ab7e0b84555d13b5790a88ddf55deb49c5d9b42456ed73ff3198
3685448bbd11fc1068d9ca86f059db1227513f3a1a22769e030bae45a26d83bc
369570af203fe832b39be7ff64f94f07b6c97c928b733a9b9e6c8bcf1a98652c
38a15739f5075b8a11cd1833eed10a792e9e3fa591fce28baf61dcc3b1261b58
3a0fdff812f488e7a2c2e972b196a4170796865ce4cd68417036556d354e71fe
3dd5bb9fda081a3cb1bd6d513edb1a71746031bec07d8c646abe5813ba9dd4c4
40803f6727061b25fdffeca62b391f51e86f4656ec71f6748e70adb24e4ef2a7
40df2b78182e4ea8c29b45c73a0e7bef10dc5ab61798ce22238d039d2bd81b92
4271e6705e547783386a69793d5786ef8fc1eb66b30d161e0dfd256e0c3e6d27
4275ee4b58a39dcbd59ebeb2c806cb7afc45bde82e90daf14808b64702ad40b7
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
45c4007ca6faec5ddbf00e52addca2b95a4f3f416bd00ee25e812106a033ac13
4803fb9ad425e3d59451441ac6a7c901a4392f78f7732f07aa2a5292503460bb
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48c851642ddc61a2093c2445e17251c1b7465d979185267312ddc5b496828813
48ec683dddd9075b02220a4d04658adeccf2dd597735da6ea45fe8f705bb195f
4bce18de486fea257a1a5c9d5477070cec0ca1dff3438e5784161e8a8756da44
4bf4306b975e62e5592688a77a20e6f3aca7093a1d2ee1fb98419364d4551a35
4d458a5a8a0a9f0d5b5ac8020f47e4ede140c76b6237318b86a5c3afa38c9ab0
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
5011a13ddf5492c03cb7fd578a70b42bd1d1c4e97ccd7e368d2eb88830dea6a5
51dbbb8450743f032cb84e6ada90083b1dc4d522c2bc9066404589d2ed060963
525c8f2e357138e8023782262fede9e2b209c7617b47ea5f1e40ca04149e6dc3
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
53e990582c9b32e52918c72827d607ce206fc2873564aa365fdf94cd30272f59
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
5a4c74c8eee3163f81a733380cdb05df020139e50688b0dd517927cd7d82a2a0
5b86805f831122ecf6aae626f086d66104be22391e87e6e945604f47eb7043c4
5bcb3ba5be62072a5be691a6cb4625b83ab20458f7543e78575c665ce64743c5
5c8aaf3a0a4a9840eef8109904bf9d8ca3cf0933567fc63c82f239b7bd344ce3
5da802c2567b1b6fcf1090c4c9a4d2c98a286dd5d920d66d8c9d613f5b2e1273
5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393
60bf02832688d14251ec1c7b8acfda233a91f927f26c7202bdaba781a1f0fcdf
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63a67a320a8fbc668f495c3fc1e78db9fd8c3c8f595671f8dfd1cd77d7e9301c
6975b673f98d3ced26d0eb3e2d78dfaa83261523848c30dbbb9f4c029e7711d9
698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340
69d7a9133915438ca54c3468164317ebc64053cc56967fe31450a1ec0d49e22a
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d71589839a8c599416df8aebc6c0f34d4d6e96a960731676b1e5cd5eef54fe5
6e84b3f862047e1abcc9290804c5ddc1233152d1845cc3614089488ed43c46f8
6ee9c205bf2ed52c669542e70759c40f4561ac954cc57744c8affb001c926731
7516fcd05d5305d8d6b04e05a3fcd0ba71fdafd81705506f1d32e075368c76e5
7b00b9f7b7b1b0d4cd4b4ac5262e90332f971fe5382eb49718d708cca735f876
7daf290075a4fc5aea68556794046460d7fb7199a0cbd6294985e7ba9958aedf
7df956c080a1bb3ed36decdc5b978505ddf07aa8d4b1b69e6ded3a9773464a2b
80e7bfe2aaa1b8be1ff5792cf190eb4b9e7d922240eea9ccc0a835b2bbde9f56
80f50929d3405fe521ed603dc6bb8fae7967b1cc0c527d07f9e1f32cd1e54d35
818622d24a92ba8d417ef1b1ff7af8bdbbea713e8e087a82b3c54bfbc0b9ec5a
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
873e5c46cc8ce0b17fbe1f11dd95e9f15dbfa715e3e407d97f31611b5a460d8d
892120081d57b57e65135252098e9a191e079faec4911c84c35105752c452018
8a8378ab2cb9d5bce538edb753fdc25e811425a8041a3367e0fa4058a1e9f0d1
8a886ce41e35ae9e520e5eb4b8ffa5e9d5c9ca293b55b752a0abeb501d358ae1
8be82f349b2994d7f0ed7fcba5e50ffb8a960f135e513b34730af4578cab9883
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
8dc0b8445f80ad134748d7c83953db4326302247a34ba6fa2239b61836930842
901889c458f2dd6323427db8a8e78a01707febfadc4ccd89a4b56babeb32e076
964c7e045b37a35d13a756fc8cb33f07083738d1487b637e6af39681b232f17e
96e3e8dfde6b1042514824bac1b44282d4a76bac028f2d767f6534dce2cf3db0
97a50c9b9fb154247d4c352962cc858d75f1fa11dedcf66d529a7d2e711fc7e5
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9bd1da0ecd127172512f7f9f400bdc4d2f9d4a0a1a1cc9f75504800dabe8af69
9e57fedb96b3686621bccd5521f43a2037a823c74f062176952890b179b3955b
a02263cf75c29f80fdb1b381769cd5ba8d13287b4c370eacb3bbd6df56a92912
a07e75d0df05fe29a0dc5f66f44336dac210789b6d94593f2f6e20b62e7e3119
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a20d59029cf9c302bc7fc23dc3408ce96663b5bac00e8268cd674cf570daac1a
a563273d0f82d894386af17aae8124f2e3131c9bae528eb62d7e287099b70451
aed3473e577a706218a9c27127f5d4035ccbd089f3d43e9572fd0340b8e45d7f
b1d5b7211274e16d866cfb3b9bbeba89585e26a7ca57e91646458f2b46cb7d23
b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d
b3222bfa95a46c6088aadf2d56df60205dc04d967114a8d3c0e530152bff291a
b5cbed9147f88e081848cdd63a0791004ad19c85d075033508db726df783c558
b7a8490d7353f4d29b7a7c0e0da1a610d1067d0bfdbb8d88df5764651b9d25fe
b982c40a025ecf28347040b2cc9a3898e5952332ea57a5166e6ef5aa10a7d28b
bb796889b2c08693d1a283f7c208442a11644a46885f7da8267a5b5914c601aa
bc9c387b513b4d43675910f780fa03e92b9a4b58432b402a8f0a801a0d5ae855
bd84945ae46421dae7c54e1dc8e9a92afcacfdb98d4b52ebf61af33cc7d08117
bdac3fe6194360ac819c83f48b5118d17fdbbe71a3797c169c64e729a8ae610e
bfe58c3e4f67928f320950cb05524dc012abf7ab1096958560101be80f83d447
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e
c39408b9255f4c4be57cb6d822e7994c2fae31b8e1a1a6e9dabb48f8dd3cc1c5
c50cef0534fcc9f901046ad6c0dffe00209ffbe4319e019fb960a262a6b2ec71
c7f7f5265aeb0202ce88e8a6dfcc0ca25a7b990bb9ffac2f9e430ae6af2b6154
c93dd298a227decbcbc5fcc458c787f081db10425e322950458c08e0656384d7
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
ca15ac1540010cea7015b4e4ec35c33cd999430f4bd5221b94e66d319456b2b0
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
cc2a604a1e6f73444e8db5d749a64c62899943e68ad07feeee39050b4fdb32cb
d0cc8e6e560302f24effeb93af3eecbbd3c742d79f19c2040385019af6181766
d1bc48e39fbd54b0a86d5e4cf9a621112af952765139dba9830476bfcb6e8bc0
d1c433f144b329fe4a7753ef91a8fe4d5eb7f712d50a02cf13f6ac581834d458
d1e1d00090b8cfaf4291f7ec7d5e3e80a121a0f1044f005c005c92b1b082295c
d276da068fea1049fbb29d0aaeda5b9fa8a38e50b3f55741ffe2899cd52e6d5d
d41dc07aed30cb54de661289691254b1288a52bcf4d121cec3acb89d4aa872a8
d6caec999115371173469acb87b2ab1e2ac3648a637d0d1be0e3d0ff160d7ada
d714f5906b6828c8e3906cca2da6502f21660da54a9caabd2db962097fd8c863
d9d687403a888b690e8483af6169d3de1f0f052396edf8fc25078eae056e6180
dc8f52748be03eba628aaa299cae6942612babbc3f1431fff5c942fc54994ba3
dd9bfe5f04d4e393463f42b4f503763c36693306dffef16d481e0c071b61ae64
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789
e245e083dcdc9766e07d8c0da497ffc3ced808600efd24ebc1bfbe7f00cc14d1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e5d3874bc803b5302f3737e59f0021953e4a5adc15ca6ef907d72ea86ee856bc
e688c863b85a28f75e5c1c7f21092f1f419649e10496f9f1fc36826112bbd348
e81e6b638202bbdf9e2ebe46b4137db06f58c43baa9f35b3e79d98108001a212
edf1f567fd0e29d5899e287541a1623601c1b33cea621dbe80eaefbbaea28ff1
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0af772600a5770df9757387880838651b0e4c0eea2143b9590755e220afe6ff
f121a336589baa8e4e36ff8e08c70847b57ad8545b693a2e4e96a0fbda38e42a
f4c282fcfe37bf397e4297f60cf042d9c9be096ae9f2a43912f0a5c1737b1f60
f870c3856088f9f9668dca6d09dab0de15c03f7f63d8370130f13a773668c556
f95d8fd393736dd3b834bcf9029b54360978a72fc64c3508eb589fd9a9d5fbb3
fbc6bed540723f219a878e5735ae8cb1c05aa9f7012bf21870cd79e41af25bcd
fdeda5139b578ff42ce7ab3bff380649bea7d1c92bc949871c74b6bbe1ed5a52

www.paranaturismo.com.br Open in urlscan Pro 216.172.172.182 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

286 Requests

87 %HTTPS

42 %IPv6

52 Domains

65 Subdomains

43 IPs

10 Countries

2862 kBTransfer

7848 kBSize

71 Cookies

7 Outgoing links

Page URL History

Redirected requests

286 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.paranaturismo.com.br Open in urlscan Pro
216.172.172.182 Public Scan

Screenshot
Live screenshot

Full Image

286
Requests

87 %
HTTPS

42 %
IPv6

52
Domains

65
Subdomains

43
IPs

10
Countries

2862 kB
Transfer

7848 kB
Size

71
Cookies

286 HTTP transactions
7 data transactions